Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/j-ivlNDG6whe2DV0lxt1_2KOFBc.roa
File: j-ivlNDG6whe2DV0lxt1_2KOFBc.roa (raw, json)
Hash identifier: TAB3BucFBJAETitBjN4AjGEI7zRB0+zGHmvuqHaN6ww=
Subject key identifier: 8F:E8:AF:94:D0:C6:EB:08:5E:D8:35:74:97:1B:75:FF:62:8E:14:17
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FFE9B16545347E74CA9E04AAE59A76B73
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/j-ivlNDG6whe2DV0lxt1_2KOFBc.roa
Signing time: Sun 09 Jun 2024 20:05:27 +0000
ROA not before: Sun 09 Jun 2024 20:05:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:fe9a:3343/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 09 Jun 2024 20:09:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:fe:9b:16:54:53:47:e7:4c:a9:e0:4a:ae:59:a7:6b:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 9 20:05:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fe8af94d0c6eb085ed83574971b75ff628e1417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a4:08:25:bc:26:de:88:e4:94:bf:d7:38:82:
d4:0a:43:1c:8b:d0:d9:db:09:a2:20:ec:e8:54:fe:
66:7e:2e:3e:51:e6:45:8e:9e:33:0a:98:06:02:6a:
17:a4:c4:3a:bb:f4:d9:6c:81:16:e6:8f:e7:9b:79:
33:b9:3b:dc:75:a5:13:7e:ce:85:ad:c9:29:b1:b6:
ac:9f:17:ec:51:ea:85:cf:8a:35:e0:30:aa:2a:dc:
84:09:f7:47:6f:8e:1a:fd:e5:09:10:27:2e:6a:e3:
4f:94:22:f1:10:3e:88:84:29:93:eb:82:9a:fb:4c:
f2:9e:27:69:f8:2c:1b:83:a0:18:fe:8e:42:ab:73:
bb:7d:bb:bf:c6:dd:f6:fc:6a:a5:7c:41:fe:a2:90:
ba:db:ae:4a:7b:db:b6:1e:3a:7a:e6:cf:4b:ba:a1:
3f:ec:c5:f1:07:60:c7:3f:42:68:61:fa:18:19:77:
ed:9b:a3:d1:2e:ba:c5:3e:98:91:2c:2a:bb:48:76:
bb:77:0f:2a:49:bd:01:b2:7e:e1:27:f5:e5:3e:ba:
41:47:75:e9:b0:76:6c:2b:2f:36:3e:99:32:88:f1:
e8:af:c7:2e:11:38:3c:94:b1:e9:83:ba:c5:8c:f4:
ab:cc:a4:e8:c8:ea:55:33:25:1c:03:65:ca:9d:d7:
01:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E8:AF:94:D0:C6:EB:08:5E:D8:35:74:97:1B:75:FF:62:8E:14:17
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/j-ivlNDG6whe2DV0lxt1_2KOFBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:2d:77:4e:f4:58:16:c9:ed:62:0a:6c:74:46:7e:46:2d:97:
66:1b:2f:6d:eb:62:1b:53:cf:ea:c6:45:4a:d0:be:ac:64:e3:
5b:11:c7:a6:bd:92:da:5f:8d:e7:b2:09:1f:53:6d:6b:32:4f:
46:04:20:cf:f6:33:26:5f:e7:d0:71:c2:48:34:ed:f5:ea:29:
d0:a8:07:96:95:8f:3a:a7:f7:da:ef:53:a2:30:3b:f3:62:d3:
f1:0f:fe:cf:ab:14:2e:3d:f4:17:43:f1:32:fd:41:82:29:72:
bd:ac:17:83:2b:17:f9:04:ec:8d:e8:0c:c1:45:c8:0a:bd:aa:
04:c4:19:d2:b0:89:2e:69:e8:73:46:41:0f:78:29:a4:0a:e8:
18:a3:ed:70:03:e3:76:a0:a3:37:5c:d7:b6:ce:48:2d:71:7d:
71:31:69:40:6d:cf:d5:f9:cc:f1:d1:cc:af:55:da:6a:27:44:
f9:95:2e:43:60:5c:d5:2e:8c:53:60:77:c8:b7:c6:6b:90:54:
e6:9e:3e:d4:8c:36:11:05:7f:9f:c3:07:fd:06:c6:73:ea:28:
05:37:55:d4:c5:7e:b5:49:f0:71:11:5b:96:19:23:45:54:ed:
27:7f:ed:7a:a8:37:1e:dd:52:e3:4f:14:e6:61:54:b1:95:2c:
72:14:c4:88
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/+mxZUU0fnTKngSq5Zp2tzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA5MjAwNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmU4YWY5NGQwYzZlYjA4NWVkODM1NzQ5NzFiNzVmZjYyOGUxNDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKQIJbwm3ojklL/XOILUCkMci9DZ
2wmiIOzoVP5mfi4+UeZFjp4zCpgGAmoXpMQ6u/TZbIEW5o/nm3kzuTvcdaUTfs6F
rckpsbasnxfsUeqFz4o14DCqKtyECfdHb44a/eUJECcuauNPlCLxED6IhCmT64Ka
+0zynidp+Cwbg6AY/o5Cq3O7fbu/xt32/GqlfEH+opC6265Ke9u2Hjp65s9LuqE/
7MXxB2DHP0JoYfoYGXftm6PRLrrFPpiRLCq7SHa7dw8qSb0Bsn7hJ/XlPrpBR3Xp
sHZsKy82PpkyiPHor8cuETg8lLHpg7rFjPSrzKToyOpVMyUcA2XKndcBDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI/or5TQxusIXtg1dJcbdf9ijhQXMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvai1pdmxOREc2d2hlMkRWMGx4dDFfMktPRkJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB0td070WBbJ7WIKbHRG
fkYtl2YbL23rYhtTz+rGRUrQvqxk41sRx6a9ktpfjeeyCR9TbWsyT0YEIM/2MyZf
59Bxwkg07fXqKdCoB5aVjzqn99rvU6IwO/Ni0/EP/s+rFC499BdD8TL9QYIpcr2s
F4MrF/kE7I3oDMFFyAq9qgTEGdKwiS5p6HNGQQ94KaQK6Bij7XAD43agozdc17bO
SC1xfXExaUBtz9X5zPHRzK9V2monRPmVLkNgXNUujFNgd8i3xmuQVOaePtSMNhEF
f5/DB/0GxnPqKAU3VdTFfrVJ8HERW5YZI0VU7Sd/7XqoNx7dUuNPFOZhVLGVLHIU
xIg=
Generated at Sun Jun 9 21:14:53 2024 by rpki-client on console-fra.rpki-client.org