Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0fALdkL_BzRfYSUptsPSqFuRB7o.roa
File: 0fALdkL_BzRfYSUptsPSqFuRB7o.roa (raw, json)
Hash identifier: vF3cePddjixdDn1hKze91cUb9CspdlF2pXm6CL6n1BQ=
Subject key identifier: D1:F0:0B:76:42:FF:07:34:5F:61:25:29:B6:C3:D2:A8:5B:91:07:BA
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01901FAB3E2DCE2D06B59B5A36D53F79ECC6
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0fALdkL_BzRfYSUptsPSqFuRB7o.roa
Signing time: Sun 16 Jun 2024 06:10:34 +0000
ROA not before: Sun 16 Jun 2024 06:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 16 Jun 2024 07:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:1f:ab:3e:2d:ce:2d:06:b5:9b:5a:36:d5:3f:79:ec:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 16 06:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1f00b7642ff07345f612529b6c3d2a85b9107ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:95:a3:0a:36:49:12:00:29:ae:d4:cb:81:de:
5f:47:aa:6d:52:8f:f9:3f:48:fd:65:60:21:b7:18:
62:ec:a5:cd:52:b2:c5:28:36:23:2a:d6:0a:6f:0a:
44:98:65:23:f0:1f:77:07:ed:ad:43:ab:ca:86:0b:
4a:c4:02:bf:f9:9b:ee:a6:b1:33:02:d3:4e:09:ff:
ba:1e:81:0a:4a:a0:9e:a2:e8:3b:28:da:70:5c:67:
46:65:32:ca:74:08:6f:51:7e:4d:fd:53:31:89:3b:
d7:68:6f:7c:15:0a:ec:d1:fa:d0:02:b2:0a:a8:9c:
e7:1f:78:9e:af:7d:4b:8f:c4:7d:1a:5e:81:b7:2d:
3b:4f:24:87:18:b4:63:5b:0d:0f:39:5c:91:45:c1:
3a:ff:2f:9b:e4:51:85:15:52:a3:d3:81:d6:a3:02:
b8:a4:fa:2e:e6:91:6b:1d:51:0c:36:83:33:e6:6c:
d9:ff:c5:38:6b:c1:e7:44:86:72:7c:5b:04:c4:5f:
70:fc:b3:c1:a6:3e:a2:f8:2a:bf:d2:23:15:a5:21:
37:1e:d2:78:09:8a:6c:1c:b0:1c:79:a2:3e:dd:d3:
8f:b6:cf:e4:53:34:d1:c7:dc:24:5a:87:3f:24:0c:
9c:b9:84:30:b9:44:85:86:f3:b7:12:3c:6a:7b:85:
a3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:F0:0B:76:42:FF:07:34:5F:61:25:29:B6:C3:D2:A8:5B:91:07:BA
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0fALdkL_BzRfYSUptsPSqFuRB7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2b:59:16:48:57:99:2d:9a:1b:f8:b9:39:3c:7c:c7:49:3a:59:
ea:f0:c2:73:a1:bb:4c:8d:6f:3b:e1:a5:9d:52:9e:2a:47:74:
df:d7:9f:b0:2e:c2:71:a3:50:28:be:d1:c3:c3:ae:8d:3d:15:
a3:64:6d:66:11:76:be:72:c4:12:43:ba:a0:6d:1f:33:40:4f:
9f:65:b6:ca:47:cc:3c:af:f2:42:28:f1:50:e7:42:44:eb:42:
b6:d1:1e:5e:b1:4a:3b:0a:9a:71:8b:5a:00:8b:56:f8:67:9c:
7e:9a:6d:6d:23:72:14:ce:f8:8e:7e:ca:3e:b8:17:dd:40:ac:
b9:16:f6:3b:ef:2c:8c:42:ba:1e:d3:94:b9:a4:ac:ed:e0:d9:
78:e6:20:13:26:f5:31:07:e4:3f:40:37:c8:60:01:19:0e:cf:
0c:5d:23:00:53:a8:d9:6b:3b:ef:29:69:16:5d:78:58:c0:14:
c8:22:34:e0:5b:9e:6c:29:28:b5:39:aa:40:68:39:bc:16:8b:
d8:52:3e:52:eb:7f:e1:60:65:4a:44:b5:75:f2:4c:e4:5e:57:
1b:68:75:25:4a:c6:08:53:b7:1c:d9:47:92:30:38:7a:1e:ff:
f4:6e:29:da:23:3b:a1:df:b7:e5:19:33:47:50:19:54:50:5d:
ef:96:55:c1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAfqz4tzi0GtZtaNtU/eezGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE2MDYxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWYwMGI3NjQyZmYwNzM0NWY2MTI1MjliNmMzZDJhODViOTEwN2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5WjCjZJEgAprtTLgd5fR6ptUo/5
P0j9ZWAhtxhi7KXNUrLFKDYjKtYKbwpEmGUj8B93B+2tQ6vKhgtKxAK/+ZvuprEz
AtNOCf+6HoEKSqCeoug7KNpwXGdGZTLKdAhvUX5N/VMxiTvXaG98FQrs0frQArIK
qJznH3ier31Lj8R9Gl6Bty07TySHGLRjWw0POVyRRcE6/y+b5FGFFVKj04HWowK4
pPou5pFrHVEMNoMz5mzZ/8U4a8HnRIZyfFsExF9w/LPBpj6i+Cq/0iMVpSE3HtJ4
CYpsHLAceaI+3dOPts/kUzTRx9wkWoc/JAycuYQwuUSFhvO3Ejxqe4WjdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNHwC3ZC/wc0X2ElKbbD0qhbkQe6MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMGZBTGRrTF9CelJmWVNVcHRzUFNxRnVSQjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACtZFkhXmS2aG/i5OTx8
x0k6WerwwnOhu0yNbzvhpZ1SnipHdN/Xn7AuwnGjUCi+0cPDro09FaNkbWYRdr5y
xBJDuqBtHzNAT59ltspHzDyv8kIo8VDnQkTrQrbRHl6xSjsKmnGLWgCLVvhnnH6a
bW0jchTO+I5+yj64F91ArLkW9jvvLIxCuh7TlLmkrO3g2XjmIBMm9TEH5D9AN8hg
ARkOzwxdIwBTqNlrO+8paRZdeFjAFMgiNOBbnmwpKLU5qkBoObwWi9hSPlLrf+Fg
ZUpEtXXyTOReVxtodSVKxghTtxzZR5IwOHoe//RuKdojO6Hft+UZM0dQGVRQXe+W
VcE=
-----END CERTIFICATE-----
Generated at Sun Jun 16 08:18:08 2024 by rpki-client on console-fra.rpki-client.org