Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xIpYqU9IvkMGah0OMiTpnrT4KbM.roa
File: xIpYqU9IvkMGah0OMiTpnrT4KbM.roa (raw, json)
Hash identifier: RZni+O3gAs+IzL3xgqFRAP4jaMOXsAtSQZlmyelbw8I=
Subject key identifier: C4:8A:58:A9:4F:48:BE:43:06:6A:1D:0E:32:24:E9:9E:B4:F8:29:B3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FDBA88DDCA9BD60A00CD2DA855975699D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xIpYqU9IvkMGah0OMiTpnrT4KbM.roa
Signing time: Mon 03 Jun 2024 01:13:27 +0000
ROA not before: Mon 03 Jun 2024 01:13:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 03 Jun 2024 02:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:db:a8:8d:dc:a9:bd:60:a0:0c:d2:da:85:59:75:69:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 3 01:13:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c48a58a94f48be43066a1d0e3224e99eb4f829b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1c:94:b1:f5:b5:5e:9b:1e:15:c7:63:af:1b:
fd:d7:d9:e9:6c:83:92:92:cb:ac:97:05:8e:45:0d:
ae:d1:ce:db:30:aa:58:f3:13:fd:5c:d3:d8:e1:49:
ad:07:85:64:38:a2:a3:8e:46:b6:99:41:ab:d1:1e:
16:e7:08:b4:db:f8:da:4c:b8:fb:0c:74:fe:84:3a:
4c:35:fe:54:81:db:77:7f:b6:d6:12:91:a0:34:f9:
db:49:5e:1f:b8:7b:d0:29:fb:09:04:3d:fc:bc:0f:
3c:7b:3d:86:7c:94:17:89:a0:01:cf:dc:2b:96:d4:
f4:18:1f:ff:18:70:c3:9c:18:f3:1e:2d:9a:ff:57:
bb:26:9b:74:38:46:bb:54:1b:64:37:58:bb:7c:5d:
c8:3b:d1:30:9f:3c:22:28:a5:b2:96:ce:e5:8c:8b:
cd:b3:0e:b7:0c:e1:5c:4b:5e:aa:a9:73:da:4a:d6:
06:9b:3a:85:15:49:f4:e1:d8:5c:ec:cd:e7:b1:41:
84:a9:33:b7:e9:3a:60:cd:4a:80:41:91:95:67:35:
19:4c:4c:97:3e:8a:11:76:41:04:c5:29:e9:19:78:
bb:00:f3:b0:23:d9:aa:70:39:39:e1:aa:65:61:87:
e6:56:44:97:7a:54:63:85:96:72:2d:cf:c6:53:4c:
b1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:8A:58:A9:4F:48:BE:43:06:6A:1D:0E:32:24:E9:9E:B4:F8:29:B3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xIpYqU9IvkMGah0OMiTpnrT4KbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
83:4d:76:7a:50:4d:06:7b:ad:ef:dc:5a:c9:9c:3f:5c:8a:a0:
5e:01:86:39:8f:61:2d:bf:b2:d7:51:26:cb:00:18:9c:56:02:
31:c9:73:ff:6f:4d:df:89:a8:a0:bd:75:13:59:93:c2:19:c7:
49:4b:d0:69:15:a1:d8:3d:3d:23:43:00:a4:ce:04:99:51:c3:
1f:2a:f5:7a:ca:26:5e:e6:78:92:a1:99:9d:1e:11:15:f6:76:
aa:5b:ea:ab:de:bd:b7:17:97:8f:04:f9:46:90:d4:f0:9d:d1:
1f:79:ac:11:17:66:36:9c:be:8f:b9:e8:42:f3:ed:31:07:bf:
c4:ed:54:3e:25:5b:34:a0:00:ae:25:8a:95:79:d2:d9:52:4f:
d0:d4:79:a2:f2:c3:25:b6:b2:a3:46:8a:e8:fa:97:9b:1b:eb:
b9:88:01:18:d9:be:8e:9c:96:f7:75:70:b5:ab:0c:54:4b:18:
84:f8:42:7a:06:38:eb:02:7e:48:6c:47:c5:6d:01:72:1a:9c:
b4:4e:26:c2:ee:b9:61:f8:11:37:fe:61:46:01:95:29:14:d3:
f6:08:8c:5a:b9:b6:ba:ee:1f:be:de:76:b7:4f:b3:3b:a5:d0:
7e:b4:e4:24:c9:2a:b4:55:81:95:90:96:14:d8:d8:ae:93:07:
0b:22:5d:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/bqI3cqb1goAzS2oVZdWmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAzMDExMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDhhNThhOTRmNDhiZTQzMDY2YTFkMGUzMjI0ZTk5ZWI0ZjgyOWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhyUsfW1XpseFcdjrxv919npbIOS
ksuslwWORQ2u0c7bMKpY8xP9XNPY4UmtB4VkOKKjjka2mUGr0R4W5wi02/jaTLj7
DHT+hDpMNf5Ugdt3f7bWEpGgNPnbSV4fuHvQKfsJBD38vA88ez2GfJQXiaABz9wr
ltT0GB//GHDDnBjzHi2a/1e7Jpt0OEa7VBtkN1i7fF3IO9EwnzwiKKWyls7ljIvN
sw63DOFcS16qqXPaStYGmzqFFUn04dhc7M3nsUGEqTO36TpgzUqAQZGVZzUZTEyX
PooRdkEExSnpGXi7APOwI9mqcDk54aplYYfmVkSXelRjhZZyLc/GU0yxKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMSKWKlPSL5DBmodDjIk6Z60+CmzMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveElwWXFVOUl2a01HYWgwT01pVHBuclQ0S2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAINNdnpQTQZ7re/cWsmc
P1yKoF4BhjmPYS2/stdRJssAGJxWAjHJc/9vTd+JqKC9dRNZk8IZx0lL0GkVodg9
PSNDAKTOBJlRwx8q9XrKJl7meJKhmZ0eERX2dqpb6qvevbcXl48E+UaQ1PCd0R95
rBEXZjacvo+56ELz7TEHv8TtVD4lWzSgAK4lipV50tlST9DUeaLywyW2sqNGiuj6
l5sb67mIARjZvo6clvd1cLWrDFRLGIT4QnoGOOsCfkhsR8VtAXIanLROJsLuuWH4
ETf+YUYBlSkU0/YIjFq5trruH77edrdPszul0H605CTJKrRVgZWQlhTY2K6TBwsi
XUU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:15 2024 by rpki-client on console-ams.rpki-client.org