Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/drk8xJSZ2x_BWN6_XLw2acskIfE.roa
File: drk8xJSZ2x_BWN6_XLw2acskIfE.roa (raw, json)
Hash identifier: QusEi4+21me2Oz7D+hM7fHXa9x40kucwcHMV3C7Eqj4=
Subject key identifier: 76:B9:3C:C4:94:99:DB:1F:C1:58:DE:BF:5C:BC:36:69:CB:24:21:F1
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01900847B0DD669E555F9A3FDE8BDEAC4A34
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/drk8xJSZ2x_BWN6_XLw2acskIfE.roa
Signing time: Tue 11 Jun 2024 17:10:34 +0000
ROA not before: Tue 11 Jun 2024 17:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 11 Jun 2024 18:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:08:47:b0:dd:66:9e:55:5f:9a:3f:de:8b:de:ac:4a:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 11 17:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76b93cc49499db1fc158debf5cbc3669cb2421f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:98:01:84:47:0b:27:bf:9c:1f:a0:d4:1f:69:
5f:ba:64:eb:99:d9:8c:9e:e3:e7:8d:c4:d8:84:a0:
02:e2:b5:de:5e:f4:df:59:b2:5e:35:e7:f7:3d:0f:
6d:9b:28:fc:a4:37:c4:bc:56:91:ca:64:50:b1:1a:
30:35:68:a0:45:f2:fc:a2:e5:41:41:6c:c4:ec:55:
d4:27:35:31:9a:54:0b:6d:68:ab:84:1e:b8:85:97:
5c:6f:33:6a:70:cd:75:db:ba:3a:39:0b:43:7a:03:
34:88:fc:05:26:47:f9:d4:02:0c:4a:df:e3:d0:e0:
14:99:81:83:1e:eb:93:0e:03:a3:42:56:1a:56:ac:
79:f1:4f:35:86:32:17:5d:51:b0:ed:2d:a7:bc:51:
e9:38:92:f0:dd:52:c4:c2:0e:e1:71:21:0c:bf:2d:
f5:20:05:f5:37:d2:3e:d4:ff:38:4c:f4:c3:9e:90:
85:ff:1d:93:82:57:c8:c3:89:1d:5c:a7:db:da:17:
03:e4:47:ce:3c:ed:ee:7a:75:8f:e3:02:d6:c9:2d:
ba:31:d3:46:46:d1:fd:d3:49:8a:92:46:3d:47:80:
e1:d6:c5:86:89:30:5c:96:b0:66:64:02:f8:c9:ac:
2d:55:e5:10:70:7f:6e:76:1f:ad:26:5e:77:9e:5b:
c2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B9:3C:C4:94:99:DB:1F:C1:58:DE:BF:5C:BC:36:69:CB:24:21:F1
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/drk8xJSZ2x_BWN6_XLw2acskIfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:0b:3d:71:3b:79:c6:e0:e0:f7:e1:16:1a:55:33:57:27:6b:
a1:3c:98:04:18:08:8c:28:15:49:2f:57:79:95:72:83:8b:3a:
f1:ca:52:5b:4a:ff:95:e4:06:87:01:73:7b:64:82:9a:fa:4c:
d6:69:83:46:9c:29:a3:8b:0e:cb:6e:bc:27:8b:9e:4a:7a:81:
13:df:2b:82:98:8c:05:0d:0d:4d:10:0b:76:2b:9c:5f:fd:12:
72:1b:c2:6b:1f:a8:a4:6e:4e:2d:6e:2e:e5:34:d0:a0:e4:b4:
38:eb:03:20:cc:3c:7d:cf:fa:0a:74:aa:13:95:cb:72:11:43:
1d:a6:53:71:63:b1:31:1a:5a:40:89:03:05:75:54:03:5b:d3:
90:13:d6:b5:e7:d0:ce:56:f4:3f:06:b3:84:1d:0f:46:96:3b:
c4:20:30:99:d1:05:ae:4c:97:3c:39:be:ab:de:5d:fa:12:2e:
0f:a5:8c:ff:84:d4:56:60:df:2f:d2:05:c4:38:2d:aa:a9:dd:
a5:33:a1:f8:6c:ef:e2:79:fe:96:d2:9c:ab:f0:fe:e0:d1:88:
01:d1:54:e2:af:f7:72:56:6e:9d:50:49:eb:09:8b:53:91:61:
a2:e8:63:bb:f0:a7:ed:c4:f4:c0:bc:fc:ce:f4:54:0d:bc:a9:
ea:2c:9d:c9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAIR7DdZp5VX5o/3overEo0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjExMTcxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmI5M2NjNDk0OTlkYjFmYzE1OGRlYmY1Y2JjMzY2OWNiMjQyMWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25gBhEcLJ7+cH6DUH2lfumTrmdmM
nuPnjcTYhKAC4rXeXvTfWbJeNef3PQ9tmyj8pDfEvFaRymRQsRowNWigRfL8ouVB
QWzE7FXUJzUxmlQLbWirhB64hZdcbzNqcM1127o6OQtDegM0iPwFJkf51AIMSt/j
0OAUmYGDHuuTDgOjQlYaVqx58U81hjIXXVGw7S2nvFHpOJLw3VLEwg7hcSEMvy31
IAX1N9I+1P84TPTDnpCF/x2TglfIw4kdXKfb2hcD5EfOPO3uenWP4wLWyS26MdNG
RtH900mKkkY9R4Dh1sWGiTBclrBmZAL4yawtVeUQcH9udh+tJl53nlvCPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHa5PMSUmdsfwVjev1y8NmnLJCHxMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZHJrOHhKU1oyeF9CV042X1hMdzJhY3NrSWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIwLPXE7ecbg4PfhFhpV
M1cna6E8mAQYCIwoFUkvV3mVcoOLOvHKUltK/5XkBocBc3tkgpr6TNZpg0acKaOL
DstuvCeLnkp6gRPfK4KYjAUNDU0QC3YrnF/9EnIbwmsfqKRuTi1uLuU00KDktDjr
AyDMPH3P+gp0qhOVy3IRQx2mU3FjsTEaWkCJAwV1VANb05AT1rXn0M5W9D8Gs4Qd
D0aWO8QgMJnRBa5Mlzw5vqveXfoSLg+ljP+E1FZg3y/SBcQ4Laqp3aUzofhs7+J5
/pbSnKvw/uDRiAHRVOKv93JWbp1QSesJi1ORYaLoY7vwp+3E9MC8/M70VA28qeos
nck=
-----END CERTIFICATE-----
Generated at Tue Jun 11 20:46:52 2024 by rpki-client on console-fra.rpki-client.org