Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nUHNj-rYcTYb-SZ4CC7g4A81bao.roa
File: nUHNj-rYcTYb-SZ4CC7g4A81bao.roa (raw, json)
Hash identifier: rtgkmA6Pd9c4rYpKfm1my7SnRLCGs0N8UEteZg6sVLA=
Subject key identifier: 9D:41:CD:8F:EA:D8:71:36:1B:F9:26:78:08:2E:E0:E0:0F:35:6D:AA
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019044259E94C95A6122229F69D3E56F8E3A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nUHNj-rYcTYb-SZ4CC7g4A81bao.roa
Signing time: Sun 23 Jun 2024 08:10:34 +0000
ROA not before: Sun 23 Jun 2024 08:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 23 Jun 2024 09:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:44:25:9e:94:c9:5a:61:22:22:9f:69:d3:e5:6f:8e:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 23 08:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d41cd8fead871361bf92678082ee0e00f356daa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:08:f2:9a:5f:79:a8:87:8f:ef:4b:46:af:41:
2f:12:b5:28:13:b9:fa:bc:7f:51:f9:1d:56:e0:1b:
b0:d4:af:c1:3f:db:b0:d3:41:20:d0:af:0c:3d:ab:
78:81:54:95:ae:c8:b7:fb:e3:8c:55:70:4c:ca:60:
9d:74:c8:ae:a7:6f:47:db:28:cd:33:99:5e:9a:b7:
61:bb:01:80:11:81:da:89:b4:36:67:43:eb:a9:a4:
84:ee:b5:3c:56:67:33:46:12:d5:a7:4f:c5:52:39:
42:39:00:af:ef:00:fc:da:0d:a6:18:65:ba:93:28:
7a:a3:d9:64:cc:26:71:a3:0c:65:07:d9:3c:26:14:
cf:77:cd:df:20:d0:cd:83:b7:83:9a:25:f3:7f:7a:
13:22:5d:87:1f:c0:52:5b:16:2b:3c:59:12:7b:c2:
c8:79:e0:ea:1e:a0:4d:b9:16:67:d7:b9:66:06:4f:
21:b8:13:00:a8:8c:2b:22:d1:cd:66:97:08:d6:91:
03:69:09:8b:c5:b9:6f:f0:51:6b:43:39:b1:2d:89:
b8:9c:d5:b8:d3:dd:0b:c8:c4:ee:7c:ac:7f:9f:15:
7e:b7:a0:70:55:e8:3d:6c:55:00:05:69:de:e7:71:
e4:fb:29:a6:30:9c:6d:de:72:79:11:b0:ef:7a:19:
b4:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:41:CD:8F:EA:D8:71:36:1B:F9:26:78:08:2E:E0:E0:0F:35:6D:AA
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nUHNj-rYcTYb-SZ4CC7g4A81bao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:06:78:14:06:5a:7f:67:52:3c:f9:d0:4e:45:cd:9b:10:a9:
fd:6b:3e:43:69:67:7c:f4:2d:60:eb:a6:de:f7:aa:34:0c:6d:
3c:e0:ea:b5:41:64:6b:a2:5a:86:79:7d:62:22:3e:0a:4d:61:
43:41:b6:54:25:3f:49:03:eb:20:c3:55:fa:d3:02:68:58:51:
d4:72:a4:08:db:23:d1:8e:fb:43:c5:07:d5:b3:fa:0d:2d:94:
f4:46:44:6d:52:43:70:aa:70:bf:d2:b1:15:e7:51:7a:a5:85:
32:a9:cc:9f:5f:47:1f:5a:bb:40:3f:43:c9:63:2b:2d:c0:fa:
8a:e1:7a:2b:7c:9c:ae:aa:60:09:61:ad:51:b4:5a:a1:9e:db:
e5:cb:32:3e:06:2b:f5:c4:42:be:68:e3:dc:e8:b8:df:a0:14:
14:9a:3a:55:c1:27:f0:ff:65:99:44:b6:f2:e2:c5:40:f1:f9:
bf:1d:8e:71:4a:a4:cd:bf:ca:c9:97:f3:3b:32:b2:d2:26:83:
88:bb:af:9f:d3:37:bd:43:a7:03:80:43:05:05:fe:c1:b3:61:
b5:c2:62:d6:c9:e6:9c:9b:cf:1e:cd:be:65:80:e5:44:ac:8e:
52:2f:37:28:9c:6d:a9:68:45:a6:52:71:c4:3b:09:56:9d:d3:
d9:95:a1:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBEJZ6UyVphIiKfadPlb446MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIzMDgxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDQxY2Q4ZmVhZDg3MTM2MWJmOTI2NzgwODJlZTBlMDBmMzU2ZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAjyml95qIeP70tGr0EvErUoE7n6
vH9R+R1W4Buw1K/BP9uw00Eg0K8MPat4gVSVrsi3++OMVXBMymCddMiup29H2yjN
M5lemrdhuwGAEYHaibQ2Z0PrqaSE7rU8VmczRhLVp0/FUjlCOQCv7wD82g2mGGW6
kyh6o9lkzCZxowxlB9k8JhTPd83fINDNg7eDmiXzf3oTIl2HH8BSWxYrPFkSe8LI
eeDqHqBNuRZn17lmBk8huBMAqIwrItHNZpcI1pEDaQmLxblv8FFrQzmxLYm4nNW4
090LyMTufKx/nxV+t6BwVeg9bFUABWne53Hk+ymmMJxt3nJ5EbDvehm0OwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ1BzY/q2HE2G/kmeAgu4OAPNW2qMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvblVITmotclljVFliLVNaNENDN2c0QTgxYmFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIwGeBQGWn9nUjz50E5F
zZsQqf1rPkNpZ3z0LWDrpt73qjQMbTzg6rVBZGuiWoZ5fWIiPgpNYUNBtlQlP0kD
6yDDVfrTAmhYUdRypAjbI9GO+0PFB9Wz+g0tlPRGRG1SQ3CqcL/SsRXnUXqlhTKp
zJ9fRx9au0A/Q8ljKy3A+orheit8nK6qYAlhrVG0WqGe2+XLMj4GK/XEQr5o49zo
uN+gFBSaOlXBJ/D/ZZlEtvLixUDx+b8djnFKpM2/ysmX8zsystImg4i7r5/TN71D
pwOAQwUF/sGzYbXCYtbJ5pybzx7NvmWA5USsjlIvNyicbaloRaZSccQ7CVad09mV
oYM=
-----END CERTIFICATE-----
Generated at Sun Jun 23 11:06:51 2024 by rpki-client on console-fra.rpki-client.org