Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/p5d86NP_GWbElObByZ5ZBsdTuqc.roa
File: p5d86NP_GWbElObByZ5ZBsdTuqc.roa (raw, json)
Hash identifier: UXtLb2H+y6uvPshwULQootPNuZxt6urvKP1aKnboDcg=
Subject key identifier: A7:97:7C:E8:D3:FF:19:66:C4:94:E6:C1:C9:9E:59:06:C7:53:BA:A7
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FAD859025DF4F5320CCD402B98E3B7063
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/p5d86NP_GWbElObByZ5ZBsdTuqc.roa
Signing time: Sat 25 May 2024 02:12:42 +0000
ROA not before: Sat 25 May 2024 02:12:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 25 May 2024 03:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ad:85:90:25:df:4f:53:20:cc:d4:02:b9:8e:3b:70:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 25 02:12:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7977ce8d3ff1966c494e6c1c99e5906c753baa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:9e:f1:37:e4:cf:eb:52:04:b8:63:23:bb:7b:
f0:9d:d1:0c:9d:03:bf:13:c6:ab:e9:fa:67:62:b6:
46:fd:c8:fe:7e:a3:6e:e0:c6:f0:e2:05:b5:01:2d:
c3:86:d9:7e:f2:cf:3e:19:8b:e1:73:83:c0:d8:16:
fc:58:bf:91:1a:80:45:1f:de:91:4f:68:4e:99:f0:
2e:bc:35:89:34:28:8d:cf:2c:c4:6c:d5:46:c3:78:
77:c9:73:d3:fc:48:18:38:56:f5:2c:21:07:7d:27:
cf:5c:2e:10:e5:37:ce:a0:1e:14:70:79:f7:49:e0:
5a:39:57:5e:66:37:61:dd:57:be:4b:b8:7a:ac:17:
02:f1:fb:1e:f0:b0:34:54:0e:a0:82:e7:56:1e:1a:
79:5e:18:f6:e9:d3:e3:27:89:43:fc:29:57:93:a0:
ca:2f:99:26:8c:0b:e9:0e:9e:0e:0e:a3:d3:f8:93:
5c:1c:55:f9:13:04:17:0b:64:1b:59:2a:96:81:22:
63:0a:9f:ea:a1:be:65:fc:46:d3:18:a4:d9:db:25:
28:b3:0e:c8:a6:07:ec:b6:a5:9b:a4:d6:c0:a7:3e:
81:e2:aa:e1:40:21:1b:b8:b4:b0:a2:23:f3:c9:69:
03:b8:77:d7:a4:2e:a0:40:4a:9e:c9:5f:ef:15:88:
2c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:97:7C:E8:D3:FF:19:66:C4:94:E6:C1:C9:9E:59:06:C7:53:BA:A7
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/p5d86NP_GWbElObByZ5ZBsdTuqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7d:9b:d7:40:57:1b:f9:6b:c7:7d:ea:5d:cb:1f:40:ed:64:19:
91:97:14:8a:57:53:5a:e5:58:bb:e5:82:07:9a:f2:ed:b9:7b:
a0:2d:73:84:6f:78:ab:ce:9d:70:61:55:4c:ae:2f:a5:05:eb:
2e:71:c9:bb:a1:90:a1:7b:78:fe:1c:77:ac:29:09:69:8a:c6:
f6:d1:20:08:25:86:09:e9:7f:d9:50:3e:6c:e4:41:f5:38:6f:
58:73:9b:01:f7:4c:c8:7e:af:39:d5:d4:a5:a5:7a:57:06:49:
9e:4e:73:06:c1:9c:90:a5:26:72:8b:71:fc:18:56:bc:ef:74:
64:12:6f:ad:ce:a0:ad:b5:39:3d:23:0b:1a:28:c9:0f:26:4d:
40:08:54:f3:ca:aa:b7:00:09:f8:ec:53:97:b0:40:48:cb:e4:
bb:ad:71:c8:d3:b4:aa:5e:de:8e:5a:12:0e:42:71:b7:85:28:
f2:de:15:4b:c6:08:bb:68:d1:83:c9:2b:0d:77:dd:6c:68:9d:
40:e1:3a:19:85:3d:df:90:5e:8c:38:57:cb:e5:31:d2:26:42:
36:87:6d:8e:d8:17:08:8d:c6:6c:87:b6:ff:76:cb:6e:9c:d7:
c3:46:12:8f:1b:55:bf:1e:08:75:6c:ef:b6:85:53:22:8e:d1:
91:8c:aa:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+thZAl309TIMzUArmOO3BjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI1MDIxMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzk3N2NlOGQzZmYxOTY2YzQ5NGU2YzFjOTllNTkwNmM3NTNiYWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6p7xN+TP61IEuGMju3vwndEMnQO/
E8ar6fpnYrZG/cj+fqNu4Mbw4gW1AS3Dhtl+8s8+GYvhc4PA2Bb8WL+RGoBFH96R
T2hOmfAuvDWJNCiNzyzEbNVGw3h3yXPT/EgYOFb1LCEHfSfPXC4Q5TfOoB4UcHn3
SeBaOVdeZjdh3Ve+S7h6rBcC8fse8LA0VA6ggudWHhp5Xhj26dPjJ4lD/ClXk6DK
L5kmjAvpDp4ODqPT+JNcHFX5EwQXC2QbWSqWgSJjCp/qob5l/EbTGKTZ2yUosw7I
pgfstqWbpNbApz6B4qrhQCEbuLSwoiPzyWkDuHfXpC6gQEqeyV/vFYgsBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKeXfOjT/xlmxJTmwcmeWQbHU7qnMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcDVkODZOUF9HV2JFbE9iQnlaNVpCc2RUdXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH2b10BXG/lrx33qXcsf
QO1kGZGXFIpXU1rlWLvlggea8u25e6Atc4RveKvOnXBhVUyuL6UF6y5xybuhkKF7
eP4cd6wpCWmKxvbRIAglhgnpf9lQPmzkQfU4b1hzmwH3TMh+rznV1KWlelcGSZ5O
cwbBnJClJnKLcfwYVrzvdGQSb63OoK21OT0jCxooyQ8mTUAIVPPKqrcACfjsU5ew
QEjL5LutccjTtKpe3o5aEg5CcbeFKPLeFUvGCLto0YPJKw133WxonUDhOhmFPd+Q
Xow4V8vlMdImQjaHbY7YFwiNxmyHtv92y26c18NGEo8bVb8eCHVs77aFUyKO0ZGM
qig=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org