Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ekvp0mgumZYAFL5NfOnaJ_4pHkE.roa
File: ekvp0mgumZYAFL5NfOnaJ_4pHkE.roa (raw, json)
Hash identifier: WRmwtEv6QDCES3xGtbn/XNfC30UFtFhP98B4pQ/9+O4=
Subject key identifier: 7A:4B:E9:D2:68:2E:99:96:00:14:BE:4D:7C:E9:DA:27:FE:29:1E:41
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FBF8AE824CADDF5557141E004A84DB573
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ekvp0mgumZYAFL5NfOnaJ_4pHkE.roa
Signing time: Tue 28 May 2024 14:11:42 +0000
ROA not before: Tue 28 May 2024 14:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 May 2024 15:05:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bf:8a:e8:24:ca:dd:f5:55:71:41:e0:04:a8:4d:b5:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 28 14:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a4be9d2682e99960014be4d7ce9da27fe291e41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e8:76:ae:f3:c6:a8:bc:6f:d9:f8:d5:2b:02:
0c:22:6c:3e:70:82:cc:12:29:e8:e7:eb:3f:76:8a:
38:c8:a2:b2:fe:88:e3:f3:6b:7b:d3:b2:6b:6e:b8:
27:1d:5d:09:45:3d:d5:f1:df:d7:3b:a6:a9:8e:eb:
cf:3f:9a:ea:66:35:e6:36:89:3d:47:86:d8:7f:8a:
c7:12:54:e5:f1:10:b7:63:d6:86:8d:72:98:8c:a8:
fc:87:cb:bc:ce:ef:b8:ba:1f:2d:ec:29:49:5c:c5:
6b:29:7a:5c:4d:96:5f:a7:95:fa:8a:2b:d9:90:3c:
ac:af:fe:1b:93:8d:68:61:f6:dc:d8:36:e0:72:d0:
11:90:0e:7d:3e:f5:b2:4a:5e:e3:b1:31:db:f7:20:
f2:96:59:87:08:40:98:0c:06:4d:ba:31:c8:ab:05:
0a:6a:09:87:95:dc:a7:a3:67:24:38:ca:50:a9:25:
0b:48:57:24:4a:18:a3:a2:79:26:08:97:41:4b:29:
37:54:5a:40:d6:a6:73:6a:98:a9:7c:70:ae:ab:12:
ee:0a:1e:9a:2e:d8:cc:d8:61:d0:f3:b4:8d:3f:df:
77:ca:f4:7f:55:5a:79:5b:fb:15:5d:1e:08:3a:55:
99:49:8e:ba:3a:bd:95:8d:d1:22:98:21:51:44:98:
09:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:4B:E9:D2:68:2E:99:96:00:14:BE:4D:7C:E9:DA:27:FE:29:1E:41
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ekvp0mgumZYAFL5NfOnaJ_4pHkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:a3:e1:45:c4:2d:d6:49:c0:f0:20:4d:f2:b5:54:08:54:ce:
ea:2a:2a:fa:81:17:be:52:b9:2b:8e:77:75:67:f0:86:81:f9:
3a:2d:1a:cb:84:54:e0:58:44:2f:e9:8b:93:f7:d3:2e:9b:87:
62:b2:51:e6:d6:c8:81:a5:5a:6c:51:bf:fc:79:6d:7c:f9:c7:
40:ca:04:c7:5f:f4:cc:a4:1c:15:17:b4:d7:c4:2d:71:c4:38:
f7:3f:34:ac:b4:2f:b7:fa:05:a2:77:d5:20:99:18:97:fd:31:
05:24:51:32:69:4a:6b:7a:85:b5:8d:ab:ea:9a:c6:a0:c5:a0:
c6:cd:0c:7b:ff:70:ef:d0:af:08:71:23:49:ae:0b:cf:c4:28:
15:f5:4d:aa:35:1d:c0:f9:22:ef:a8:d1:b7:55:c4:8f:d4:88:
3e:22:e9:ad:c4:72:25:7e:6e:c6:4c:72:5f:20:ff:5d:63:7e:
c0:30:b4:f0:1c:41:7a:4d:6d:10:15:cc:cb:29:ae:39:5e:df:
25:8d:1f:e2:5e:2d:5a:8a:a9:4e:85:20:d2:4d:7f:0d:ba:f1:
7e:14:a1:c0:c6:c2:17:be:66:1b:75:d9:ec:20:86:c0:dd:19:
67:27:88:9a:da:b4:58:b6:df:05:eb:ea:98:ed:de:00:19:aa:
5a:e1:d0:11
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+/iugkyt31VXFB4ASoTbVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI4MTQxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTRiZTlkMjY4MmU5OTk2MDAxNGJlNGQ3Y2U5ZGEyN2ZlMjkxZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveh2rvPGqLxv2fjVKwIMImw+cILM
Eino5+s/doo4yKKy/ojj82t707JrbrgnHV0JRT3V8d/XO6apjuvPP5rqZjXmNok9
R4bYf4rHElTl8RC3Y9aGjXKYjKj8h8u8zu+4uh8t7ClJXMVrKXpcTZZfp5X6iivZ
kDysr/4bk41oYfbc2DbgctARkA59PvWySl7jsTHb9yDyllmHCECYDAZNujHIqwUK
agmHldyno2ckOMpQqSULSFckShijonkmCJdBSyk3VFpA1qZzapipfHCuqxLuCh6a
LtjM2GHQ87SNP993yvR/VVp5W/sVXR4IOlWZSY66Or2VjdEimCFRRJgJOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHpL6dJoLpmWABS+TXzp2if+KR5BMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZWt2cDBtZ3VtWllBRkw1TmZPbmFKXzRwSGtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFej4UXELdZJwPAgTfK1
VAhUzuoqKvqBF75SuSuOd3Vn8IaB+TotGsuEVOBYRC/pi5P30y6bh2KyUebWyIGl
WmxRv/x5bXz5x0DKBMdf9MykHBUXtNfELXHEOPc/NKy0L7f6BaJ31SCZGJf9MQUk
UTJpSmt6hbWNq+qaxqDFoMbNDHv/cO/QrwhxI0muC8/EKBX1Tao1HcD5Iu+o0bdV
xI/UiD4i6a3EciV+bsZMcl8g/11jfsAwtPAcQXpNbRAVzMsprjle3yWNH+JeLVqK
qU6FINJNfw268X4UocDGwhe+Zht12ewghsDdGWcniJratFi23wXr6pjt3gAZqlrh
0BE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:15 2024 by rpki-client on console-ams.rpki-client.org