Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xF2uziCyP-DctvF940aL5NTjkZA.roa
File: xF2uziCyP-DctvF940aL5NTjkZA.roa (raw, json)
Hash identifier: PZ8VRKGgTT99IVzFgC3MZWnTf/w4J/24GqroLNc6/o8=
Subject key identifier: C4:5D:AE:CE:20:B2:3F:E0:DC:B6:F1:7D:E3:46:8B:E4:D4:E3:91:90
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019020860D64D0728AC3E8489A0FA30347A9
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xF2uziCyP-DctvF940aL5NTjkZA.roa
Signing time: Sun 16 Jun 2024 10:09:34 +0000
ROA not before: Sun 16 Jun 2024 10:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 16 Jun 2024 11:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:20:86:0d:64:d0:72:8a:c3:e8:48:9a:0f:a3:03:47:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 16 10:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c45daece20b23fe0dcb6f17de3468be4d4e39190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c9:33:33:43:15:ff:8e:ff:57:0b:04:66:52:
84:62:4e:a1:50:42:7c:c5:32:70:f0:3c:e3:3b:4d:
5d:28:d8:2d:84:fa:80:dd:27:5e:1d:1b:47:81:cf:
9d:b7:48:2b:e6:1b:4a:23:39:c9:43:b7:14:39:01:
e9:45:69:09:00:8d:66:07:f7:84:df:4c:74:6f:f9:
88:66:38:19:46:20:c6:ae:ac:e3:f3:a0:53:ca:14:
93:29:f6:80:98:dc:e0:16:3b:f1:5b:b2:de:9e:0b:
61:8b:a3:72:94:91:87:60:3c:31:f7:26:32:10:76:
fa:c4:72:9f:1f:b7:37:da:67:e8:a0:1a:0d:af:bb:
cd:2c:56:5a:47:67:28:a9:7c:85:ce:34:88:3e:f3:
5b:92:a9:43:f3:58:ef:9c:1c:56:ff:a8:34:67:3c:
d3:32:2e:c4:5a:43:b3:c6:4e:e5:41:11:ed:bd:ac:
b4:db:b6:93:5b:a3:d9:99:dc:31:a3:55:f3:8d:4a:
26:9e:18:13:f8:cb:eb:ba:ba:96:cd:df:82:e1:e3:
03:a4:4d:09:16:5f:77:b7:f1:93:73:3e:1f:a7:ad:
6b:fb:42:bb:cf:01:e6:1e:d0:60:2b:0e:01:f7:8d:
b4:d2:ce:86:5a:7e:d5:59:c4:47:4c:ec:7b:68:bb:
7d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:5D:AE:CE:20:B2:3F:E0:DC:B6:F1:7D:E3:46:8B:E4:D4:E3:91:90
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xF2uziCyP-DctvF940aL5NTjkZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
91:0e:a2:7b:cd:cc:0f:db:05:0f:28:1d:80:8f:f3:95:5a:96:
39:1c:f3:34:f1:a0:33:a8:31:0b:ec:48:18:05:7c:65:07:43:
6c:56:68:58:06:7b:86:ee:2d:bd:5f:b5:ab:64:bb:5a:ac:e2:
57:61:5c:60:8b:43:4b:63:b2:16:f2:d4:aa:7e:21:5e:ed:4a:
9c:ee:ef:6a:2b:9e:a0:9f:51:c1:fa:f3:0a:25:d5:2e:ec:11:
e7:9b:25:82:81:ef:d8:da:c6:82:f7:c3:01:64:d3:03:f5:82:
81:7a:4f:e9:3a:d8:c7:a9:56:a5:7b:5b:e9:e8:82:2d:6d:16:
53:ff:38:6a:18:7f:15:9b:ef:b8:a7:95:77:89:16:81:81:94:
5c:60:27:23:44:18:9c:fb:84:c9:50:ea:89:ef:2c:dd:e0:46:
11:4d:f5:ee:f1:64:19:42:81:db:ef:4e:ce:ce:34:75:45:2b:
32:2b:36:6f:be:c4:23:86:37:cb:dc:6b:3f:be:71:e2:2b:1d:
1d:4e:aa:07:b3:f1:70:55:b7:7d:27:a0:78:5d:57:d8:f7:dc:
ed:6e:05:28:07:60:a2:af:6b:24:7a:0a:4b:fd:6f:59:af:32:
3d:80:73:12:42:75:1f:86:85:8b:54:00:c0:75:7e:8f:55:45:
84:e4:9f:92
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAghg1k0HKKw+hImg+jA0epMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE2MTAwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDVkYWVjZTIwYjIzZmUwZGNiNmYxN2RlMzQ2OGJlNGQ0ZTM5MTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqckzM0MV/47/VwsEZlKEYk6hUEJ8
xTJw8DzjO01dKNgthPqA3SdeHRtHgc+dt0gr5htKIznJQ7cUOQHpRWkJAI1mB/eE
30x0b/mIZjgZRiDGrqzj86BTyhSTKfaAmNzgFjvxW7Lengthi6NylJGHYDwx9yYy
EHb6xHKfH7c32mfooBoNr7vNLFZaR2coqXyFzjSIPvNbkqlD81jvnBxW/6g0ZzzT
Mi7EWkOzxk7lQRHtvay027aTW6PZmdwxo1XzjUomnhgT+MvrurqWzd+C4eMDpE0J
Fl93t/GTcz4fp61r+0K7zwHmHtBgKw4B94200s6GWn7VWcRHTOx7aLt9dQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMRdrs4gsj/g3LbxfeNGi+TU45GQMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveEYydXppQ3lQLURjdHZGOTQwYUw1TlRqa1pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJEOonvNzA/bBQ8oHYCP
85Valjkc8zTxoDOoMQvsSBgFfGUHQ2xWaFgGe4buLb1ftatku1qs4ldhXGCLQ0tj
shby1Kp+IV7tSpzu72ornqCfUcH68wol1S7sEeebJYKB79jaxoL3wwFk0wP1goF6
T+k62MepVqV7W+nogi1tFlP/OGoYfxWb77inlXeJFoGBlFxgJyNEGJz7hMlQ6onv
LN3gRhFN9e7xZBlCgdvvTs7ONHVFKzIrNm++xCOGN8vcaz++ceIrHR1Oqgez8XBV
t30noHhdV9j33O1uBSgHYKKvayR6Ckv9b1mvMj2AcxJCdR+GhYtUAMB1fo9VRYTk
n5I=
-----END CERTIFICATE-----
Generated at Sun Jun 16 13:06:21 2024 by rpki-client on console-fra.rpki-client.org