Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mUJgNpZ3vpPcNjyVB-VsV8xTq9o.roa
File: mUJgNpZ3vpPcNjyVB-VsV8xTq9o.roa (raw, json)
Hash identifier: 729rq9RYKQC/qSWNpjDeTDKkjtBRDVvifm2uBxGRq44=
Subject key identifier: 99:42:60:36:96:77:BE:93:DC:36:3C:95:07:E5:6C:57:CC:53:AB:DA
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01906B9FE2ABD5FC68FB45A53063EBFA312D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mUJgNpZ3vpPcNjyVB-VsV8xTq9o.roa
Signing time: Mon 01 Jul 2024 00:09:18 +0000
ROA not before: Mon 01 Jul 2024 00:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jul 2024 01:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6b:9f:e2:ab:d5:fc:68:fb:45:a5:30:63:eb:fa:31:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 1 00:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=994260369677be93dc363c9507e56c57cc53abda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7f:ec:e5:fa:15:bf:ae:3b:8e:52:a9:5f:44:
ea:db:b6:98:e1:72:8f:81:5d:86:e9:34:40:9e:fb:
ca:f7:28:64:92:7b:c3:c1:5f:76:4c:3b:0f:8e:d6:
db:d7:ac:be:b4:63:12:35:15:0a:86:b3:d2:f7:05:
78:73:00:f3:e1:6d:e3:d1:c1:e8:1a:2e:2d:be:8e:
15:e9:14:84:f7:be:81:16:8b:0c:39:e1:04:ae:8a:
31:09:fd:1c:fe:11:72:80:69:00:29:62:09:91:90:
01:23:27:14:07:cd:77:d1:50:41:cb:1f:f8:b2:7d:
6f:1b:43:bd:87:77:24:3b:ca:75:4b:af:41:43:94:
7c:38:53:8d:7f:d5:02:9d:8d:9b:a4:10:9a:a3:ac:
d8:2a:c2:fa:d6:5c:81:f6:03:b3:56:22:08:73:f6:
96:f4:21:bb:cb:87:28:5e:53:23:41:e6:0a:b2:c0:
a0:32:fa:99:3c:d8:3f:a3:41:70:37:7f:3d:54:3b:
a4:89:d1:c7:d0:5a:0c:e7:25:eb:d8:00:b3:a0:e6:
9d:c8:9d:f2:f0:01:f1:2c:86:b8:35:bf:96:14:e6:
77:d3:76:38:7a:3f:88:aa:fb:af:ce:d9:ff:9e:34:
b8:c3:f3:4a:a3:95:c2:5b:79:8c:8f:65:52:cc:ec:
24:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:42:60:36:96:77:BE:93:DC:36:3C:95:07:E5:6C:57:CC:53:AB:DA
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mUJgNpZ3vpPcNjyVB-VsV8xTq9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:8d:16:43:63:b9:21:3f:12:69:da:fa:22:86:0e:ea:12:64:
81:5e:f2:56:18:3e:39:00:7f:e4:4d:a5:7a:ac:3d:2b:a1:f6:
32:ec:fc:a7:05:bd:1a:2c:23:68:92:1c:2e:04:09:cf:92:01:
1b:94:e2:7d:b1:ff:bd:5f:4e:1c:27:f9:d9:96:b5:03:be:e0:
ba:ae:74:91:45:e9:4e:82:43:57:32:95:d6:15:e9:0c:e4:47:
a1:34:d1:d1:6a:89:ed:9f:be:49:eb:5d:4d:d9:f4:54:4c:8c:
b8:b8:22:7d:19:a6:92:d3:b5:e8:aa:e8:7e:6c:ef:b6:47:92:
d0:27:3c:0d:53:cf:e7:42:f3:b8:7b:a1:e8:d3:38:d9:65:94:
88:c7:fc:05:61:4e:7e:fb:bd:c4:3d:99:a6:6b:99:13:84:31:
2c:fe:c3:b5:57:ee:96:0e:c9:ec:3a:1c:3e:9e:c2:0c:00:e5:
3a:27:8e:ca:c8:37:0a:e8:14:10:94:2b:9f:8d:2a:fd:2d:91:
14:5b:28:03:7e:44:8d:ba:38:0a:60:40:7f:b2:04:63:4e:a2:
f3:e4:b0:35:4d:a6:9e:13:52:bd:f8:b4:cd:4e:07:20:78:9c:
42:13:43:b9:8e:4f:10:3c:da:c9:3a:85:98:72:36:81:99:f7:
c0:56:2e:4c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBrn+Kr1fxo+0WlMGPr+jEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAxMDAwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTQyNjAzNjk2NzdiZTkzZGMzNjNjOTUwN2U1NmM1N2NjNTNhYmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH/s5foVv647jlKpX0Tq27aY4XKP
gV2G6TRAnvvK9yhkknvDwV92TDsPjtbb16y+tGMSNRUKhrPS9wV4cwDz4W3j0cHo
Gi4tvo4V6RSE976BFosMOeEErooxCf0c/hFygGkAKWIJkZABIycUB8130VBByx/4
sn1vG0O9h3ckO8p1S69BQ5R8OFONf9UCnY2bpBCao6zYKsL61lyB9gOzViIIc/aW
9CG7y4coXlMjQeYKssCgMvqZPNg/o0FwN389VDukidHH0FoM5yXr2ACzoOadyJ3y
8AHxLIa4Nb+WFOZ303Y4ej+Iqvuvztn/njS4w/NKo5XCW3mMj2VSzOwkmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJlCYDaWd76T3DY8lQflbFfMU6vaMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbVVKZ05wWjN2cFBjTmp5VkItVnNWOHhUcTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIWNFkNjuSE/Emna+iKG
DuoSZIFe8lYYPjkAf+RNpXqsPSuh9jLs/KcFvRosI2iSHC4ECc+SARuU4n2x/71f
Thwn+dmWtQO+4LqudJFF6U6CQ1cyldYV6QzkR6E00dFqie2fvknrXU3Z9FRMjLi4
In0ZppLTteiq6H5s77ZHktAnPA1Tz+dC87h7oejTONlllIjH/AVhTn77vcQ9maZr
mROEMSz+w7VX7pYOyew6HD6ewgwA5TonjsrINwroFBCUK5+NKv0tkRRbKAN+RI26
OApgQH+yBGNOovPksDVNpp4TUr34tM1OByB4nEITQ7mOTxA82sk6hZhyNoGZ98BW
Lkw=
-----END CERTIFICATE-----
Generated at Mon Jul 1 03:31:31 2024 by rpki-client on console-fra.rpki-client.org