Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/n35fhbIGqIXXxMLPo504u-cv8QU.roa
File: n35fhbIGqIXXxMLPo504u-cv8QU.roa (raw, json)
Hash identifier: IMKGe/ZClTXk0S3JoRJahEJCjgd3DQXl5panCaBsY4s=
Subject key identifier: 9F:7E:5F:85:B2:06:A8:85:D7:C4:C2:CF:A3:9D:38:BB:E7:2F:F1:05
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019070C812AFB8717EA52715C7EE254C01FE
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/n35fhbIGqIXXxMLPo504u-cv8QU.roa
Signing time: Tue 02 Jul 2024 00:11:18 +0000
ROA not before: Tue 02 Jul 2024 00:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jul 2024 01:06:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:70:c8:12:af:b8:71:7e:a5:27:15:c7:ee:25:4c:01:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 2 00:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f7e5f85b206a885d7c4c2cfa39d38bbe72ff105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a8:93:61:f3:a5:e4:b1:65:d1:60:9f:37:fe:
0e:c6:ee:65:d6:c5:45:09:47:25:a8:f1:b4:d0:68:
aa:ec:c3:2a:47:5d:9f:3f:3a:6a:10:9e:4a:24:2d:
9e:53:6f:ee:e2:71:06:4e:81:b4:75:2d:3d:ac:ce:
f1:a0:a5:3e:74:ca:bd:e4:47:7c:a4:ea:09:58:28:
e7:c5:a9:82:d8:46:32:ff:7f:fd:20:5a:25:c5:20:
de:49:d3:13:fc:72:32:a6:a8:7d:8e:bc:12:16:c7:
10:c8:11:d7:94:14:4e:93:e3:12:a0:21:00:eb:4e:
d3:fc:a5:06:5e:32:f9:c2:7f:27:3c:68:88:df:b9:
5a:b2:09:9e:2b:75:12:7b:51:37:97:44:9e:15:da:
c3:02:c9:98:db:a7:66:b9:46:0b:45:51:c7:3d:be:
2c:57:21:ab:a6:c1:36:d5:0c:84:92:ab:a3:e4:ee:
af:ba:0b:fc:aa:3e:58:03:15:18:01:d5:a9:fa:58:
eb:30:b9:3c:7c:32:36:b7:2f:81:d5:0a:50:ba:63:
2a:ba:b3:96:a4:4e:6a:be:72:2d:cb:79:ef:53:64:
43:c3:22:38:d9:14:84:45:05:34:22:b3:81:e0:e6:
41:ed:60:93:0d:9d:64:8c:fc:89:84:6f:76:bb:c7:
98:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:7E:5F:85:B2:06:A8:85:D7:C4:C2:CF:A3:9D:38:BB:E7:2F:F1:05
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/n35fhbIGqIXXxMLPo504u-cv8QU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:0a:5b:f0:c7:2b:1a:c4:f1:c7:0d:aa:11:ec:19:8d:46:f4:
a8:f5:33:8a:0d:b4:39:ee:89:a7:0f:4a:76:c6:80:43:aa:bf:
9b:c7:a2:d3:42:13:50:4a:14:df:aa:0b:5a:c7:19:5c:4c:fa:
d0:7a:57:7c:56:11:8b:cf:b1:61:73:78:00:09:bb:8d:80:9a:
63:1b:2f:7a:6f:29:30:c1:a9:23:c4:6d:1b:1f:60:41:88:2d:
08:36:58:74:3f:f3:69:99:bb:9b:2d:47:4c:74:93:0b:45:49:
32:fa:04:ec:e2:08:09:02:3a:65:00:13:91:06:d9:71:3b:51:
14:d6:15:bb:26:29:28:fe:e3:57:12:47:fc:a1:bb:b5:dd:89:
94:a4:0a:0c:d3:97:ed:d6:f2:77:c9:ad:2b:0a:c5:97:02:3f:
89:c4:55:dc:c9:07:40:8d:d2:7d:7a:53:61:07:fa:73:67:df:
0b:e2:43:24:be:6d:dc:98:0f:7d:a0:d8:f3:c1:d5:da:5d:bf:
3d:e8:03:1d:c8:8c:91:5b:49:57:6e:5e:fb:d8:60:a1:72:28:
1f:3d:8f:7f:3b:73:b4:9a:aa:51:2a:4f:85:33:39:89:81:71:
f4:b4:00:8a:91:03:46:fc:14:2c:dd:80:f0:b8:01:72:b6:06:
31:a5:e8:3c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBwyBKvuHF+pScVx+4lTAH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAyMDAxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjdlNWY4NWIyMDZhODg1ZDdjNGMyY2ZhMzlkMzhiYmU3MmZmMTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKiTYfOl5LFl0WCfN/4Oxu5l1sVF
CUclqPG00Giq7MMqR12fPzpqEJ5KJC2eU2/u4nEGToG0dS09rM7xoKU+dMq95Ed8
pOoJWCjnxamC2EYy/3/9IFolxSDeSdMT/HIypqh9jrwSFscQyBHXlBROk+MSoCEA
607T/KUGXjL5wn8nPGiI37lasgmeK3USe1E3l0SeFdrDAsmY26dmuUYLRVHHPb4s
VyGrpsE21QyEkquj5O6vugv8qj5YAxUYAdWp+ljrMLk8fDI2ty+B1QpQumMqurOW
pE5qvnIty3nvU2RDwyI42RSERQU0IrOB4OZB7WCTDZ1kjPyJhG92u8eYBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ9+X4WyBqiF18TCz6OdOLvnL/EFMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbjM1ZmhiSUdxSVhYeE1MUG81MDR1LWN2OFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADcKW/DHKxrE8ccNqhHs
GY1G9Kj1M4oNtDnuiacPSnbGgEOqv5vHotNCE1BKFN+qC1rHGVxM+tB6V3xWEYvP
sWFzeAAJu42AmmMbL3pvKTDBqSPEbRsfYEGILQg2WHQ/82mZu5stR0x0kwtFSTL6
BOziCAkCOmUAE5EG2XE7URTWFbsmKSj+41cSR/yhu7XdiZSkCgzTl+3W8nfJrSsK
xZcCP4nEVdzJB0CN0n16U2EH+nNn3wviQyS+bdyYD32g2PPB1dpdvz3oAx3IjJFb
SVduXvvYYKFyKB89j387c7SaqlEqT4UzOYmBcfS0AIqRA0b8FCzdgPC4AXK2BjGl
6Dw=
Generated at Tue Jul 2 02:55:36 2024 by rpki-client on console-fra.rpki-client.org