Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yg7ceQGUDLirKp7vZq0zIfgbkKg.roa
File: yg7ceQGUDLirKp7vZq0zIfgbkKg.roa (raw, json)
Hash identifier: bX22OyZLsAMxg7FzfEWuAYUe8ullTCFnOVqZOaQenOY=
Subject key identifier: CA:0E:DC:79:01:94:0C:B8:AB:2A:9E:EF:66:AD:33:21:F8:1B:90:A8
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01906DC532B7AFEE575C2139338E39E9F411
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yg7ceQGUDLirKp7vZq0zIfgbkKg.roa
Signing time: Mon 01 Jul 2024 10:09:18 +0000
ROA not before: Mon 01 Jul 2024 10:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jul 2024 11:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6d:c5:32:b7:af:ee:57:5c:21:39:33:8e:39:e9:f4:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 1 10:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca0edc7901940cb8ab2a9eef66ad3321f81b90a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:d7:bc:e2:0e:03:3a:08:d7:9f:a1:39:6e:e3:
c3:fc:b0:7a:e8:75:55:02:a7:09:91:2b:d3:10:25:
13:f5:f1:0c:5b:cd:58:6d:ab:c2:a1:e0:54:85:17:
c1:39:92:d2:22:22:d0:5f:be:3e:f4:c0:38:7c:3f:
e7:95:a6:fd:cc:d7:50:8d:34:a7:78:c5:4e:2c:65:
29:a4:49:88:ab:5f:2b:da:b4:78:bc:94:71:ef:63:
42:71:6c:5a:32:59:6b:a7:a9:c5:26:b6:91:4d:b9:
17:fc:fe:a4:0e:ab:0c:2c:94:cc:51:10:7d:8b:04:
21:29:dc:10:24:65:5f:f5:38:a8:a2:a2:20:d6:7d:
9e:f8:fa:4b:5e:87:ef:a8:c0:65:09:ae:fe:7b:a8:
16:f7:5e:cb:a9:cf:c6:1f:4b:1c:a9:06:f5:af:91:
ab:c0:9d:93:0b:32:7c:b1:08:92:36:63:66:81:b9:
15:5d:f4:c4:42:ce:b2:8a:23:14:1f:f5:ca:b3:72:
5c:7a:6e:c1:1e:ea:0e:b2:3c:be:3f:4d:45:cb:41:
62:aa:40:b3:89:5f:7f:dd:66:63:3d:94:ec:78:f7:
93:58:dd:ba:d3:48:3f:51:67:fb:db:42:b6:67:1e:
7c:a5:6c:0d:2c:f9:79:0a:97:f6:f4:8c:43:c9:eb:
9a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:0E:DC:79:01:94:0C:B8:AB:2A:9E:EF:66:AD:33:21:F8:1B:90:A8
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yg7ceQGUDLirKp7vZq0zIfgbkKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
75:f1:3a:a6:37:0b:f2:09:eb:81:35:45:ae:80:a7:c3:32:18:
48:2e:c0:32:d9:b7:f7:40:4c:25:73:3a:11:66:72:48:dd:2a:
7e:6e:b2:88:92:2c:7e:af:98:f1:4a:b4:76:e8:5f:4b:c5:15:
fe:1b:e3:b9:c5:91:f9:45:22:3d:6d:b0:7c:5e:22:7e:ef:71:
09:ff:d4:68:b2:1b:4c:7f:7b:1a:70:38:90:c0:dc:67:cd:1f:
9a:a3:cc:4d:a0:73:21:45:82:9f:46:39:a5:aa:3a:bd:31:ca:
42:1e:c3:79:d7:b5:ba:c8:16:21:65:41:4c:d6:95:a0:07:31:
56:dc:cd:ac:f1:98:7f:39:d9:2b:11:e2:60:6e:da:3a:2d:f6:
2e:f0:ee:1e:74:f2:7c:f5:fa:04:02:e9:4b:f9:a2:ae:b9:b9:
9e:d4:2e:e2:05:ff:b4:f2:55:19:68:b2:4f:89:e5:a8:1b:f5:
97:49:cc:a1:83:d9:8e:76:8d:f0:8d:1f:1a:fb:95:0d:11:58:
bc:6a:49:26:ef:64:1b:c7:c1:07:5b:2a:0a:68:32:3b:e2:11:
2e:84:de:f5:85:17:91:36:19:1e:7c:44:29:c6:ba:f4:e1:9c:
65:c2:e7:7b:90:cc:b6:88:c9:ca:58:ec:ee:56:b4:c6:79:07:
40:07:0b:db
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBtxTK3r+5XXCE5M4456fQRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAxMTAwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTBlZGM3OTAxOTQwY2I4YWIyYTllZWY2NmFkMzMyMWY4MWI5MGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8te84g4DOgjXn6E5buPD/LB66HVV
AqcJkSvTECUT9fEMW81YbavCoeBUhRfBOZLSIiLQX74+9MA4fD/nlab9zNdQjTSn
eMVOLGUppEmIq18r2rR4vJRx72NCcWxaMllrp6nFJraRTbkX/P6kDqsMLJTMURB9
iwQhKdwQJGVf9TiooqIg1n2e+PpLXofvqMBlCa7+e6gW917Lqc/GH0scqQb1r5Gr
wJ2TCzJ8sQiSNmNmgbkVXfTEQs6yiiMUH/XKs3Jcem7BHuoOsjy+P01Fy0FiqkCz
iV9/3WZjPZTsePeTWN2600g/UWf720K2Zx58pWwNLPl5Cpf29IxDyeuaTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMoO3HkBlAy4qyqe72atMyH4G5CoMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveWc3Y2VRR1VETGlyS3A3dlpxMHpJZmdia0tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHXxOqY3C/IJ64E1Ra6A
p8MyGEguwDLZt/dATCVzOhFmckjdKn5usoiSLH6vmPFKtHboX0vFFf4b47nFkflF
Ij1tsHxeIn7vcQn/1GiyG0x/expwOJDA3GfNH5qjzE2gcyFFgp9GOaWqOr0xykIe
w3nXtbrIFiFlQUzWlaAHMVbczazxmH852SsR4mBu2jot9i7w7h508nz1+gQC6Uv5
oq65uZ7ULuIF/7TyVRlosk+J5agb9ZdJzKGD2Y52jfCNHxr7lQ0RWLxqSSbvZBvH
wQdbKgpoMjviES6E3vWFF5E2GR58RCnGuvThnGXC53uQzLaIycpY7O5WtMZ5B0AH
C9s=
-----END CERTIFICATE-----
Generated at Mon Jul 1 13:01:25 2024 by rpki-client on console-fra.rpki-client.org