Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tPkMVTj4iBOa8NGB1el1Ju8hfwA.roa
File: tPkMVTj4iBOa8NGB1el1Ju8hfwA.roa (raw, json)
Hash identifier: q1O8LvetKX8O9WCiAgXAj1sv6h4oFN15ZD3edWTtsBw=
Subject key identifier: B4:F9:0C:55:38:F8:88:13:9A:F0:D1:81:D5:E9:75:26:EF:21:7F:00
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190035844D8657A22F884D4BCB4B771E9F1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tPkMVTj4iBOa8NGB1el1Ju8hfwA.roa
Signing time: Mon 10 Jun 2024 18:10:34 +0000
ROA not before: Mon 10 Jun 2024 18:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 10 Jun 2024 19:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:03:58:44:d8:65:7a:22:f8:84:d4:bc:b4:b7:71:e9:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 10 18:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4f90c5538f888139af0d181d5e97526ef217f00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5e:31:c7:1a:6e:60:0e:26:6a:38:38:86:43:
bc:93:05:37:d5:db:eb:80:73:bf:64:68:76:07:6d:
59:d3:24:fd:02:d6:7c:b0:e2:8d:ab:cd:e2:34:ac:
86:2f:ad:92:28:3d:ba:b2:82:6a:5a:af:e4:66:70:
7f:f1:a3:be:d7:8f:bb:c3:83:fc:de:0b:26:dd:80:
79:44:21:2c:b2:2a:ce:05:c6:27:6e:35:60:df:a2:
02:54:71:9a:53:bd:6e:90:cc:2d:7b:a5:90:88:49:
29:83:4c:bc:58:8d:67:33:a2:b1:79:88:08:c4:34:
9d:97:20:24:e5:71:64:97:f2:2f:2a:05:db:be:bc:
8a:fa:8e:e4:e6:6d:94:8b:12:e9:a6:c3:c9:25:af:
c6:8d:11:88:83:cc:af:b8:4c:c0:2c:2d:f0:2d:01:
6d:94:0c:d0:02:a0:22:b6:c7:ec:9e:72:2c:e5:a1:
fb:ea:70:94:38:0f:3a:e6:0a:07:95:7d:c7:1e:44:
01:4d:00:56:0d:1e:1c:fe:5e:d5:8a:93:54:f7:1e:
ff:63:e8:b5:28:cb:55:7e:58:1d:5d:f3:71:cf:6f:
a7:fa:27:88:1c:05:df:a3:7e:b1:df:94:e2:63:96:
f1:f1:84:71:dd:4d:30:57:e4:32:a5:66:a1:5c:8a:
98:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F9:0C:55:38:F8:88:13:9A:F0:D1:81:D5:E9:75:26:EF:21:7F:00
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tPkMVTj4iBOa8NGB1el1Ju8hfwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
68:91:d9:0a:ad:9a:78:38:bd:92:43:52:7d:73:4f:a8:88:88:
08:55:5f:57:23:b0:b4:cf:a2:09:47:3a:72:77:98:1d:56:0e:
c4:ee:58:57:4d:89:60:98:c9:5e:6c:6a:95:e4:13:17:fa:71:
42:27:bb:64:25:79:79:53:4d:e6:be:94:98:96:40:e9:4a:17:
ac:ad:bd:bb:c1:33:c5:3a:87:f6:46:5b:d5:a6:75:b3:76:32:
ba:7c:5d:21:53:cf:1c:0e:d7:11:ac:1d:1f:c6:5c:c6:c1:e5:
05:8b:67:17:e7:7b:2d:68:a6:f2:00:17:22:18:7c:d6:9f:97:
70:99:d0:8b:f5:06:d8:c5:3d:9b:19:f9:4a:76:43:44:2d:3a:
b0:1b:b4:e0:03:d0:19:f3:78:86:29:42:17:e3:a0:70:17:ab:
2e:28:9f:c3:f1:9d:f9:40:2e:0f:cd:69:51:56:a0:b8:79:e5:
4f:b1:4b:ff:b3:02:81:30:a6:86:04:e1:38:7a:c4:e1:27:0a:
94:5f:e1:c8:39:08:ee:10:ec:84:22:5e:47:8c:c0:b6:8d:a9:
91:ba:52:9c:83:8a:73:78:9a:66:2c:08:4f:2f:0e:a2:7d:4d:
fa:62:41:f9:d4:75:e0:9e:d1:aa:00:da:0c:20:05:52:eb:c2:
d5:62:da:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZADWETYZXoi+ITUvLS3cenxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjEwMTgxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGY5MGM1NTM4Zjg4ODEzOWFmMGQxODFkNWU5NzUyNmVmMjE3ZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyl4xxxpuYA4majg4hkO8kwU31dvr
gHO/ZGh2B21Z0yT9AtZ8sOKNq83iNKyGL62SKD26soJqWq/kZnB/8aO+14+7w4P8
3gsm3YB5RCEssirOBcYnbjVg36ICVHGaU71ukMwte6WQiEkpg0y8WI1nM6KxeYgI
xDSdlyAk5XFkl/IvKgXbvryK+o7k5m2UixLppsPJJa/GjRGIg8yvuEzALC3wLQFt
lAzQAqAitsfsnnIs5aH76nCUOA865goHlX3HHkQBTQBWDR4c/l7VipNU9x7/Y+i1
KMtVflgdXfNxz2+n+ieIHAXfo36x35TiY5bx8YRx3U0wV+QypWahXIqYQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLT5DFU4+IgTmvDRgdXpdSbvIX8AMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdFBrTVZUajRpQk9hOE5HQjFlbDFKdThoZndBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGiR2Qqtmng4vZJDUn1z
T6iIiAhVX1cjsLTPoglHOnJ3mB1WDsTuWFdNiWCYyV5sapXkExf6cUInu2QleXlT
Tea+lJiWQOlKF6ytvbvBM8U6h/ZGW9WmdbN2Mrp8XSFTzxwO1xGsHR/GXMbB5QWL
Zxfney1opvIAFyIYfNafl3CZ0Iv1BtjFPZsZ+Up2Q0QtOrAbtOAD0BnzeIYpQhfj
oHAXqy4on8PxnflALg/NaVFWoLh55U+xS/+zAoEwpoYE4Th6xOEnCpRf4cg5CO4Q
7IQiXkeMwLaNqZG6UpyDinN4mmYsCE8vDqJ9TfpiQfnUdeCe0aoA2gwgBVLrwtVi
2qg=
-----END CERTIFICATE-----
Generated at Mon Jun 10 22:36:10 2024 by rpki-client on console-ams.rpki-client.org