Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/eI0rG1n62A1aO1k9erNPjO67HM4.roa
File: eI0rG1n62A1aO1k9erNPjO67HM4.roa (raw, json)
Hash identifier: KmTXVfzC/n2HSyg4i+/Gh5AeMmzWJdtvRd6ZYAhaFXU=
Subject key identifier: 78:8D:2B:1B:59:FA:D8:0D:5A:3B:59:3D:7A:B3:4F:8C:EE:BB:1C:CE
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01903F6D202C70B2500E2299143C8329EDA6
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/eI0rG1n62A1aO1k9erNPjO67HM4.roa
Signing time: Sat 22 Jun 2024 10:10:34 +0000
ROA not before: Sat 22 Jun 2024 10:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 22 Jun 2024 11:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3f:6d:20:2c:70:b2:50:0e:22:99:14:3c:83:29:ed:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 22 10:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=788d2b1b59fad80d5a3b593d7ab34f8ceebb1cce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:cf:36:a6:89:f1:6f:3f:a0:c3:aa:31:a7:6d:
4a:25:7a:4e:43:8b:49:31:05:4e:f1:c1:0f:32:7e:
37:cd:e8:8e:16:11:3d:f5:90:9f:9b:07:ca:0c:be:
38:76:af:49:33:d5:84:33:3c:a5:f5:d1:f7:3f:5c:
18:70:9c:c3:03:25:20:0b:65:40:6a:61:c2:0e:b3:
90:64:5e:25:83:94:30:80:e7:3d:63:d5:52:2c:f0:
d5:9c:2c:49:ec:26:fc:89:82:ea:a4:25:d1:5d:c3:
dc:53:48:74:b7:df:45:23:a4:ae:f4:2f:15:a0:b2:
31:62:bc:95:b5:e2:e1:4a:e0:44:b7:c5:8f:01:50:
d0:4c:97:df:72:c7:08:9b:10:3a:a4:8a:f2:0e:b7:
8d:0d:e9:86:fc:21:de:cd:41:0a:35:57:33:25:83:
a1:18:f0:50:fe:fc:04:51:99:f5:fe:63:7a:56:44:
5b:b0:0c:02:b0:33:12:b7:e3:f8:e5:03:83:78:a3:
77:e8:ca:33:5d:c7:cd:76:54:dc:80:d7:1e:8d:98:
94:14:b7:33:b4:e4:b9:a3:6a:e1:7a:24:7e:b0:81:
dc:9a:57:8f:ed:e3:35:e9:da:9e:c7:b1:c0:e0:cb:
50:2c:af:a9:72:88:0f:1e:01:eb:4a:2f:9d:82:3f:
32:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:8D:2B:1B:59:FA:D8:0D:5A:3B:59:3D:7A:B3:4F:8C:EE:BB:1C:CE
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/eI0rG1n62A1aO1k9erNPjO67HM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:2b:f3:81:84:aa:6e:f4:32:2a:67:29:15:f5:42:95:1f:bd:
07:a9:53:e5:c1:08:24:5d:01:df:40:72:f8:ce:f0:e6:77:37:
d4:93:c0:7d:0e:55:28:7c:e8:0d:6b:af:26:5d:2e:90:c1:a2:
05:9d:6a:c5:19:3a:38:3e:9a:22:f6:96:9e:33:2c:b9:c5:e4:
55:2c:b7:10:a8:55:41:d5:c5:65:b1:8e:4f:84:b9:df:5e:cf:
f7:85:33:bb:0b:39:f1:58:88:97:77:97:b1:34:93:cf:0b:df:
94:e9:b1:c7:72:b1:30:af:09:67:54:1c:11:44:ba:57:5f:cd:
f6:35:2f:d4:c6:6c:ca:1f:4e:5f:36:1b:6c:68:89:ae:0a:cd:
52:66:76:4f:b8:15:ad:99:84:eb:d5:9e:90:33:fd:52:f2:f3:
9c:c9:e4:dd:bc:ba:84:06:b3:41:81:42:c9:0c:6b:8d:94:d3:
75:f9:59:b1:19:e3:11:a8:74:7a:74:8c:66:73:57:e7:56:1e:
54:be:04:7c:a8:f5:04:b1:a2:13:02:a4:5e:d2:db:d3:c5:a0:
65:74:0f:61:e6:4f:38:bd:7e:1f:49:c4:cd:08:23:fb:73:4d:
bf:da:34:6e:5d:1b:92:45:7c:06:c8:c1:a8:49:1f:9e:ab:4e:
e0:af:9e:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZA/bSAscLJQDiKZFDyDKe2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIyMTAxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODhkMmIxYjU5ZmFkODBkNWEzYjU5M2Q3YWIzNGY4Y2VlYmIxY2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkc82ponxbz+gw6oxp21KJXpOQ4tJ
MQVO8cEPMn43zeiOFhE99ZCfmwfKDL44dq9JM9WEMzyl9dH3P1wYcJzDAyUgC2VA
amHCDrOQZF4lg5QwgOc9Y9VSLPDVnCxJ7Cb8iYLqpCXRXcPcU0h0t99FI6Su9C8V
oLIxYryVteLhSuBEt8WPAVDQTJffcscImxA6pIryDreNDemG/CHezUEKNVczJYOh
GPBQ/vwEUZn1/mN6VkRbsAwCsDMSt+P45QODeKN36MozXcfNdlTcgNcejZiUFLcz
tOS5o2rheiR+sIHcmleP7eM16dqex7HA4MtQLK+pcogPHgHrSi+dgj8yNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHiNKxtZ+tgNWjtZPXqzT4zuuxzOMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZUkwckcxbjYyQTFhTzFrOWVyTlBqTzY3SE00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIYr84GEqm70MipnKRX1
QpUfvQepU+XBCCRdAd9AcvjO8OZ3N9STwH0OVSh86A1rryZdLpDBogWdasUZOjg+
miL2lp4zLLnF5FUstxCoVUHVxWWxjk+Eud9ez/eFM7sLOfFYiJd3l7E0k88L35Tp
scdysTCvCWdUHBFEuldfzfY1L9TGbMofTl82G2xoia4KzVJmdk+4Fa2ZhOvVnpAz
/VLy85zJ5N28uoQGs0GBQskMa42U03X5WbEZ4xGodHp0jGZzV+dWHlS+BHyo9QSx
ohMCpF7S29PFoGV0D2HmTzi9fh9JxM0II/tzTb/aNG5dG5JFfAbIwahJH56rTuCv
ngE=
-----END CERTIFICATE-----
Generated at Sat Jun 22 11:55:18 2024 by rpki-client on console-fra.rpki-client.org