Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0f5hzSmaIfOc4VNqbQuGT25SLGY.roa
File: 0f5hzSmaIfOc4VNqbQuGT25SLGY.roa (raw, json)
Hash identifier: gqtP+C0y/CLDW/3vPiH2TgtlHGkvzY/5sOgcSTFgLyo=
Subject key identifier: D1:FE:61:CD:29:9A:21:F3:9C:E1:53:6A:6D:0B:86:4F:6E:52:2C:66
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FB0BBB4C349CEB6D28A430917D18164CB
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0f5hzSmaIfOc4VNqbQuGT25SLGY.roa
Signing time: Sat 25 May 2024 17:10:42 +0000
ROA not before: Sat 25 May 2024 17:10:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 25 May 2024 18:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b0:bb:b4:c3:49:ce:b6:d2:8a:43:09:17:d1:81:64:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 25 17:10:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1fe61cd299a21f39ce1536a6d0b864f6e522c66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:44:44:dd:ce:c8:5e:c4:cf:3c:5a:48:b5:b3:
e1:ca:74:fa:b5:51:46:e3:e7:62:eb:f7:06:7f:c2:
ee:bc:b2:ca:a3:e5:ae:e1:b3:32:0e:a3:3b:e9:7f:
cd:46:b8:e2:a5:ce:cb:00:56:7c:5e:85:b8:cd:ec:
8f:02:bc:1a:2c:02:76:d5:0a:a5:9d:47:67:e4:17:
ff:f8:8c:ff:a8:b7:1f:a1:7b:c5:22:9c:0e:a4:50:
24:e8:46:6d:fb:4e:f4:4a:b2:9a:1f:b5:51:86:38:
8c:1b:ee:59:89:3a:a2:6e:6c:3c:a2:2a:8a:5f:58:
5c:ea:49:34:e4:7b:3a:02:76:ea:aa:b4:bb:ec:76:
52:53:59:b3:93:d3:46:d6:65:ef:dc:40:eb:ac:5c:
6e:5a:5e:7c:a5:b8:bc:1a:eb:45:bb:2e:00:30:f6:
ab:e2:d9:42:15:be:ff:5d:cd:0c:29:2b:d8:26:1f:
8a:4a:27:d8:e1:fb:2b:12:2a:67:95:80:04:87:fd:
74:db:11:b6:f9:8e:4f:39:06:06:b9:e1:5d:a3:69:
59:03:e6:5b:35:a1:ac:53:be:5f:7e:cc:66:38:e1:
96:95:37:86:17:93:f5:73:e5:4c:fc:d0:92:5b:5d:
9d:82:68:0b:83:cb:39:d8:8d:fa:99:4d:46:99:52:
21:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:FE:61:CD:29:9A:21:F3:9C:E1:53:6A:6D:0B:86:4F:6E:52:2C:66
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0f5hzSmaIfOc4VNqbQuGT25SLGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
20:d9:41:36:9c:9d:d1:fd:23:59:eb:20:87:9e:ab:58:f7:cc:
e6:b3:a0:1b:01:82:b6:21:53:55:1f:c3:aa:5d:28:31:45:d5:
86:41:b9:a6:1c:be:71:11:1b:87:d0:0e:aa:1d:3a:89:8b:2a:
af:1a:7e:1e:5b:db:78:87:cb:aa:b4:1d:92:ae:d2:9a:49:49:
78:96:be:93:47:0b:2f:a2:c5:da:89:cb:fb:d9:a8:97:bc:78:
47:66:25:e1:98:b7:0d:d9:96:b0:29:c9:6c:04:0c:d5:55:8a:
7b:28:be:a7:00:cb:f3:1a:13:ba:93:52:4d:f8:b7:32:fb:f8:
5c:3a:fc:33:1d:7c:6c:6d:91:6e:71:5c:08:2e:7a:e0:14:43:
eb:6a:86:1d:6f:00:57:fc:e1:69:87:79:84:f3:1c:93:c2:4d:
fe:ae:6c:45:73:65:6e:80:e4:4c:5a:4b:05:9e:ec:a6:c5:29:
c6:af:20:c2:85:16:b7:a1:b2:61:49:e3:82:83:1a:08:b9:ef:
90:34:40:91:ac:96:ea:5d:60:c1:50:df:b4:25:53:e1:7a:40:
4b:1d:70:5a:f6:57:10:72:db:21:22:3a:d2:6f:a4:b1:cb:f0:
f4:a3:07:ce:71:ec:28:bd:58:c3:b3:f3:e2:00:a2:12:a4:df:
9c:6b:d5:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+wu7TDSc620opDCRfRgWTLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI1MTcxMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWZlNjFjZDI5OWEyMWYzOWNlMTUzNmE2ZDBiODY0ZjZlNTIyYzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtURE3c7IXsTPPFpItbPhynT6tVFG
4+di6/cGf8LuvLLKo+Wu4bMyDqM76X/NRrjipc7LAFZ8XoW4zeyPArwaLAJ21Qql
nUdn5Bf/+Iz/qLcfoXvFIpwOpFAk6EZt+070SrKaH7VRhjiMG+5ZiTqibmw8oiqK
X1hc6kk05Hs6AnbqqrS77HZSU1mzk9NG1mXv3EDrrFxuWl58pbi8GutFuy4AMPar
4tlCFb7/Xc0MKSvYJh+KSifY4fsrEipnlYAEh/102xG2+Y5POQYGueFdo2lZA+Zb
NaGsU75ffsxmOOGWlTeGF5P1c+VM/NCSW12dgmgLg8s52I36mU1GmVIhKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNH+Yc0pmiHznOFTam0Lhk9uUixmMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMGY1aHpTbWFJZk9jNFZOcWJRdUdUMjVTTEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACDZQTacndH9I1nrIIee
q1j3zOazoBsBgrYhU1Ufw6pdKDFF1YZBuaYcvnERG4fQDqodOomLKq8afh5b23iH
y6q0HZKu0ppJSXiWvpNHCy+ixdqJy/vZqJe8eEdmJeGYtw3ZlrApyWwEDNVVinso
vqcAy/MaE7qTUk34tzL7+Fw6/DMdfGxtkW5xXAgueuAUQ+tqhh1vAFf84WmHeYTz
HJPCTf6ubEVzZW6A5ExaSwWe7KbFKcavIMKFFrehsmFJ44KDGgi575A0QJGslupd
YMFQ37QlU+F6QEsdcFr2VxBy2yEiOtJvpLHL8PSjB85x7Ci9WMOz8+IAohKk35xr
1es=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:51 2024 by rpki-client on console-fra.rpki-client.org