Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0alEld6lFUoSzICp_jB371Olvcg.roa
File: 0alEld6lFUoSzICp_jB371Olvcg.roa (raw, json)
Hash identifier: 7U8DHZMmhdvZEkFBKBXjN2lVO6DmdWIsAtyfYKiGh2w=
Subject key identifier: D1:A9:44:95:DE:A5:15:4A:12:CC:80:A9:FE:30:77:EF:53:A5:BD:C8
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FD1FDE1F5F42C8CDA1D9ACA0D07E77447
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0alEld6lFUoSzICp_jB371Olvcg.roa
Signing time: Sat 01 Jun 2024 04:10:27 +0000
ROA not before: Sat 01 Jun 2024 04:10:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 01 Jun 2024 05:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d1:fd:e1:f5:f4:2c:8c:da:1d:9a:ca:0d:07:e7:74:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 1 04:10:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1a94495dea5154a12cc80a9fe3077ef53a5bdc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:93:62:7a:65:92:68:c2:51:a2:d8:d3:82:d7:
94:8c:e4:c4:e4:8e:e1:44:d3:a6:a3:4d:55:d8:f3:
5e:c3:a8:56:b5:0d:85:73:c4:80:40:33:62:fe:e0:
22:9d:b1:0e:64:f9:ef:03:00:ba:fe:ec:d0:76:a8:
5f:d2:d6:1e:0d:f3:85:f5:9a:ee:bf:70:ed:56:21:
59:40:c1:2a:50:da:1d:67:4e:b8:5d:f4:e9:1e:6f:
e9:b4:a0:15:1d:a1:e9:0b:ba:bc:9d:54:f5:ad:f4:
d4:cb:4c:a7:d2:a6:72:30:74:31:55:3b:9d:ba:4b:
8d:2f:9c:1a:b1:94:3a:c3:64:e2:54:6d:55:08:a2:
4a:e1:01:23:c5:a5:96:04:59:27:ed:a5:b6:36:5f:
8a:2f:0a:8a:48:e6:f7:d2:f1:0c:2e:40:fd:30:40:
f7:7f:48:27:74:21:03:00:76:2d:9b:c9:1f:18:c4:
0b:73:24:fe:10:ff:5f:34:91:f1:73:c9:8b:bc:a1:
b5:74:0d:b3:dd:67:6e:55:49:c9:da:fe:38:85:cc:
d8:98:b8:b8:7f:a8:d9:0e:80:4f:cd:7d:10:dc:a8:
67:dc:3e:d3:3f:3c:33:6f:67:e0:05:7e:fa:b6:75:
7e:20:56:1d:70:77:5c:72:f8:26:25:05:2c:ef:e1:
37:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A9:44:95:DE:A5:15:4A:12:CC:80:A9:FE:30:77:EF:53:A5:BD:C8
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0alEld6lFUoSzICp_jB371Olvcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:26:5a:aa:80:68:e8:1f:70:71:84:08:d8:23:95:36:17:3b:
90:bd:ce:df:a5:68:c9:ad:b1:e2:e5:e6:6d:59:e2:8c:21:f6:
d5:c1:d8:40:c7:68:fd:14:f0:22:e3:37:f7:38:41:31:2f:d4:
78:ae:08:3d:3c:c1:33:b8:7b:f1:04:c7:5b:ea:e3:23:71:f8:
fc:ca:e6:a2:8b:18:69:a4:42:50:04:1a:45:44:31:5a:24:52:
49:5f:16:9d:aa:54:2f:a4:45:75:e3:2f:9f:21:59:a6:79:2f:
54:7d:54:15:15:b3:da:ff:24:58:cc:47:2a:c2:3b:44:af:f0:
0d:30:38:e9:9f:4a:4a:6d:58:32:1f:4d:05:e2:a6:3a:03:4a:
d5:89:c6:3c:84:a8:c5:ae:8e:64:ef:b8:30:4b:cf:c8:38:1d:
d4:5f:5f:58:67:f0:de:e4:87:3b:6e:dd:1f:40:5b:13:83:dd:
0e:20:1d:f3:39:35:36:b0:c5:74:7c:f0:29:1c:35:43:2f:fb:
ee:f0:12:fe:b3:77:84:5a:46:b5:c3:72:41:da:3c:22:79:32:
11:6a:d8:d1:f7:ee:33:ce:e9:88:23:e9:4e:c4:e1:15:31:93:
70:48:da:7e:13:3b:d9:33:a6:96:ad:2d:fa:a7:25:6a:48:2a:
61:bb:53:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/R/eH19CyM2h2ayg0H53RHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAxMDQxMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWE5NDQ5NWRlYTUxNTRhMTJjYzgwYTlmZTMwNzdlZjUzYTViZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5NiemWSaMJRotjTgteUjOTE5I7h
RNOmo01V2PNew6hWtQ2Fc8SAQDNi/uAinbEOZPnvAwC6/uzQdqhf0tYeDfOF9Zru
v3DtViFZQMEqUNodZ064XfTpHm/ptKAVHaHpC7q8nVT1rfTUy0yn0qZyMHQxVTud
ukuNL5wasZQ6w2TiVG1VCKJK4QEjxaWWBFkn7aW2Nl+KLwqKSOb30vEMLkD9MED3
f0gndCEDAHYtm8kfGMQLcyT+EP9fNJHxc8mLvKG1dA2z3WduVUnJ2v44hczYmLi4
f6jZDoBPzX0Q3Khn3D7TPzwzb2fgBX76tnV+IFYdcHdccvgmJQUs7+E3EwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNGpRJXepRVKEsyAqf4wd+9Tpb3IMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMGFsRWxkNmxGVW9TeklDcF9qQjM3MU9sdmNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHYmWqqAaOgfcHGECNgj
lTYXO5C9zt+laMmtseLl5m1Z4owh9tXB2EDHaP0U8CLjN/c4QTEv1HiuCD08wTO4
e/EEx1vq4yNx+PzK5qKLGGmkQlAEGkVEMVokUklfFp2qVC+kRXXjL58hWaZ5L1R9
VBUVs9r/JFjMRyrCO0Sv8A0wOOmfSkptWDIfTQXipjoDStWJxjyEqMWujmTvuDBL
z8g4HdRfX1hn8N7khztu3R9AWxOD3Q4gHfM5NTawxXR88CkcNUMv++7wEv6zd4Ra
RrXDckHaPCJ5MhFq2NH37jPO6Ygj6U7E4RUxk3BI2n4TO9kzppatLfqnJWpIKmG7
Uw4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:55 2025 by rpki-client