Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xd_uqecKYt2a66NwczhWOi-3-Zo.roa
File: xd_uqecKYt2a66NwczhWOi-3-Zo.roa (raw, json)
Hash identifier: NBNAyv3XROFE+ZRtb+UlOS4oHiGfxHe+nooO0GCvLz4=
Subject key identifier: C5:DF:EE:A9:E7:0A:62:DD:9A:EB:A3:70:73:38:56:3A:2F:B7:F9:9A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FD5A4A2D622C8A4C2F91675AD4A479BD1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xd_uqecKYt2a66NwczhWOi-3-Zo.roa
Signing time: Sat 01 Jun 2024 21:11:27 +0000
ROA not before: Sat 01 Jun 2024 21:11:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 01 Jun 2024 22:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d5:a4:a2:d6:22:c8:a4:c2:f9:16:75:ad:4a:47:9b:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 1 21:11:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5dfeea9e70a62dd9aeba3707338563a2fb7f99a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:f0:3b:d9:46:c4:6e:95:85:a0:34:d2:06:fb:
bf:c9:0f:20:9e:fc:9a:44:f9:ba:0f:dc:c2:1c:ed:
57:9b:db:a5:20:6e:48:ac:7b:71:cd:ef:8d:4f:d9:
5b:a0:16:3e:12:91:48:9d:84:1b:eb:f5:66:63:3d:
3f:29:2f:11:71:ae:17:88:84:25:cf:74:6c:dc:91:
82:11:99:bf:0b:17:49:09:d7:b4:04:cf:2a:b1:3c:
54:14:f5:f5:4a:3c:b3:5a:a7:2f:9e:61:35:3b:1c:
2e:64:52:02:cd:ab:db:40:d0:4c:0b:27:a5:8e:18:
97:a2:17:32:54:4e:a2:6e:61:ec:da:cc:51:57:78:
1a:a9:bb:e5:51:2a:1c:bc:5b:c7:6d:51:89:8f:f3:
1f:8b:63:83:a9:65:58:09:76:36:ee:f2:ed:34:6b:
04:a8:ae:65:01:e5:0b:2d:df:54:01:27:45:b4:44:
63:10:54:fc:17:18:c1:f9:cf:b7:e6:8b:e3:b7:75:
82:64:84:53:6b:7d:c9:3b:51:3a:b5:0a:8d:51:43:
74:82:6b:35:47:01:98:f5:a4:cf:23:4b:bf:bc:e0:
10:87:91:c0:4c:13:53:a8:8b:8f:4e:90:3d:52:88:
72:8a:b3:f8:52:5c:dc:52:f2:de:f7:24:04:bc:59:
91:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:DF:EE:A9:E7:0A:62:DD:9A:EB:A3:70:73:38:56:3A:2F:B7:F9:9A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xd_uqecKYt2a66NwczhWOi-3-Zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
05:bd:97:dc:42:19:de:9e:6e:bb:fb:6f:85:e9:4f:f3:d3:fc:
8f:e1:a8:ce:61:24:ec:be:58:0d:73:03:fe:0a:43:31:1c:ba:
72:cd:82:d3:a5:0c:cc:ed:0d:76:f9:04:c5:a0:68:69:6f:a6:
85:8f:2b:03:c0:f1:3f:b1:e8:4e:5a:59:a3:d9:3b:70:e3:07:
9c:fa:ce:8f:62:09:86:5c:8c:6b:ff:81:8d:5e:68:2e:53:a2:
0f:00:a3:41:81:f7:f2:e3:c0:47:f4:6d:13:fa:7c:da:2b:29:
fc:f3:4b:8a:42:b7:04:36:49:a9:2d:31:0f:fa:24:61:8e:5f:
04:9c:50:03:4e:66:c5:d5:48:0e:fb:b6:89:c7:a4:f0:67:88:
17:0a:6f:e2:20:32:00:60:c1:a3:d5:90:d0:ba:80:17:17:bc:
6e:33:1d:1c:39:de:b8:d2:74:6b:79:1c:c2:0b:d1:90:97:c6:
25:c4:ea:81:b3:e8:65:03:eb:bc:eb:b6:14:c6:d0:62:79:af:
67:73:7a:ec:90:cd:74:7b:77:aa:f6:c9:ca:90:2d:a8:15:87:
21:30:65:87:73:27:dc:90:48:6d:b1:b3:4c:20:c0:df:02:a8:
b1:4f:39:b2:e9:f4:87:5b:a8:0b:3c:bb:f5:59:df:db:28:4d:
08:d8:5a:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/VpKLWIsikwvkWda1KR5vRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAxMjExMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWRmZWVhOWU3MGE2MmRkOWFlYmEzNzA3MzM4NTYzYTJmYjdmOTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9fA72UbEbpWFoDTSBvu/yQ8gnvya
RPm6D9zCHO1Xm9ulIG5IrHtxze+NT9lboBY+EpFInYQb6/VmYz0/KS8Rca4XiIQl
z3Rs3JGCEZm/CxdJCde0BM8qsTxUFPX1SjyzWqcvnmE1OxwuZFICzavbQNBMCyel
jhiXohcyVE6ibmHs2sxRV3gaqbvlUSocvFvHbVGJj/Mfi2ODqWVYCXY27vLtNGsE
qK5lAeULLd9UASdFtERjEFT8FxjB+c+35ovjt3WCZIRTa33JO1E6tQqNUUN0gms1
RwGY9aTPI0u/vOAQh5HATBNTqIuPTpA9UohyirP4UlzcUvLe9yQEvFmRhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMXf7qnnCmLdmuujcHM4Vjovt/maMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveGRfdXFlY0tZdDJhNjZOd2N6aFdPaS0zLVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAW9l9xCGd6ebrv7b4Xp
T/PT/I/hqM5hJOy+WA1zA/4KQzEcunLNgtOlDMztDXb5BMWgaGlvpoWPKwPA8T+x
6E5aWaPZO3DjB5z6zo9iCYZcjGv/gY1eaC5Tog8Ao0GB9/LjwEf0bRP6fNorKfzz
S4pCtwQ2SaktMQ/6JGGOXwScUANOZsXVSA77tonHpPBniBcKb+IgMgBgwaPVkNC6
gBcXvG4zHRw53rjSdGt5HMIL0ZCXxiXE6oGz6GUD67zrthTG0GJ5r2dzeuyQzXR7
d6r2ycqQLagVhyEwZYdzJ9yQSG2xs0wgwN8CqLFPObLp9IdbqAs8u/VZ39soTQjY
WiQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org