Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/liwQZ2dd43SPJ_xG4GdpFvh9QnQ.roa
File: liwQZ2dd43SPJ_xG4GdpFvh9QnQ.roa (raw, json)
Hash identifier: TrENOzq2q1mPFubaXMudmprXCnQZWH0AMW3Kv9mZ1RI=
Subject key identifier: 96:2C:10:67:67:5D:E3:74:8F:27:FC:46:E0:67:69:16:F8:7D:42:74
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FC02FB2EFDC48EEE7D87A78752916DDA1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/liwQZ2dd43SPJ_xG4GdpFvh9QnQ.roa
Signing time: Tue 28 May 2024 17:11:42 +0000
ROA not before: Tue 28 May 2024 17:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 May 2024 18:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c0:2f:b2:ef:dc:48:ee:e7:d8:7a:78:75:29:16:dd:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 28 17:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=962c1067675de3748f27fc46e0676916f87d4274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ca:27:a0:f3:83:b9:c6:e6:af:7c:59:63:ee:
8e:0f:58:1e:88:1c:89:6f:f9:b9:e4:8a:ef:6b:26:
d5:89:6a:aa:e6:d5:0f:10:f8:27:d1:92:f0:51:a1:
1b:4d:e5:29:bc:04:08:ab:ce:bc:18:ec:45:4b:b7:
22:8b:38:1b:54:69:71:b5:22:7b:b8:9b:b7:54:97:
b4:9a:8e:13:67:b3:a3:45:52:ec:14:e0:11:45:d8:
82:e1:6a:65:ee:b7:6e:b1:68:5e:d8:07:0e:4d:fc:
a7:89:a7:9c:94:06:2c:19:c1:b2:04:33:23:da:51:
0c:63:96:1f:4a:ae:4b:a0:3f:b5:c4:e8:ff:7e:9d:
75:ed:47:3d:ee:9d:97:c1:a1:07:f7:86:d7:75:ee:
c3:36:68:00:3d:31:55:8a:ff:10:9c:c1:26:e1:64:
31:1b:19:d9:f1:3d:b1:9b:74:e3:db:56:1d:c8:f8:
79:2e:e1:12:48:55:c4:d9:9e:5c:46:6c:3d:33:19:
fa:58:a4:88:20:c4:64:4e:49:45:07:01:cf:f4:11:
d5:2f:e7:8c:d8:75:09:3e:30:65:16:de:dc:75:18:
0c:48:61:2a:9d:22:69:c9:95:1c:4f:85:4a:b7:73:
d6:1b:cc:12:a7:9b:b7:0c:0a:b6:e4:60:bf:6c:2d:
a5:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2C:10:67:67:5D:E3:74:8F:27:FC:46:E0:67:69:16:F8:7D:42:74
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/liwQZ2dd43SPJ_xG4GdpFvh9QnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:01:2f:39:a0:69:c9:17:21:1c:a0:6a:41:35:a8:55:bd:b8:
31:ce:64:5b:b1:08:6b:2e:36:df:20:93:3e:3a:ae:c8:cf:81:
53:b0:6e:2f:b2:b2:2d:63:50:3c:3d:f2:21:cd:a9:5b:8a:da:
9b:60:38:e3:80:24:78:a2:44:ae:18:27:43:7f:1a:3b:e7:37:
73:06:12:91:35:d8:47:e1:bd:e0:d4:dd:87:70:a7:37:a0:8e:
e6:20:e1:a0:cc:e0:2f:9f:b2:01:1a:70:b9:da:30:ac:bf:b1:
62:d4:ca:13:24:39:76:bf:93:da:f0:22:ce:16:10:ee:c0:ee:
b3:f9:b0:70:4d:b0:f1:08:bf:1a:c4:f9:d6:03:09:47:bd:1f:
3b:dc:13:60:77:65:07:f0:24:96:17:98:1f:2f:08:b8:4b:bd:
43:2c:e4:6b:34:f4:60:67:b6:d2:ee:2a:bf:ab:ca:f9:bc:f7:
14:79:e4:c5:29:a3:8c:ff:20:f2:bb:68:ac:dd:3a:bb:52:41:
e8:7c:23:bd:98:61:cf:4f:56:81:36:fb:08:54:22:b7:27:18:
bf:bc:38:4d:b0:22:32:47:f3:b8:5c:e2:58:65:a0:dc:b8:56:
e8:67:3b:53:92:aa:55:ae:91:15:1e:f2:5f:56:40:43:8b:62:
25:d2:d4:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/AL7Lv3Eju59h6eHUpFt2hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI4MTcxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjJjMTA2NzY3NWRlMzc0OGYyN2ZjNDZlMDY3NjkxNmY4N2Q0Mjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8onoPODucbmr3xZY+6OD1geiByJ
b/m55IrvaybViWqq5tUPEPgn0ZLwUaEbTeUpvAQIq868GOxFS7ciizgbVGlxtSJ7
uJu3VJe0mo4TZ7OjRVLsFOARRdiC4Wpl7rdusWhe2AcOTfyniaeclAYsGcGyBDMj
2lEMY5YfSq5LoD+1xOj/fp117Uc97p2XwaEH94bXde7DNmgAPTFViv8QnMEm4WQx
GxnZ8T2xm3Tj21YdyPh5LuESSFXE2Z5cRmw9Mxn6WKSIIMRkTklFBwHP9BHVL+eM
2HUJPjBlFt7cdRgMSGEqnSJpyZUcT4VKt3PWG8wSp5u3DAq25GC/bC2leQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJYsEGdnXeN0jyf8RuBnaRb4fUJ0MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbGl3UVoyZGQ0M1NQSl94RzRHZHBGdmg5UW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIYBLzmgackXIRygakE1
qFW9uDHOZFuxCGsuNt8gkz46rsjPgVOwbi+ysi1jUDw98iHNqVuK2ptgOOOAJHii
RK4YJ0N/GjvnN3MGEpE12EfhveDU3YdwpzegjuYg4aDM4C+fsgEacLnaMKy/sWLU
yhMkOXa/k9rwIs4WEO7A7rP5sHBNsPEIvxrE+dYDCUe9HzvcE2B3ZQfwJJYXmB8v
CLhLvUMs5Gs09GBnttLuKr+ryvm89xR55MUpo4z/IPK7aKzdOrtSQeh8I72YYc9P
VoE2+whUIrcnGL+8OE2wIjJH87hc4lhloNy4VuhnO1OSqlWukRUe8l9WQEOLYiXS
1AE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org