Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hNOkdqL4BaIBUdvoUxQJcye6B2A.roa
File: hNOkdqL4BaIBUdvoUxQJcye6B2A.roa (raw, json)
Hash identifier: pOe24asqiWU+f0TEAKBFeg0qQhaic9tlNzjZ0zitOL4=
Subject key identifier: 84:D3:A4:76:A2:F8:05:A2:01:51:DB:E8:53:14:09:73:27:BA:07:60
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019067F92139AD0F70EC1DFA4EB7F8B399E4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hNOkdqL4BaIBUdvoUxQJcye6B2A.roa
Signing time: Sun 30 Jun 2024 07:08:18 +0000
ROA not before: Sun 30 Jun 2024 07:08:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 30 Jun 2024 08:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:67:f9:21:39:ad:0f:70:ec:1d:fa:4e:b7:f8:b3:99:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 30 07:08:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84d3a476a2f805a20151dbe85314097327ba0760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9e:e4:27:0a:bd:28:92:81:04:77:e7:d8:16:
7e:4f:64:f0:84:56:61:10:1c:05:eb:b2:ae:21:d1:
22:c1:b4:81:ef:d2:22:b5:14:bb:a7:88:7f:10:32:
73:68:bc:35:1b:97:e3:e9:18:a5:4f:64:88:19:0a:
83:aa:65:36:5b:ff:10:66:af:15:fd:1c:75:24:32:
9c:9f:62:86:d8:61:ab:1f:d6:d5:b9:ba:49:de:a3:
76:30:cf:12:03:51:94:42:3f:30:f7:08:2a:ca:88:
d1:32:70:44:c3:38:c3:62:83:57:28:37:05:b0:16:
d8:7a:58:14:27:73:22:0c:3d:6c:a4:39:44:22:fb:
f0:94:13:68:5d:cc:8d:0a:02:59:b7:7d:dd:fd:d3:
96:19:26:a3:2c:ec:a2:9d:73:70:53:8d:d0:de:4e:
b6:f6:51:21:b2:40:96:6f:30:67:de:1b:66:75:7f:
8c:c6:7a:3f:9b:c0:bd:3c:c3:24:b5:47:90:d0:64:
4f:8b:8f:59:4e:8f:0a:7e:39:a6:87:02:7b:0c:36:
79:13:57:fb:19:db:60:89:a1:ee:01:45:40:99:8b:
78:bd:f2:2d:0b:d5:2d:95:f8:06:13:b6:c2:9e:81:
cf:d9:4a:1a:28:01:4c:9a:04:81:be:db:86:a1:2a:
71:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D3:A4:76:A2:F8:05:A2:01:51:DB:E8:53:14:09:73:27:BA:07:60
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hNOkdqL4BaIBUdvoUxQJcye6B2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:b0:a5:e7:c2:01:27:d5:e8:67:b2:eb:26:de:78:14:62:d9:
ab:7d:ff:38:c8:6a:40:8c:47:5f:2c:c9:8a:46:44:4b:d1:36:
20:6c:be:c7:df:27:9c:2f:d0:fe:07:ce:de:cb:11:72:cf:c4:
a3:67:23:27:4c:ce:5e:a9:fb:2a:79:e9:7a:8b:fb:2b:97:9b:
a7:05:ce:43:2e:73:85:1a:20:86:2a:15:83:96:fc:98:8a:0c:
65:2a:21:a6:41:a7:7d:70:24:1a:34:56:86:68:34:50:da:ee:
d1:82:55:63:83:c9:23:3d:e9:26:ad:30:f6:e1:95:de:71:49:
c5:8f:8a:79:8f:b0:45:fc:42:a3:bb:30:cc:74:18:ad:19:3c:
ad:87:25:a7:5d:a3:a6:2b:98:6a:fa:e2:21:c9:a2:23:2e:af:
7c:43:ce:0e:98:a1:fa:ab:27:7e:54:6d:e9:f1:58:c0:5a:02:
e8:a8:34:62:38:df:95:63:7f:e3:56:f0:8d:bb:3b:d7:20:f9:
ab:83:f0:9a:de:08:23:19:a3:7e:c5:15:dc:0c:7d:60:29:68:
1b:bf:4d:7b:9e:12:66:40:11:af:89:48:24:f7:dc:1d:cf:e7:
6d:d4:4e:61:ab:d9:46:c8:81:d1:4b:02:4c:47:d9:f2:b0:c2:
c0:3f:67:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBn+SE5rQ9w7B36Trf4s5nkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjMwMDcwODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGQzYTQ3NmEyZjgwNWEyMDE1MWRiZTg1MzE0MDk3MzI3YmEwNzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZ7kJwq9KJKBBHfn2BZ+T2TwhFZh
EBwF67KuIdEiwbSB79IitRS7p4h/EDJzaLw1G5fj6RilT2SIGQqDqmU2W/8QZq8V
/Rx1JDKcn2KG2GGrH9bVubpJ3qN2MM8SA1GUQj8w9wgqyojRMnBEwzjDYoNXKDcF
sBbYelgUJ3MiDD1spDlEIvvwlBNoXcyNCgJZt33d/dOWGSajLOyinXNwU43Q3k62
9lEhskCWbzBn3htmdX+Mxno/m8C9PMMktUeQ0GRPi49ZTo8KfjmmhwJ7DDZ5E1f7
GdtgiaHuAUVAmYt4vfItC9UtlfgGE7bCnoHP2UoaKAFMmgSBvtuGoSpxzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFITTpHai+AWiAVHb6FMUCXMnugdgMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaE5Pa2RxTDRCYUlCVWR2b1V4UUpjeWU2QjJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGCwpefCASfV6Gey6ybe
eBRi2at9/zjIakCMR18syYpGREvRNiBsvsffJ5wv0P4Hzt7LEXLPxKNnIydMzl6p
+yp56XqL+yuXm6cFzkMuc4UaIIYqFYOW/JiKDGUqIaZBp31wJBo0VoZoNFDa7tGC
VWODySM96SatMPbhld5xScWPinmPsEX8QqO7MMx0GK0ZPK2HJaddo6YrmGr64iHJ
oiMur3xDzg6YofqrJ35UbenxWMBaAuioNGI435Vjf+NW8I27O9cg+auD8JreCCMZ
o37FFdwMfWApaBu/TXueEmZAEa+JSCT33B3P523UTmGr2UbIgdFLAkxH2fKwwsA/
Z50=
-----END CERTIFICATE-----
Generated at Sun Jun 30 14:05:46 2024 by rpki-client on console-fra.rpki-client.org