Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hCo2p1d3G3jLJfrIcjRyX2gK5SQ.roa
File: hCo2p1d3G3jLJfrIcjRyX2gK5SQ.roa (raw, json)
Hash identifier: WI2rq0ZMLsc8hTlN0MHKeMFXQVvytdTpvOYMGCEC198=
Subject key identifier: 84:2A:36:A7:57:77:1B:78:CB:25:FA:C8:72:34:72:5F:68:0A:E5:24
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FC7E93D39373AE338BD635FEC61430743
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hCo2p1d3G3jLJfrIcjRyX2gK5SQ.roa
Signing time: Thu 30 May 2024 05:11:42 +0000
ROA not before: Thu 30 May 2024 05:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 30 May 2024 06:06:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c7:e9:3d:39:37:3a:e3:38:bd:63:5f:ec:61:43:07:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 30 05:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=842a36a757771b78cb25fac87234725f680ae524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:74:81:68:67:34:aa:f6:db:72:48:84:d7:a2:
37:1c:3b:eb:5e:ae:41:f5:7b:1b:69:46:ed:22:90:
8a:dc:d8:c0:05:f5:c5:27:0c:19:86:44:5c:96:bd:
6f:a4:2e:a8:99:83:8c:04:c1:88:c3:f8:96:9d:5c:
f8:1b:7c:4a:4d:99:bb:18:e8:11:f3:06:85:35:d7:
1d:c5:cb:fa:7f:e9:47:a0:f5:14:52:ec:51:f8:63:
9c:d3:2e:a7:3c:0a:8e:9b:12:ca:72:ca:3d:86:4a:
c0:87:4e:77:7e:90:24:1e:64:e6:2e:ab:66:a1:63:
42:2d:dc:57:69:6f:a6:18:80:31:8e:65:36:53:ec:
66:95:e6:00:0e:ca:b1:12:3b:4d:61:9b:23:ee:1b:
ec:98:62:97:88:7e:3f:2a:35:c4:76:3c:11:4a:f9:
82:c6:76:91:a0:71:51:7c:0f:6d:72:6b:e0:0e:ff:
f0:d0:af:af:c3:73:7c:c1:9c:35:49:1c:a3:6d:28:
8a:c6:a0:7c:34:ab:cc:ad:37:9e:1f:0c:6c:ab:40:
ed:56:7f:e7:59:71:38:01:33:66:90:01:69:33:80:
4c:32:ad:db:94:ea:6e:d3:73:53:c1:f0:9f:fb:1f:
d7:06:ad:48:b0:77:8a:c1:11:e1:ad:96:9e:36:3b:
88:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:2A:36:A7:57:77:1B:78:CB:25:FA:C8:72:34:72:5F:68:0A:E5:24
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hCo2p1d3G3jLJfrIcjRyX2gK5SQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
28:50:ab:37:bd:28:81:85:9e:9d:af:d2:59:7e:c0:08:92:d2:
19:93:8c:f7:a1:fd:75:27:3b:a9:05:68:5c:03:2b:39:d7:64:
6e:30:75:f4:9d:8c:ca:aa:85:5d:5c:62:73:50:92:d6:0c:f1:
23:2b:86:7d:af:03:c4:56:6d:3c:d0:87:dc:aa:ff:d1:6d:07:
00:06:64:c5:ec:f9:be:ac:0b:f7:c0:d1:1a:94:3b:52:e3:4e:
69:34:86:72:10:77:9c:50:83:f7:13:6d:e2:71:3e:9a:d9:3b:
29:e0:e8:ff:81:8b:7e:d3:8c:57:e1:46:57:15:c6:3c:ec:58:
c1:e0:11:50:e4:f8:f7:36:55:6d:1d:84:60:32:ab:dc:80:c5:
99:7e:ef:97:63:6a:99:65:67:39:04:21:8a:f3:96:46:d4:f5:
ad:fa:03:7c:bf:5a:b8:cf:98:d1:25:6b:7e:3e:29:1b:95:62:
7d:b3:3b:b0:48:89:0a:91:98:21:60:a8:ca:58:6c:36:c7:7b:
38:ff:08:b4:e3:d1:cb:34:72:fd:fe:ca:fb:ed:32:b0:01:3d:
5c:f7:d2:28:c8:af:19:e3:3d:8d:19:1e:6b:49:0d:f4:d1:47:
6e:34:a5:f9:39:92:b9:af:87:cb:18:c5:b5:2b:bb:38:e1:6a:
28:3e:13:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/H6T05NzrjOL1jX+xhQwdDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTMwMDUxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDJhMzZhNzU3NzcxYjc4Y2IyNWZhYzg3MjM0NzI1ZjY4MGFlNTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHSBaGc0qvbbckiE16I3HDvrXq5B
9XsbaUbtIpCK3NjABfXFJwwZhkRclr1vpC6omYOMBMGIw/iWnVz4G3xKTZm7GOgR
8waFNdcdxcv6f+lHoPUUUuxR+GOc0y6nPAqOmxLKcso9hkrAh053fpAkHmTmLqtm
oWNCLdxXaW+mGIAxjmU2U+xmleYADsqxEjtNYZsj7hvsmGKXiH4/KjXEdjwRSvmC
xnaRoHFRfA9tcmvgDv/w0K+vw3N8wZw1SRyjbSiKxqB8NKvMrTeeHwxsq0DtVn/n
WXE4ATNmkAFpM4BMMq3blOpu03NTwfCf+x/XBq1IsHeKwRHhrZaeNjuIhwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIQqNqdXdxt4yyX6yHI0cl9oCuUkMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaENvMnAxZDNHM2pMSmZySWNqUnlYMmdLNVNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAChQqze9KIGFnp2v0ll+
wAiS0hmTjPeh/XUnO6kFaFwDKznXZG4wdfSdjMqqhV1cYnNQktYM8SMrhn2vA8RW
bTzQh9yq/9FtBwAGZMXs+b6sC/fA0RqUO1LjTmk0hnIQd5xQg/cTbeJxPprZOyng
6P+Bi37TjFfhRlcVxjzsWMHgEVDk+Pc2VW0dhGAyq9yAxZl+75djapllZzkEIYrz
lkbU9a36A3y/WrjPmNEla34+KRuVYn2zO7BIiQqRmCFgqMpYbDbHezj/CLTj0cs0
cv3+yvvtMrABPVz30ijIrxnjPY0ZHmtJDfTRR240pfk5krmvh8sYxbUruzjhaig+
EzI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org