Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xo0gPkX92AjKdn-nZt3rSyheEjs.roa
File: xo0gPkX92AjKdn-nZt3rSyheEjs.roa (raw, json)
Hash identifier: PlJ5oh3xWVW3wDJhFNH2BWh8kX87I7Q/fpQ0GwDIHV0=
Subject key identifier: C6:8D:20:3E:45:FD:D8:08:CA:76:7F:A7:66:DD:EB:4B:28:5E:12:3B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190720E001BC0242010E00500BA27814C6D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xo0gPkX92AjKdn-nZt3rSyheEjs.roa
Signing time: Tue 02 Jul 2024 06:07:18 +0000
ROA not before: Tue 02 Jul 2024 06:07:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jul 2024 07:04:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:72:0e:00:1b:c0:24:20:10:e0:05:00:ba:27:81:4c:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 2 06:07:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c68d203e45fdd808ca767fa766ddeb4b285e123b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:df:d8:98:ef:cb:f5:5f:4f:1b:ee:fc:28:27:
a3:30:63:13:48:76:75:0e:b3:f2:cb:1f:ed:c5:52:
36:a2:db:cb:83:72:ab:75:34:a1:f9:d5:8b:a9:5a:
4f:a4:d2:0f:e4:e3:4e:d0:ed:7c:f5:98:62:68:42:
68:8b:a3:98:c8:00:9e:e1:6a:9f:fd:72:6e:2d:03:
7e:88:04:cb:06:53:3d:0e:db:9c:90:3c:dd:4a:1f:
81:b5:08:34:45:29:0a:91:b8:90:f6:b0:55:87:ae:
05:61:9f:c6:7e:20:56:f9:20:d1:82:5f:cd:a2:6d:
57:ad:e6:f0:66:70:cd:66:bc:10:da:6f:ee:fb:09:
98:ac:ea:58:73:59:79:1f:ee:47:fd:f5:40:1e:78:
35:80:90:88:c5:7f:d1:b3:8a:48:1d:2b:65:d3:37:
1a:73:b9:63:e7:bc:2b:76:d7:32:dc:c7:da:1c:86:
db:fd:c3:44:54:d1:0e:84:88:c6:8c:1f:5e:27:4f:
9c:45:53:9e:d8:08:17:23:f0:1b:72:9e:44:95:0e:
ca:9d:ae:c2:36:89:1e:b6:a6:9b:ba:1e:45:9b:5a:
93:e2:7b:8f:12:92:47:fe:31:f4:bd:15:b9:ec:3f:
0f:e1:3f:fb:63:69:9b:6e:7f:f4:b5:0e:15:8c:8a:
54:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:8D:20:3E:45:FD:D8:08:CA:76:7F:A7:66:DD:EB:4B:28:5E:12:3B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xo0gPkX92AjKdn-nZt3rSyheEjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
01:94:fa:c6:07:ed:cd:32:f2:52:6a:ab:b9:11:6d:b6:e6:ea:
87:bc:d3:af:3e:0c:be:4b:3a:2f:85:41:4e:1a:c1:c6:50:3f:
d2:6b:97:14:d1:5b:af:cb:8d:f7:38:98:39:6b:66:f5:8e:f5:
79:4c:3d:f1:ee:d6:b8:64:a3:b2:6f:c0:d4:2b:cd:48:6f:35:
76:44:17:d3:97:72:16:0b:e2:36:cd:f8:c7:ac:69:dc:e3:e3:
a1:57:f0:27:80:38:05:b3:3a:3d:c5:f1:d6:4e:b1:a0:cd:0a:
57:55:c0:de:07:7b:d9:05:61:52:08:16:22:1e:b8:4e:64:1f:
1e:8a:81:83:58:13:a9:91:d4:f1:45:4b:e0:9c:69:d9:f7:63:
e5:7f:49:ce:13:35:eb:87:12:ec:72:0d:3e:34:1a:17:d1:c1:
f7:3d:dd:98:4d:f9:1c:ce:43:72:68:3d:4e:9d:d0:54:f4:fe:
e1:e7:d5:9f:44:53:ee:ed:8c:4a:a7:e0:c5:7b:9c:0e:a8:1b:
59:28:7d:67:3b:52:c1:c7:ae:cb:5b:54:cc:91:07:95:57:37:
d8:87:0a:aa:01:43:b2:23:18:73:72:a8:d2:5f:3d:9a:06:b1:
d6:69:43:59:c8:00:74:a4:b2:65:dc:fa:6f:df:19:0b:2a:f4:
f3:76:71:fa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZByDgAbwCQgEOAFALongUxtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAyMDYwNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjhkMjAzZTQ1ZmRkODA4Y2E3NjdmYTc2NmRkZWI0YjI4NWUxMjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49/YmO/L9V9PG+78KCejMGMTSHZ1
DrPyyx/txVI2otvLg3KrdTSh+dWLqVpPpNIP5ONO0O189ZhiaEJoi6OYyACe4Wqf
/XJuLQN+iATLBlM9DtuckDzdSh+BtQg0RSkKkbiQ9rBVh64FYZ/GfiBW+SDRgl/N
om1XrebwZnDNZrwQ2m/u+wmYrOpYc1l5H+5H/fVAHng1gJCIxX/Rs4pIHStl0zca
c7lj57wrdtcy3MfaHIbb/cNEVNEOhIjGjB9eJ0+cRVOe2AgXI/Abcp5ElQ7Kna7C
Noketqabuh5Fm1qT4nuPEpJH/jH0vRW57D8P4T/7Y2mbbn/0tQ4VjIpUbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMaNID5F/dgIynZ/p2bd60soXhI7MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveG8wZ1BrWDkyQWpLZG4tblp0M3JTeWhlRWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAGU+sYH7c0y8lJqq7kR
bbbm6oe8068+DL5LOi+FQU4awcZQP9JrlxTRW6/Ljfc4mDlrZvWO9XlMPfHu1rhk
o7JvwNQrzUhvNXZEF9OXchYL4jbN+Mesadzj46FX8CeAOAWzOj3F8dZOsaDNCldV
wN4He9kFYVIIFiIeuE5kHx6KgYNYE6mR1PFFS+Ccadn3Y+V/Sc4TNeuHEuxyDT40
GhfRwfc93ZhN+RzOQ3JoPU6d0FT0/uHn1Z9EU+7tjEqn4MV7nA6oG1kofWc7UsHH
rstbVMyRB5VXN9iHCqoBQ7IjGHNyqNJfPZoGsdZpQ1nIAHSksmXc+m/fGQsq9PN2
cfo=
-----END CERTIFICATE-----
Generated at Tue Jul 2 08:53:10 2024 by rpki-client on console-fra.rpki-client.org