Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tfPzV7HR5_DWoMUN3f_2Bic5KkA.roa
File: tfPzV7HR5_DWoMUN3f_2Bic5KkA.roa (raw, json)
Hash identifier: oInNqT3wPDNYxi5R2mDcdIPfoD/thy+amJyEolQB2hs=
Subject key identifier: B5:F3:F3:57:B1:D1:E7:F0:D6:A0:C5:0D:DD:FF:F6:06:27:39:2A:40
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FC92C310E7A65F94A7DAAC81397EB10D9
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tfPzV7HR5_DWoMUN3f_2Bic5KkA.roa
Signing time: Thu 30 May 2024 11:04:27 +0000
ROA not before: Thu 30 May 2024 11:04:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:c92b:e523/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 30 May 2024 11:11:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c9:2c:31:0e:7a:65:f9:4a:7d:aa:c8:13:97:eb:10:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 30 11:04:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5f3f357b1d1e7f0d6a0c50dddfff60627392a40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9e:29:66:15:e9:27:7a:55:fa:85:8c:de:e5:
6c:97:16:75:71:ee:fe:4d:b8:ec:65:5e:83:30:fc:
ed:49:65:eb:64:d1:00:27:ee:ea:f2:db:13:67:ea:
12:dc:b7:b6:32:af:55:ae:94:45:03:35:04:a8:54:
5c:95:96:24:6b:10:65:82:d5:2e:a1:0c:34:b3:f8:
99:3c:9d:02:b5:c4:40:19:cb:c7:c2:cb:be:1b:e1:
d1:77:fe:71:0e:82:4e:8e:d9:1f:9a:01:32:d9:79:
6d:dd:48:d8:92:54:72:cb:c9:94:d8:80:a2:ec:50:
0d:3d:e1:2d:0e:e6:44:aa:50:bc:36:5a:4f:30:9c:
8a:c6:d8:c6:68:9e:67:72:3e:85:4e:0f:39:ef:13:
ae:9a:58:93:68:d7:53:55:85:4c:04:e4:42:fd:42:
d1:24:15:3a:64:15:73:70:cb:9b:4a:40:ab:bf:a7:
02:d6:b1:1f:0c:e3:ce:65:f7:ca:b0:49:dc:89:b0:
d0:a8:6e:51:73:34:56:29:e3:be:b0:06:4f:ec:83:
1f:b9:83:f3:3f:3c:61:33:37:2e:8e:46:13:a8:ac:
0a:a3:d6:e3:97:97:c3:ec:e3:38:61:70:00:df:16:
4c:0c:65:4a:bb:b6:b3:45:45:6a:07:eb:c6:87:1a:
31:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:F3:F3:57:B1:D1:E7:F0:D6:A0:C5:0D:DD:FF:F6:06:27:39:2A:40
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tfPzV7HR5_DWoMUN3f_2Bic5KkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2e:13:4b:5e:a5:8a:81:1b:f8:4f:59:a1:d0:90:64:87:e8:c1:
ac:0d:aa:a0:dc:d6:6c:56:81:b5:2d:dd:a7:9b:af:3a:97:d2:
9a:a0:a0:98:62:80:f8:42:29:13:f5:b8:cf:29:9f:64:98:fe:
c6:bb:ee:a6:c6:44:d1:3d:58:d8:e4:36:16:81:99:a7:84:43:
ca:60:db:fe:07:ad:90:06:a9:eb:02:38:1a:c2:c7:a1:a5:da:
a2:68:22:8d:20:37:4f:8d:fa:20:af:51:4d:ec:a5:d9:1a:25:
d1:27:b6:c2:c8:61:01:07:4a:0b:d9:35:33:ab:b3:ea:6d:16:
1d:b0:5b:1b:bf:45:b9:86:7a:01:e3:fc:34:27:09:94:06:63:
d8:ff:6b:90:51:e1:78:1d:c5:e9:79:cc:47:a0:38:78:94:19:
9e:6e:0d:5d:8d:bf:41:bc:26:1e:a6:ae:6f:7f:b6:04:f0:16:
0c:56:ee:6a:ba:00:20:ee:ce:ab:73:0d:48:60:33:9c:89:93:
3b:17:e3:a1:c3:01:58:50:46:04:bf:f2:e3:52:d7:40:d3:c5:
ca:d3:24:c2:5d:6c:43:42:92:d5:de:a5:7f:e9:70:46:d2:ce:
36:f7:11:ed:24:2c:52:e6:3b:c1:99:d8:f1:ed:3c:98:f2:9d:
88:c6:e2:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/JLDEOemX5Sn2qyBOX6xDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTMwMTEwNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWYzZjM1N2IxZDFlN2YwZDZhMGM1MGRkZGZmZjYwNjI3MzkyYTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr54pZhXpJ3pV+oWM3uVslxZ1ce7+
TbjsZV6DMPztSWXrZNEAJ+7q8tsTZ+oS3Le2Mq9VrpRFAzUEqFRclZYkaxBlgtUu
oQw0s/iZPJ0CtcRAGcvHwsu+G+HRd/5xDoJOjtkfmgEy2Xlt3UjYklRyy8mU2ICi
7FANPeEtDuZEqlC8NlpPMJyKxtjGaJ5ncj6FTg857xOumliTaNdTVYVMBORC/ULR
JBU6ZBVzcMubSkCrv6cC1rEfDOPOZffKsEncibDQqG5RczRWKeO+sAZP7IMfuYPz
PzxhMzcujkYTqKwKo9bjl5fD7OM4YXAA3xZMDGVKu7azRUVqB+vGhxoxnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLXz81ex0efw1qDFDd3/9gYnOSpAMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdGZQelY3SFI1X0RXb01VTjNmXzJCaWM1S2tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC4TS16lioEb+E9ZodCQ
ZIfowawNqqDc1mxWgbUt3aebrzqX0pqgoJhigPhCKRP1uM8pn2SY/sa77qbGRNE9
WNjkNhaBmaeEQ8pg2/4HrZAGqesCOBrCx6Gl2qJoIo0gN0+N+iCvUU3spdkaJdEn
tsLIYQEHSgvZNTOrs+ptFh2wWxu/RbmGegHj/DQnCZQGY9j/a5BR4Xgdxel5zEeg
OHiUGZ5uDV2Nv0G8Jh6mrm9/tgTwFgxW7mq6ACDuzqtzDUhgM5yJkzsX46HDAVhQ
RgS/8uNS10DTxcrTJMJdbENCktXepX/pcEbSzjb3Ee0kLFLmO8GZ2PHtPJjynYjG
4ng=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org