Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ozSQ-6K2y8YBJbop-hiDOsxA2eA.roa
File: ozSQ-6K2y8YBJbop-hiDOsxA2eA.roa (raw, json)
Hash identifier: wwktGVNpy/zmD3xIuzNgOJM+pOLSVEq8745Wz4mewXA=
Subject key identifier: A3:34:90:FB:A2:B6:CB:C6:01:25:BA:29:FA:18:83:3A:CC:40:D9:E0
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01903EC93E61ACD0CB670EF8AD7089C37700
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ozSQ-6K2y8YBJbop-hiDOsxA2eA.roa
Signing time: Sat 22 Jun 2024 07:11:34 +0000
ROA not before: Sat 22 Jun 2024 07:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 22 Jun 2024 08:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3e:c9:3e:61:ac:d0:cb:67:0e:f8:ad:70:89:c3:77:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 22 07:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a33490fba2b6cbc60125ba29fa18833acc40d9e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:43:18:11:26:15:08:7d:5a:a2:96:8c:52:ce:
6e:f6:c9:79:c7:af:a1:1e:73:33:ae:20:6a:e1:cc:
5c:a3:86:50:d9:92:8b:59:58:97:1e:29:5d:70:80:
f0:f2:c6:87:16:4e:b1:13:a7:dd:2b:36:2c:cd:32:
2a:ea:32:aa:fd:89:34:21:f2:c7:39:2a:8b:27:a1:
77:7a:d3:0b:bb:a1:0e:e7:5c:58:10:85:62:fa:87:
f8:b8:d5:71:a5:3c:82:b9:72:8a:d9:04:8b:33:25:
76:d6:fc:9a:8c:76:26:fe:96:17:71:2f:8f:9a:51:
71:db:7e:5b:13:b6:6b:35:41:d8:96:41:8f:99:87:
be:98:41:79:9e:da:16:1a:50:a9:62:cc:66:c5:0b:
10:8d:87:3f:1d:ed:40:78:f3:e6:60:23:70:89:9a:
cb:af:a2:dd:59:9f:bb:0f:a7:40:cd:02:b9:62:7c:
91:90:82:08:a3:f7:d1:08:90:48:85:59:8e:25:f1:
e8:6f:44:b7:28:0b:f6:c1:c5:bd:33:86:bd:1f:06:
e7:46:0b:04:e2:5e:e0:02:fa:5c:0b:4e:2b:4c:58:
98:ab:29:3c:56:73:01:01:b9:38:57:20:5f:3b:2e:
0e:cb:23:73:b0:fd:00:df:a9:0b:26:ec:52:da:06:
be:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:34:90:FB:A2:B6:CB:C6:01:25:BA:29:FA:18:83:3A:CC:40:D9:E0
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ozSQ-6K2y8YBJbop-hiDOsxA2eA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1f:c6:45:77:08:26:ab:00:25:4c:38:96:7a:30:ef:1a:9e:be:
4d:08:81:ab:38:ce:81:6e:e2:1b:b6:95:58:c1:b1:07:ed:96:
7c:44:b7:1e:b5:19:2a:e6:63:66:0c:4e:f5:60:b4:ab:58:20:
59:4d:6d:b9:91:fd:9f:49:4e:f8:2c:05:a4:65:04:89:35:ed:
1c:c4:20:8d:86:37:a3:35:fa:db:6f:26:97:71:c2:d1:e0:cc:
ae:20:40:35:c2:09:d3:d6:b4:50:8c:0f:1c:11:76:a7:18:72:
c7:42:50:ca:d8:5a:4a:e5:37:3e:4f:c2:5f:c3:14:41:62:ae:
fc:cd:2b:49:1c:46:ab:e1:11:f5:35:bd:00:5b:e9:54:9d:eb:
47:08:72:52:0b:14:5a:42:ab:e8:a4:4f:a1:e2:5e:4a:7e:76:
a8:b8:1c:b8:d0:06:c9:cf:4f:79:45:39:d9:8d:56:86:63:d8:
8a:8c:99:56:11:21:18:73:d8:d6:aa:04:80:a1:66:0c:cd:4a:
92:06:7d:b2:a2:0c:f5:d3:b1:d1:73:2d:38:13:d9:f8:01:3d:
e5:52:af:5f:21:a9:a4:32:fe:e0:36:15:1f:4e:9a:fa:33:af:
94:b4:c4:dd:d0:4d:d8:77:62:09:45:57:91:23:5e:ac:94:b0:
d9:cd:a2:40
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZA+yT5hrNDLZw74rXCJw3cAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIyMDcxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzM0OTBmYmEyYjZjYmM2MDEyNWJhMjlmYTE4ODMzYWNjNDBkOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUMYESYVCH1aopaMUs5u9sl5x6+h
HnMzriBq4cxco4ZQ2ZKLWViXHildcIDw8saHFk6xE6fdKzYszTIq6jKq/Yk0IfLH
OSqLJ6F3etMLu6EO51xYEIVi+of4uNVxpTyCuXKK2QSLMyV21vyajHYm/pYXcS+P
mlFx235bE7ZrNUHYlkGPmYe+mEF5ntoWGlCpYsxmxQsQjYc/He1AePPmYCNwiZrL
r6LdWZ+7D6dAzQK5YnyRkIIIo/fRCJBIhVmOJfHob0S3KAv2wcW9M4a9HwbnRgsE
4l7gAvpcC04rTFiYqyk8VnMBAbk4VyBfOy4OyyNzsP0A36kLJuxS2ga+0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKM0kPuitsvGASW6KfoYgzrMQNngMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvb3pTUS02SzJ5OFlCSmJvcC1oaURPc3hBMmVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB/GRXcIJqsAJUw4lnow
7xqevk0Igas4zoFu4hu2lVjBsQftlnxEtx61GSrmY2YMTvVgtKtYIFlNbbmR/Z9J
TvgsBaRlBIk17RzEII2GN6M1+ttvJpdxwtHgzK4gQDXCCdPWtFCMDxwRdqcYcsdC
UMrYWkrlNz5Pwl/DFEFirvzNK0kcRqvhEfU1vQBb6VSd60cIclILFFpCq+ikT6Hi
Xkp+dqi4HLjQBsnPT3lFOdmNVoZj2IqMmVYRIRhz2NaqBIChZgzNSpIGfbKiDPXT
sdFzLTgT2fgBPeVSr18hqaQy/uA2FR9Omvozr5S0xN3QTdh3YglFV5EjXqyUsNnN
okA=
-----END CERTIFICATE-----
Generated at Sat Jun 22 10:18:29 2024 by rpki-client on console-fra.rpki-client.org