Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oPF8P0uelqvlJnlsKAYzCXRI_wM.roa
File: oPF8P0uelqvlJnlsKAYzCXRI_wM.roa (raw, json)
Hash identifier: Gts93O1PnBwwqxQKLf73tn9VNhUtUHLDBnvTlfeyDaI=
Subject key identifier: A0:F1:7C:3F:4B:9E:96:AB:E5:26:79:6C:28:06:33:09:74:48:FF:03
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FD07D5CF00DE87C8C6A406955F84ABF04
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oPF8P0uelqvlJnlsKAYzCXRI_wM.roa
Signing time: Fri 31 May 2024 21:10:27 +0000
ROA not before: Fri 31 May 2024 21:10:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 31 May 2024 22:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d0:7d:5c:f0:0d:e8:7c:8c:6a:40:69:55:f8:4a:bf:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 31 21:10:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0f17c3f4b9e96abe526796c280633097448ff03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5e:23:25:99:ad:ab:44:4a:c5:8b:5b:1b:af:
4d:f4:bc:ab:3e:1a:cf:a4:98:ff:d7:4a:42:f6:06:
fe:89:aa:8a:c0:c4:30:f1:98:20:f8:5c:9d:0c:02:
60:f4:71:79:17:de:12:60:18:d1:3b:5b:d8:d3:7e:
76:63:68:58:37:d6:b6:78:89:96:c8:f8:d8:56:e9:
ba:cc:8e:5d:96:2a:76:ab:1b:d6:d2:bb:37:92:a8:
6b:30:e3:c4:c8:5c:5b:2e:93:96:a6:d3:3c:27:be:
d8:75:df:e7:00:32:17:10:6c:24:21:6d:83:ca:20:
cd:88:f7:78:bf:fe:65:9b:84:5a:7c:fb:aa:f0:69:
81:96:51:c6:e6:85:2b:3d:43:3c:30:e0:9d:74:54:
f0:5d:0c:03:0e:64:eb:ee:2d:d1:0c:6e:cd:5e:4b:
07:8e:e6:c0:4a:46:6d:b4:3d:f2:08:f6:8a:21:96:
b2:51:a1:91:a5:6c:82:f8:6c:ce:8f:e5:45:4c:8d:
ae:52:1c:fe:13:16:c9:32:0f:8d:15:12:39:78:23:
01:4e:1e:19:a3:69:03:f1:ec:bf:1d:e1:0f:f5:36:
b0:3a:c4:5c:38:df:86:12:d0:f2:e3:48:07:63:4f:
3c:90:31:63:40:4a:50:7d:1e:45:73:cc:6e:e1:dc:
f8:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F1:7C:3F:4B:9E:96:AB:E5:26:79:6C:28:06:33:09:74:48:FF:03
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oPF8P0uelqvlJnlsKAYzCXRI_wM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:f8:65:2b:4d:01:f8:65:a8:99:da:aa:b5:d2:9f:54:e1:0d:
cb:e7:fb:b5:20:01:3b:0f:52:25:3c:9f:5f:54:40:5b:bb:bd:
5b:84:25:21:fa:47:12:51:2d:8a:b9:aa:7c:72:13:10:c4:1a:
72:c0:1d:20:32:18:1e:fb:36:d4:47:6a:a6:4d:48:05:65:78:
5a:71:1e:8f:aa:85:7e:0d:f4:04:7d:d2:4b:05:92:89:54:56:
67:54:83:85:c9:c9:88:99:72:a8:13:f2:b7:c5:d5:41:46:b7:
c0:08:62:64:4b:43:e4:4b:e8:ce:a0:b6:67:bd:4a:a4:67:8d:
c4:73:8d:bc:2b:9e:7e:55:a0:4b:2e:fc:a8:9d:dc:e0:6f:62:
5e:77:52:97:db:75:61:5f:dc:99:88:46:31:8d:9a:a4:e0:30:
73:53:08:64:d3:3a:cd:33:23:60:3a:72:95:c8:cd:66:c4:96:
a6:a9:70:2b:2b:75:67:64:fd:46:29:42:27:71:4b:98:d8:17:
b5:60:10:fd:f5:72:72:65:46:c3:90:dd:86:07:29:ee:15:76:
36:52:8b:4c:63:99:04:90:09:b2:6f:7f:6a:ec:e3:02:4d:68:
a1:85:69:da:65:35:a8:44:a7:98:9a:55:9a:55:af:2d:bd:26:
7f:42:3b:f0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/QfVzwDeh8jGpAaVX4Sr8EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTMxMjExMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGYxN2MzZjRiOWU5NmFiZTUyNjc5NmMyODA2MzMwOTc0NDhmZjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF4jJZmtq0RKxYtbG69N9LyrPhrP
pJj/10pC9gb+iaqKwMQw8Zgg+FydDAJg9HF5F94SYBjRO1vY0352Y2hYN9a2eImW
yPjYVum6zI5dlip2qxvW0rs3kqhrMOPEyFxbLpOWptM8J77Ydd/nADIXEGwkIW2D
yiDNiPd4v/5lm4RafPuq8GmBllHG5oUrPUM8MOCddFTwXQwDDmTr7i3RDG7NXksH
jubASkZttD3yCPaKIZayUaGRpWyC+GzOj+VFTI2uUhz+ExbJMg+NFRI5eCMBTh4Z
o2kD8ey/HeEP9TawOsRcON+GEtDy40gHY088kDFjQEpQfR5Fc8xu4dz4bQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKDxfD9Lnpar5SZ5bCgGMwl0SP8DMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvb1BGOFAwdWVscXZsSm5sc0tBWXpDWFJJX3dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFH4ZStNAfhlqJnaqrXS
n1ThDcvn+7UgATsPUiU8n19UQFu7vVuEJSH6RxJRLYq5qnxyExDEGnLAHSAyGB77
NtRHaqZNSAVleFpxHo+qhX4N9AR90ksFkolUVmdUg4XJyYiZcqgT8rfF1UFGt8AI
YmRLQ+RL6M6gtme9SqRnjcRzjbwrnn5VoEsu/Kid3OBvYl53UpfbdWFf3JmIRjGN
mqTgMHNTCGTTOs0zI2A6cpXIzWbElqapcCsrdWdk/UYpQidxS5jYF7VgEP31cnJl
RsOQ3YYHKe4VdjZSi0xjmQSQCbJvf2rs4wJNaKGFadplNahEp5iaVZpVry29Jn9C
O/A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org