Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/pqet8KUpTr6KhVECrs3FBGBgrmI.roa
File: pqet8KUpTr6KhVECrs3FBGBgrmI.roa (raw, json)
Hash identifier: D1ZD2XO7XKo82iFbSwkNWLrWlc+5b3QOc5c4AJVzzNA=
Subject key identifier: A6:A7:AD:F0:A5:29:4E:BE:8A:85:51:02:AE:CD:C5:04:60:60:AE:62
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190046AEBE4F9725AE6D7D320BF7F700258
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/pqet8KUpTr6KhVECrs3FBGBgrmI.roa
Signing time: Mon 10 Jun 2024 23:10:34 +0000
ROA not before: Mon 10 Jun 2024 23:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 11 Jun 2024 00:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:04:6a:eb:e4:f9:72:5a:e6:d7:d3:20:bf:7f:70:02:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 10 23:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6a7adf0a5294ebe8a855102aecdc5046060ae62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:20:78:88:f1:9c:b8:1d:15:87:a3:57:4a:6e:
06:ce:16:0a:29:a5:c8:40:9b:9f:2a:96:6c:24:51:
71:18:12:d3:ea:61:0a:bf:a8:c2:a8:2e:fc:f5:f5:
9f:e8:ef:53:11:c0:cb:81:c4:22:bd:93:6f:d0:a2:
61:f4:a2:70:c2:7b:81:db:9a:6b:e8:85:c6:fd:df:
1f:10:11:6d:b5:f8:2d:bc:57:55:2e:a2:1c:8a:6e:
1e:c2:be:fe:75:18:72:9f:73:e3:28:74:06:fa:4f:
a8:19:4a:f8:ed:ae:41:6b:3e:86:c0:ea:31:96:e3:
26:4c:7e:ce:3a:79:d8:a6:77:0d:9b:91:a5:48:cd:
c2:f5:e9:9d:f8:d0:f2:94:91:56:45:1b:29:69:1e:
a6:82:64:56:33:5a:8c:8d:d9:7c:ef:c5:c2:64:98:
75:1a:f0:f4:9e:24:a5:bb:f7:95:6c:2b:cf:0e:d0:
c0:f2:af:1f:57:07:a0:d4:75:b9:c0:fd:ba:40:3b:
08:eb:2b:7e:55:e8:dc:88:54:7e:cc:9d:d5:7a:20:
ad:e3:80:1a:f0:47:3f:4d:3c:66:d2:c8:4d:a3:4e:
a4:4a:34:b8:5d:2f:68:1c:44:c6:ad:88:79:1e:59:
ab:69:24:66:47:cf:2b:a8:37:7a:fd:80:24:93:68:
a0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:A7:AD:F0:A5:29:4E:BE:8A:85:51:02:AE:CD:C5:04:60:60:AE:62
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/pqet8KUpTr6KhVECrs3FBGBgrmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5c:8d:62:6e:db:dd:b5:1f:02:0a:43:74:76:a1:79:22:b1:d9:
fe:04:32:20:a2:a8:27:60:9c:bf:a3:68:86:19:3d:c0:10:23:
07:ca:8f:bc:ba:b8:8c:ab:2c:bc:fd:64:8e:36:c3:6d:1c:60:
45:df:85:09:ac:f9:e5:15:ea:0b:81:76:19:7a:c6:68:23:ed:
21:04:50:ef:04:71:c6:74:5a:8a:15:36:74:7f:c6:31:40:54:
87:bc:e5:a6:3b:02:63:46:22:26:ff:f2:16:6f:9b:70:35:e3:
a1:1c:14:de:0b:06:5e:cf:e4:2d:f9:09:bf:52:0a:8f:40:75:
ca:e2:6c:44:c4:23:94:28:e5:69:54:e4:7d:74:85:28:66:96:
5e:94:4e:e6:08:bb:ae:ae:ed:8b:15:71:b9:b3:83:fd:c6:d8:
23:69:eb:26:2c:4d:85:a4:46:3b:1b:0b:b5:dc:c4:d7:31:43:
2b:35:aa:0b:13:9c:5f:5e:0b:92:b5:92:3d:79:bc:e9:5a:5d:
a0:20:ba:fd:36:b6:b0:81:38:b8:36:fb:7c:d6:ea:f8:5f:37:
ca:cc:d5:63:78:b8:ae:44:2f:aa:de:b7:85:79:40:f6:da:91:
e4:d0:4d:a0:25:97:7d:df:eb:a0:03:88:e0:9c:bc:ac:c3:b7:
64:6b:1d:e5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAEauvk+XJa5tfTIL9/cAJYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjEwMjMxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmE3YWRmMGE1Mjk0ZWJlOGE4NTUxMDJhZWNkYzUwNDYwNjBhZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSB4iPGcuB0Vh6NXSm4GzhYKKaXI
QJufKpZsJFFxGBLT6mEKv6jCqC789fWf6O9TEcDLgcQivZNv0KJh9KJwwnuB25pr
6IXG/d8fEBFttfgtvFdVLqIcim4ewr7+dRhyn3PjKHQG+k+oGUr47a5Baz6GwOox
luMmTH7OOnnYpncNm5GlSM3C9emd+NDylJFWRRspaR6mgmRWM1qMjdl878XCZJh1
GvD0niSlu/eVbCvPDtDA8q8fVweg1HW5wP26QDsI6yt+VejciFR+zJ3VeiCt44Aa
8Ec/TTxm0shNo06kSjS4XS9oHETGrYh5HlmraSRmR88rqDd6/YAkk2igvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKanrfClKU6+ioVRAq7NxQRgYK5iMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcHFldDhLVXBUcjZLaFZFQ3JzM0ZCR0Jncm1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFyNYm7b3bUfAgpDdHah
eSKx2f4EMiCiqCdgnL+jaIYZPcAQIwfKj7y6uIyrLLz9ZI42w20cYEXfhQms+eUV
6guBdhl6xmgj7SEEUO8EccZ0WooVNnR/xjFAVIe85aY7AmNGIib/8hZvm3A146Ec
FN4LBl7P5C35Cb9SCo9AdcribETEI5Qo5WlU5H10hShmll6UTuYIu66u7YsVcbmz
g/3G2CNp6yYsTYWkRjsbC7XcxNcxQys1qgsTnF9eC5K1kj15vOlaXaAguv02trCB
OLg2+3zW6vhfN8rM1WN4uK5EL6ret4V5QPbakeTQTaAll33f66ADiOCcvKzDt2Rr
HeU=
-----END CERTIFICATE-----
Generated at Tue Jun 11 01:33:35 2024 by rpki-client on console-ams.rpki-client.org