Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/jU-sYWSVvTX3EwQ0cRNZ4PZwQJw.roa
File: jU-sYWSVvTX3EwQ0cRNZ4PZwQJw.roa (raw, json)
Hash identifier: WzjJVh5A49/lkDfdHx7OBnCBQFMe0LClFrULgL9g9yk=
Subject key identifier: 8D:4F:AC:61:64:95:BD:35:F7:13:04:34:71:13:59:E0:F6:70:40:9C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019008B6785D930E0199FB8C929AB80CF8E4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/jU-sYWSVvTX3EwQ0cRNZ4PZwQJw.roa
Signing time: Tue 11 Jun 2024 19:11:34 +0000
ROA not before: Tue 11 Jun 2024 19:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 11 Jun 2024 20:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:08:b6:78:5d:93:0e:01:99:fb:8c:92:9a:b8:0c:f8:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 11 19:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d4fac616495bd35f7130434711359e0f670409c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2c:d2:48:1f:94:d0:da:3d:ae:3f:b3:37:ae:
20:8a:de:81:ae:df:d9:65:e7:d7:ba:54:9e:e8:a5:
c9:b8:3b:7c:47:d5:4a:8b:37:77:17:2f:6f:90:75:
f1:57:dd:1b:d2:a2:4b:c7:6e:df:58:b0:5a:c1:26:
e9:ac:5f:e2:b6:f3:28:e7:70:93:ad:45:eb:b1:27:
c2:a5:ec:68:9f:b1:85:db:56:be:2e:89:e2:dc:89:
01:e8:74:0f:64:18:a2:67:86:a0:97:64:b3:7b:99:
10:de:ed:71:eb:71:61:bc:ea:43:ad:36:5f:59:a3:
d8:72:e7:66:a8:10:70:6b:eb:75:d1:eb:e0:6d:81:
cf:bb:8a:d9:5d:e2:39:5f:63:73:25:ea:04:2e:bc:
c9:3b:26:19:82:5d:e0:7d:af:c6:98:61:2a:8b:9a:
40:43:de:fe:d1:d8:56:65:78:33:d1:ec:de:03:a2:
4e:19:f7:fa:f1:b8:be:d0:fa:19:36:72:6a:49:25:
f8:b3:e4:76:9f:bd:25:9b:37:f0:a8:a6:d5:6b:ac:
84:ff:3c:00:64:e3:ec:ce:de:39:35:4b:2a:09:30:
00:b0:9f:95:f4:b7:71:ad:a4:1a:43:a3:ad:f5:9d:
e0:6f:01:73:5e:d2:06:d1:3c:60:6d:a5:2f:30:cc:
67:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:4F:AC:61:64:95:BD:35:F7:13:04:34:71:13:59:E0:F6:70:40:9C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/jU-sYWSVvTX3EwQ0cRNZ4PZwQJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8b:78:ef:f9:b5:f1:ed:0c:39:1e:4c:a8:4b:c9:c0:4c:97:5b:
48:10:b7:52:9c:f5:c8:34:d3:75:30:72:87:f1:b4:dd:d9:5e:
f9:f1:b5:b2:a6:6b:2e:59:62:09:8c:da:0c:23:b1:d0:06:31:
7f:2c:ee:f3:01:70:50:71:68:7b:ca:10:a4:3b:ec:1e:d5:d7:
81:20:a9:7a:70:0a:3e:04:31:c0:4c:53:be:33:1d:dc:34:f5:
0d:5e:e8:a0:d0:99:3e:00:a3:12:33:ff:18:1f:aa:be:7f:d4:
54:81:91:3b:c7:41:aa:c4:2e:fa:8e:af:e1:77:de:a6:2c:77:
b6:94:ec:16:9d:a4:f6:7c:ae:ce:b9:45:3b:74:af:ad:68:b4:
2a:04:f1:26:18:25:10:5b:64:05:23:43:ce:13:c5:ff:22:e2:
4f:de:97:9c:76:62:a9:b0:5e:54:b7:e7:52:9c:a0:37:d3:d9:
43:1e:2a:e5:f2:67:bd:98:83:43:dc:04:46:c2:d5:4c:a5:47:
2e:17:34:88:d5:66:5f:85:ef:29:5e:de:ca:9a:2c:cc:45:cd:
78:17:66:d2:b3:e6:26:34:b2:ad:0c:a2:63:26:99:96:d8:1a:
2b:2e:15:9d:59:85:99:b1:75:3a:35:7f:51:fb:4b:65:f3:1a:
83:19:1d:48
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAItnhdkw4BmfuMkpq4DPjkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjExMTkxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDRmYWM2MTY0OTViZDM1ZjcxMzA0MzQ3MTEzNTllMGY2NzA0MDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyzSSB+U0No9rj+zN64git6Brt/Z
ZefXulSe6KXJuDt8R9VKizd3Fy9vkHXxV90b0qJLx27fWLBawSbprF/itvMo53CT
rUXrsSfCpexon7GF21a+Loni3IkB6HQPZBiiZ4agl2Sze5kQ3u1x63FhvOpDrTZf
WaPYcudmqBBwa+t10evgbYHPu4rZXeI5X2NzJeoELrzJOyYZgl3gfa/GmGEqi5pA
Q97+0dhWZXgz0ezeA6JOGff68bi+0PoZNnJqSSX4s+R2n70lmzfwqKbVa6yE/zwA
ZOPszt45NUsqCTAAsJ+V9LdxraQaQ6Ot9Z3gbwFzXtIG0TxgbaUvMMxnwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI1PrGFklb019xMENHETWeD2cECcMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvalUtc1lXU1Z2VFgzRXdRMGNSTlo0UFp3UUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIt47/m18e0MOR5MqEvJ
wEyXW0gQt1Kc9cg003UwcofxtN3ZXvnxtbKmay5ZYgmM2gwjsdAGMX8s7vMBcFBx
aHvKEKQ77B7V14EgqXpwCj4EMcBMU74zHdw09Q1e6KDQmT4AoxIz/xgfqr5/1FSB
kTvHQarELvqOr+F33qYsd7aU7BadpPZ8rs65RTt0r61otCoE8SYYJRBbZAUjQ84T
xf8i4k/el5x2YqmwXlS351KcoDfT2UMeKuXyZ72Yg0PcBEbC1UylRy4XNIjVZl+F
7yle3sqaLMxFzXgXZtKz5iY0sq0MomMmmZbYGisuFZ1ZhZmxdTo1f1H7S2XzGoMZ
HUg=
-----END CERTIFICATE-----
Generated at Tue Jun 11 21:29:59 2024 by rpki-client on console-fra.rpki-client.org