Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/s2IKgEuuIoWVsDlmSTTwB1c8a0c.roa
File: s2IKgEuuIoWVsDlmSTTwB1c8a0c.roa (raw, json)
Hash identifier: pEGs1sOoAcaqSa2T4awwivP5afXRtEVoXlb6V/qB+no=
Subject key identifier: B3:62:0A:80:4B:AE:22:85:95:B0:39:66:49:34:F0:07:57:3C:6B:47
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FE05F38D55FB95DA5F5EB1B3F06C19F9F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/s2IKgEuuIoWVsDlmSTTwB1c8a0c.roa
Signing time: Mon 03 Jun 2024 23:11:27 +0000
ROA not before: Mon 03 Jun 2024 23:11:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Jun 2024 00:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e0:5f:38:d5:5f:b9:5d:a5:f5:eb:1b:3f:06:c1:9f:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 3 23:11:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3620a804bae228595b039664934f007573c6b47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:56:22:a4:a8:95:e3:60:1c:c1:46:e5:42:a5:
53:d8:0b:2b:05:c8:92:f2:2a:32:ab:cd:f7:67:98:
d4:66:ee:ac:10:b4:2c:d2:75:56:c9:b0:9b:57:14:
d1:cf:96:51:c3:f7:0b:8c:c1:d5:e9:a4:0e:9a:88:
cf:b4:9e:91:4c:f2:a0:b6:75:3d:29:46:3c:07:72:
86:21:93:27:5e:18:60:ff:ac:88:a0:5b:a6:e7:bd:
93:e5:f6:7a:1f:57:e7:a8:c2:14:23:eb:27:2c:c0:
70:4d:fe:81:fb:1b:ed:9b:7f:9d:01:d8:88:a6:0e:
d9:6d:6f:77:b0:91:ce:15:2d:5b:c0:7e:2e:be:38:
15:88:ea:92:0e:e7:e6:44:87:e8:ab:46:3a:a4:c8:
cc:84:8c:94:91:df:e7:28:bb:c5:30:53:98:12:c8:
d0:d2:8e:b7:af:06:b2:07:55:1a:23:b9:72:e8:e3:
52:7b:dc:1b:9e:01:c6:bf:07:4a:9f:4e:c8:68:71:
4f:6f:c0:30:b8:92:90:0d:0b:ff:7d:6a:91:87:35:
fc:4e:2a:cc:39:77:23:96:bd:56:2f:dd:d7:6c:cc:
ec:17:43:14:1d:44:a8:32:e6:ab:fb:d3:1f:59:d0:
a7:d9:eb:f1:3a:1d:92:a0:3f:a6:ad:fd:9a:a0:a8:
23:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:62:0A:80:4B:AE:22:85:95:B0:39:66:49:34:F0:07:57:3C:6B:47
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/s2IKgEuuIoWVsDlmSTTwB1c8a0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:4c:1d:25:bb:00:27:ec:68:e5:67:e8:01:f3:19:87:92:1b:
5f:df:ad:0e:c3:74:75:00:2c:be:2e:80:f0:63:b6:54:00:26:
6b:b8:63:68:4f:9b:6f:eb:80:75:34:ab:55:2b:21:6f:98:c6:
2d:b3:a7:7a:64:d9:70:c9:18:8f:c2:b3:a6:a1:94:2d:8f:ff:
b3:96:eb:fa:32:44:10:e1:95:f7:85:c3:67:92:51:ea:6e:22:
16:0f:80:64:9e:40:45:e9:4c:ef:8f:65:0a:07:b5:fa:cd:b1:
59:5b:1c:e0:77:fa:48:39:f7:da:c8:6f:69:73:cf:68:ae:c9:
a2:85:35:01:81:ed:f3:53:9c:04:6c:33:e1:dd:e3:6c:fd:6c:
80:72:b6:6b:c4:96:42:cf:7c:21:50:54:e6:86:49:1a:89:a3:
62:fe:7c:8d:d8:1e:5e:42:9b:6a:24:58:33:f5:fc:20:9b:98:
b6:b1:3b:f8:6e:f2:54:a9:d8:5b:73:00:63:7e:d5:50:ab:04:
1a:35:1c:ce:16:05:1b:da:5b:42:6c:1c:7d:ff:ce:1d:5a:45:
70:51:48:d1:9b:2a:49:af:11:71:fa:ee:44:24:15:2d:17:18:
ef:8c:31:9e:06:d1:90:08:0a:3f:4c:3a:60:22:9d:8f:66:d4:
ff:e6:4b:9b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/gXzjVX7ldpfXrGz8GwZ+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAzMjMxMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzYyMGE4MDRiYWUyMjg1OTViMDM5NjY0OTM0ZjAwNzU3M2M2YjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVYipKiV42AcwUblQqVT2AsrBciS
8ioyq833Z5jUZu6sELQs0nVWybCbVxTRz5ZRw/cLjMHV6aQOmojPtJ6RTPKgtnU9
KUY8B3KGIZMnXhhg/6yIoFum572T5fZ6H1fnqMIUI+snLMBwTf6B+xvtm3+dAdiI
pg7ZbW93sJHOFS1bwH4uvjgViOqSDufmRIfoq0Y6pMjMhIyUkd/nKLvFMFOYEsjQ
0o63rwayB1UaI7ly6ONSe9wbngHGvwdKn07IaHFPb8AwuJKQDQv/fWqRhzX8TirM
OXcjlr1WL93XbMzsF0MUHUSoMuar+9MfWdCn2evxOh2SoD+mrf2aoKgjlwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLNiCoBLriKFlbA5Zkk08AdXPGtHMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvczJJS2dFdXVJb1dWc0RsbVNUVHdCMWM4YTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADtMHSW7ACfsaOVn6AHz
GYeSG1/frQ7DdHUALL4ugPBjtlQAJmu4Y2hPm2/rgHU0q1UrIW+Yxi2zp3pk2XDJ
GI/Cs6ahlC2P/7OW6/oyRBDhlfeFw2eSUepuIhYPgGSeQEXpTO+PZQoHtfrNsVlb
HOB3+kg599rIb2lzz2iuyaKFNQGB7fNTnARsM+Hd42z9bIBytmvElkLPfCFQVOaG
SRqJo2L+fI3YHl5Cm2okWDP1/CCbmLaxO/hu8lSp2FtzAGN+1VCrBBo1HM4WBRva
W0JsHH3/zh1aRXBRSNGbKkmvEXH67kQkFS0XGO+MMZ4G0ZAICj9MOmAinY9m1P/m
S5s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:15 2024 by rpki-client on console-ams.rpki-client.org