Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yvSjG-qayfBMBCWDuwgIhBaLgPQ.roa
File: yvSjG-qayfBMBCWDuwgIhBaLgPQ.roa (raw, json)
Hash identifier: k6LaqB5HcLel53QeXZ0JlnwToLURNb+HICwkaB3wLi4=
Subject key identifier: CA:F4:A3:1B:EA:9A:C9:F0:4C:04:25:83:BB:08:08:84:16:8B:80:F4
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190475D97EB18ED0B30E865467134364072
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yvSjG-qayfBMBCWDuwgIhBaLgPQ.roa
Signing time: Sun 23 Jun 2024 23:10:34 +0000
ROA not before: Sun 23 Jun 2024 23:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Jun 2024 00:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:47:5d:97:eb:18:ed:0b:30:e8:65:46:71:34:36:40:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 23 23:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caf4a31bea9ac9f04c042583bb080884168b80f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:87:54:ac:38:97:24:73:cd:55:a4:28:06:6f:
98:b3:63:f5:f2:d8:0b:4c:1f:0f:04:d5:05:c5:50:
9f:01:09:7f:bb:d3:c9:ee:d5:69:c4:24:7d:ae:62:
9c:57:d1:4c:10:24:ab:fc:8f:95:58:49:8d:68:c7:
8c:fd:5f:77:35:1b:5c:3c:4a:d2:d7:08:f5:72:33:
1e:94:f9:ce:e0:6a:bb:53:de:ee:0b:84:76:d3:17:
ea:c1:0c:46:f7:a9:77:18:6b:90:d7:a3:1a:f7:12:
85:01:f3:3e:b4:15:05:66:4c:87:e3:8e:23:58:90:
32:17:49:32:6b:e2:67:72:dd:2c:13:e9:ad:c0:70:
6c:8a:ef:af:46:48:b8:d7:73:74:a6:21:e5:36:ec:
45:7d:fb:b4:23:fe:31:f5:47:3c:75:a6:c1:e8:de:
38:14:46:7a:09:74:8f:06:ce:b7:78:b3:3f:62:e0:
d7:f8:7d:3f:5a:62:5c:bb:ab:06:f4:21:e9:fd:7d:
f9:32:37:02:4e:41:cc:0f:6f:07:23:af:58:be:b6:
5d:68:5d:59:af:38:47:87:da:9a:7f:c4:f5:eb:93:
a6:28:c1:12:22:e4:1d:a6:f8:4c:4d:4b:0a:05:aa:
60:4a:fc:f6:d0:d7:c7:6e:5c:91:11:34:e5:62:9a:
99:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F4:A3:1B:EA:9A:C9:F0:4C:04:25:83:BB:08:08:84:16:8B:80:F4
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yvSjG-qayfBMBCWDuwgIhBaLgPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
83:16:50:ac:d9:e1:b3:a6:e1:7d:43:92:9f:d0:7f:34:dd:af:
2a:55:21:f1:75:a6:6e:e6:8b:ef:06:4b:75:f7:60:c3:3b:95:
56:25:7f:34:67:51:1c:be:2f:e0:0e:8c:3a:df:7a:c6:0b:08:
d5:4b:f7:d7:2f:07:ac:00:c3:99:04:0d:d1:43:4a:00:d7:1d:
e4:38:19:40:21:c5:fc:93:e0:07:d0:d0:09:28:0a:64:ec:c1:
89:57:18:b4:b7:88:10:8b:38:23:83:6d:0b:c5:8e:e9:f0:4c:
2f:9c:c9:b7:d6:cd:1a:f7:78:7d:6d:31:b8:64:38:6c:98:34:
7f:13:c5:d9:92:b1:11:9b:d4:6e:61:17:7c:02:b1:38:29:32:
cc:bd:14:ee:80:b3:9b:80:17:80:93:10:b1:6d:3c:cf:4d:d2:
2d:16:e4:f6:ef:f4:88:2e:c4:82:ad:ae:6f:27:15:51:1d:19:
ba:b0:e2:cc:e2:66:c9:bf:ba:8d:d7:67:30:b6:f6:95:d1:97:
22:9a:88:9f:8e:11:75:33:42:bc:4a:72:ac:54:40:ef:81:01:
3c:97:1e:7b:b4:5e:8a:0f:35:f9:ee:12:42:ac:89:28:10:7e:
2c:74:46:81:1c:14:f5:6a:0b:f8:bc:c7:e3:df:a5:e7:4d:fb:
f6:43:cd:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBHXZfrGO0LMOhlRnE0NkByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIzMjMxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWY0YTMxYmVhOWFjOWYwNGMwNDI1ODNiYjA4MDg4NDE2OGI4MGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1odUrDiXJHPNVaQoBm+Ys2P18tgL
TB8PBNUFxVCfAQl/u9PJ7tVpxCR9rmKcV9FMECSr/I+VWEmNaMeM/V93NRtcPErS
1wj1cjMelPnO4Gq7U97uC4R20xfqwQxG96l3GGuQ16Ma9xKFAfM+tBUFZkyH444j
WJAyF0kya+Jnct0sE+mtwHBsiu+vRki413N0piHlNuxFffu0I/4x9Uc8dabB6N44
FEZ6CXSPBs63eLM/YuDX+H0/WmJcu6sG9CHp/X35MjcCTkHMD28HI69YvrZdaF1Z
rzhHh9qaf8T165OmKMESIuQdpvhMTUsKBapgSvz20NfHblyRETTlYpqZMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMr0oxvqmsnwTAQlg7sICIQWi4D0MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveXZTakctcWF5ZkJNQkNXRHV3Z0loQmFMZ1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIMWUKzZ4bOm4X1Dkp/Q
fzTdrypVIfF1pm7mi+8GS3X3YMM7lVYlfzRnURy+L+AOjDrfesYLCNVL99cvB6wA
w5kEDdFDSgDXHeQ4GUAhxfyT4AfQ0AkoCmTswYlXGLS3iBCLOCODbQvFjunwTC+c
ybfWzRr3eH1tMbhkOGyYNH8TxdmSsRGb1G5hF3wCsTgpMsy9FO6As5uAF4CTELFt
PM9N0i0W5Pbv9IguxIKtrm8nFVEdGbqw4sziZsm/uo3XZzC29pXRlyKaiJ+OEXUz
QrxKcqxUQO+BATyXHnu0XooPNfnuEkKsiSgQfix0RoEcFPVqC/i8x+PfpedN+/ZD
zWY=
-----END CERTIFICATE-----
Generated at Mon Jun 24 00:55:44 2024 by rpki-client on console-fra.rpki-client.org