Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dT-mexqk03PwFtgH9lD_PafGEFY.roa
File: dT-mexqk03PwFtgH9lD_PafGEFY.roa (raw, json)
Hash identifier: GxYe7Q7EhiXwpuDfhpZdTUh7vHtfvEmsUs7NdasJMpo=
Subject key identifier: 75:3F:A6:7B:1A:A4:D3:73:F0:16:D8:07:F6:50:FF:3D:A7:C6:10:56
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01905A02E8E23538D46070F9C85E65AF43A5
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dT-mexqk03PwFtgH9lD_PafGEFY.roa
Signing time: Thu 27 Jun 2024 14:04:18 +0000
ROA not before: Thu 27 Jun 2024 14:04:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:5a02:e074/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 27 Jun 2024 14:08:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5a:02:e8:e2:35:38:d4:60:70:f9:c8:5e:65:af:43:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 27 14:04:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=753fa67b1aa4d373f016d807f650ff3da7c61056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:25:ed:ba:09:fd:39:f6:f8:d0:50:e2:1a:e8:
58:98:e7:2a:df:fe:d3:61:64:3c:7f:de:d0:67:c3:
ca:11:5e:be:64:8b:11:17:d5:35:e5:e6:f0:32:07:
eb:2d:c5:d2:7c:f6:51:55:28:7e:43:2e:84:67:75:
19:d1:97:fd:62:a3:b8:c4:ad:f9:37:bc:cc:0c:7f:
89:63:71:35:e7:ac:fd:61:d5:3d:a9:38:11:c8:e3:
17:1a:cb:f2:31:67:c0:d2:f1:ab:60:c8:0f:2e:67:
c5:6b:ed:f5:84:34:b8:7d:64:f3:cf:47:10:ba:c3:
5b:91:b7:03:a4:b2:ad:8c:47:58:de:4d:b2:71:98:
55:32:50:61:1c:f0:de:f1:54:51:84:22:c6:29:6f:
ee:85:dc:06:b0:ae:69:5e:43:77:4e:07:93:9c:73:
b7:9e:42:4e:db:dd:5e:8c:82:0a:a3:c6:b3:fd:54:
6c:10:3b:10:d0:83:f1:ef:ab:61:d2:51:ac:43:12:
52:1f:d9:31:6c:08:5a:9b:10:40:7b:39:71:de:14:
f2:2e:f9:1a:2d:d5:7f:2d:57:84:fb:15:f8:56:99:
ca:0b:4c:4a:4d:d5:d2:e2:09:c8:5a:eb:0f:0d:98:
85:30:2a:c6:39:fc:86:6c:73:db:25:bb:87:2f:ae:
48:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:3F:A6:7B:1A:A4:D3:73:F0:16:D8:07:F6:50:FF:3D:A7:C6:10:56
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dT-mexqk03PwFtgH9lD_PafGEFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
80:1d:f8:43:c1:8c:1b:5c:58:9d:5b:00:3d:b3:f4:fc:ae:a2:
27:81:40:39:9a:f3:cc:15:8f:52:51:95:24:bf:57:32:45:24:
43:51:5b:c0:80:e0:5d:8e:a9:d8:d8:ea:a8:6b:55:11:35:50:
3a:e0:1c:7c:fa:2d:86:94:b8:a4:dc:a6:05:c8:67:f1:7f:32:
29:c9:24:92:06:8b:39:ee:0d:f6:03:6b:a6:dd:7a:14:fc:20:
aa:82:d1:41:0b:10:9c:00:f1:c1:cc:d4:52:a1:e2:d8:01:71:
39:0d:20:20:f4:82:fb:5c:18:35:a6:eb:25:e4:7b:75:ea:74:
f5:38:cb:3b:42:98:ed:5d:85:dc:76:23:17:9b:48:24:c1:cb:
8e:25:fe:7d:f0:0c:82:da:ab:ec:06:b3:94:5a:bd:f0:bb:79:
12:1b:1e:98:ac:48:c5:96:d6:54:5f:4b:7c:ba:f2:fc:41:f4:
8e:e8:c9:4e:21:0f:fa:ea:94:2d:a1:17:df:d8:96:87:cb:cf:
72:c8:c8:d9:e6:54:f5:2f:dc:7e:9a:86:a3:92:79:bd:bc:7d:
87:2a:52:00:c1:11:8c:ef:55:8c:36:5f:99:2e:9e:c4:b0:84:
9c:bb:8f:85:28:1b:8a:5f:1e:a2:a4:8c:7c:05:ff:29:a0:31:
79:45:d8:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBaAujiNTjUYHD5yF5lr0OlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjI3MTQwNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTNmYTY3YjFhYTRkMzczZjAxNmQ4MDdmNjUwZmYzZGE3YzYxMDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SXtugn9Ofb40FDiGuhYmOcq3/7T
YWQ8f97QZ8PKEV6+ZIsRF9U15ebwMgfrLcXSfPZRVSh+Qy6EZ3UZ0Zf9YqO4xK35
N7zMDH+JY3E156z9YdU9qTgRyOMXGsvyMWfA0vGrYMgPLmfFa+31hDS4fWTzz0cQ
usNbkbcDpLKtjEdY3k2ycZhVMlBhHPDe8VRRhCLGKW/uhdwGsK5pXkN3TgeTnHO3
nkJO291ejIIKo8az/VRsEDsQ0IPx76th0lGsQxJSH9kxbAhamxBAezlx3hTyLvka
LdV/LVeE+xX4VpnKC0xKTdXS4gnIWusPDZiFMCrGOfyGbHPbJbuHL65IqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHU/pnsapNNz8BbYB/ZQ/z2nxhBWMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZFQtbWV4cWswM1B3RnRnSDlsRF9QYWZHRUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIAd+EPBjBtcWJ1bAD2z
9PyuoieBQDma88wVj1JRlSS/VzJFJENRW8CA4F2OqdjY6qhrVRE1UDrgHHz6LYaU
uKTcpgXIZ/F/MinJJJIGiznuDfYDa6bdehT8IKqC0UELEJwA8cHM1FKh4tgBcTkN
ICD0gvtcGDWm6yXke3XqdPU4yztCmO1dhdx2IxebSCTBy44l/n3wDILaq+wGs5Ra
vfC7eRIbHpisSMWW1lRfS3y68vxB9I7oyU4hD/rqlC2hF9/YlofLz3LIyNnmVPUv
3H6ahqOSeb28fYcqUgDBEYzvVYw2X5kunsSwhJy7j4UoG4pfHqKkjHwF/ymgMXlF
2GQ=
-----END CERTIFICATE-----
Generated at Thu Jun 27 20:47:29 2024 by rpki-client on console-fra.rpki-client.org