Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wn9Q_G1j3eFMaXjz9oxDACLfqOs.roa
File: wn9Q_G1j3eFMaXjz9oxDACLfqOs.roa (raw, json)
Hash identifier: Qb1p8cl9xTgCH25avLfcVffEFhQxPhBpTisXancZB6o=
Subject key identifier: C2:7F:50:FC:6D:63:DD:E1:4C:69:78:F3:F6:8C:43:00:22:DF:A8:EB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FDA9410D70B4539DD61BF199B0FD3DCC7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wn9Q_G1j3eFMaXjz9oxDACLfqOs.roa
Signing time: Sun 02 Jun 2024 20:11:27 +0000
ROA not before: Sun 02 Jun 2024 20:11:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 02 Jun 2024 21:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:da:94:10:d7:0b:45:39:dd:61:bf:19:9b:0f:d3:dc:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 2 20:11:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c27f50fc6d63dde14c6978f3f68c430022dfa8eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d3:d0:f0:79:aa:2c:ef:46:71:5c:6b:b1:b4:
24:26:f5:f6:50:ca:b7:60:62:1d:02:4b:4f:2d:eb:
bd:33:06:65:85:5e:e9:37:0e:92:44:16:5f:51:45:
38:b6:59:97:db:a4:36:81:8e:48:04:61:42:5b:0b:
fa:20:ed:37:01:be:b3:bd:86:06:54:d5:ce:34:44:
c7:89:7a:ab:5f:e4:b7:96:60:fa:bc:a7:e1:ed:24:
01:cc:b2:62:20:f0:a4:a2:58:53:57:ba:c9:e2:fe:
f6:ce:8d:a6:b2:1d:83:06:84:4e:b9:15:6c:81:e6:
c3:67:e0:97:b0:1c:ee:e2:13:c2:f3:fb:21:c1:f3:
4c:49:38:0e:68:03:58:98:c8:86:75:89:91:c4:be:
63:55:f0:90:7e:d5:08:66:e3:1f:21:1a:0d:53:11:
b8:cd:ec:12:6c:28:23:d0:06:70:7f:7b:67:67:8c:
d3:59:02:81:d7:ef:a6:44:88:06:ce:b8:96:3f:63:
82:ad:3a:01:96:e8:2c:9f:60:c8:84:86:1e:43:71:
10:5d:89:fc:c1:ad:ce:fc:2f:ab:38:47:5c:b7:a3:
2a:e4:ef:94:a9:34:c6:de:07:1a:90:53:9a:9d:7a:
11:1a:34:0b:1f:c4:e4:4a:d7:4e:c9:47:5a:6f:04:
e9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:7F:50:FC:6D:63:DD:E1:4C:69:78:F3:F6:8C:43:00:22:DF:A8:EB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wn9Q_G1j3eFMaXjz9oxDACLfqOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:d8:2c:21:8b:8d:c5:15:bd:ba:84:b5:36:28:87:10:7e:9f:
bb:d1:83:9e:da:b5:31:58:da:eb:4a:8c:ca:98:f3:32:15:47:
35:11:71:bf:59:28:cd:d1:f7:50:5a:53:b2:ca:54:a4:26:c5:
f5:de:50:8d:74:5a:d9:5e:6c:4c:54:e2:2d:95:02:6b:9a:93:
0e:03:f9:f7:48:e2:0f:6c:55:fc:eb:0e:1d:5b:5f:0a:9c:ed:
bb:bb:4c:bc:4a:44:05:a0:36:17:b2:d6:2d:8f:0d:1b:0e:3f:
d2:29:97:8c:88:55:dc:54:1a:b4:86:87:1b:18:7f:81:3d:6c:
b7:23:1a:bd:1b:74:2c:68:7d:ab:5f:72:23:06:51:49:f2:5e:
2e:03:be:b5:b0:35:68:ab:03:fa:d8:af:d9:0d:00:87:93:63:
66:a9:91:bf:03:2d:41:a2:e7:3a:15:03:f0:72:5d:41:20:ac:
91:1a:3a:e1:10:7c:26:9f:e6:04:d0:9b:dd:37:c4:54:b2:e6:
28:2e:08:d6:a7:74:ef:40:b5:3a:90:eb:e7:47:f7:76:1e:2c:
c0:ff:db:17:c4:99:86:57:7e:eb:b5:e9:db:0f:6d:56:0b:67:
d1:61:d0:d2:e5:fa:9a:a6:93:bc:ae:cf:71:bc:51:90:81:8c:
1c:04:e8:c1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/alBDXC0U53WG/GZsP09zHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAyMjAxMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjdmNTBmYzZkNjNkZGUxNGM2OTc4ZjNmNjhjNDMwMDIyZGZhOGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9PQ8HmqLO9GcVxrsbQkJvX2UMq3
YGIdAktPLeu9MwZlhV7pNw6SRBZfUUU4tlmX26Q2gY5IBGFCWwv6IO03Ab6zvYYG
VNXONETHiXqrX+S3lmD6vKfh7SQBzLJiIPCkolhTV7rJ4v72zo2msh2DBoROuRVs
gebDZ+CXsBzu4hPC8/shwfNMSTgOaANYmMiGdYmRxL5jVfCQftUIZuMfIRoNUxG4
zewSbCgj0AZwf3tnZ4zTWQKB1++mRIgGzriWP2OCrToBlugsn2DIhIYeQ3EQXYn8
wa3O/C+rOEdct6Mq5O+UqTTG3gcakFOanXoRGjQLH8TkStdOyUdabwTpSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMJ/UPxtY93hTGl48/aMQwAi36jrMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvd245UV9HMWozZUZNYVhqejlveERBQ0xmcU9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABjYLCGLjcUVvbqEtTYo
hxB+n7vRg57atTFY2utKjMqY8zIVRzURcb9ZKM3R91BaU7LKVKQmxfXeUI10Wtle
bExU4i2VAmuakw4D+fdI4g9sVfzrDh1bXwqc7bu7TLxKRAWgNhey1i2PDRsOP9Ip
l4yIVdxUGrSGhxsYf4E9bLcjGr0bdCxofatfciMGUUnyXi4DvrWwNWirA/rYr9kN
AIeTY2apkb8DLUGi5zoVA/ByXUEgrJEaOuEQfCaf5gTQm903xFSy5iguCNandO9A
tTqQ6+dH93YeLMD/2xfEmYZXfuu16dsPbVYLZ9Fh0NLl+pqmk7yuz3G8UZCBjBwE
6ME=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:15 2024 by rpki-client on console-ams.rpki-client.org