Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-91h8uXFhNVYE1ensHdotgBU4PE.roa
File: 1-91h8uXFhNVYE1ensHdotgBU4PE.roa (raw, json)
Hash identifier: JZC5vNMA/GnOqOW7CEtlgCCTeQGuC1FjtQS8Gmhp518=
Subject key identifier: FB:DD:61:F2:E5:C5:84:D5:58:13:57:A7:B0:77:68:B6:00:54:E0:F1
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01900EEE93DA1AE9D3107B9E07B225514D95
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-91h8uXFhNVYE1ensHdotgBU4PE.roa
Signing time: Thu 13 Jun 2024 00:10:34 +0000
ROA not before: Thu 13 Jun 2024 00:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 13 Jun 2024 01:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0e:ee:93:da:1a:e9:d3:10:7b:9e:07:b2:25:51:4d:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 13 00:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbdd61f2e5c584d5581357a7b07768b60054e0f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d9:46:74:2c:9c:6a:37:1c:c6:20:1e:36:33:
af:d1:7a:7c:0c:40:b7:51:c2:8c:3e:a5:b6:5a:f4:
45:c2:7b:bd:f5:56:0b:ec:cc:ff:5a:db:09:d3:0e:
e2:05:d2:1f:ab:8d:ab:87:a2:89:56:f6:18:73:2f:
b0:46:c5:e7:bb:b3:90:60:9e:20:76:bd:72:a1:e8:
85:8d:8a:93:90:40:7e:cf:c1:59:a4:f7:af:c7:ae:
e3:6d:3d:b7:36:51:29:87:76:6d:b8:71:5e:0f:d4:
37:8b:3a:3b:a2:20:cc:92:13:0a:45:ee:67:78:52:
33:2c:75:57:99:84:e7:3c:18:52:70:af:43:0c:fb:
58:92:45:4d:85:b2:25:51:0d:a6:d9:45:21:d3:ad:
71:30:9b:0e:be:b3:61:7d:fd:c1:42:a4:ca:40:e4:
97:a7:48:05:bf:a5:13:a2:74:da:b4:ac:95:8c:3f:
22:af:17:9e:8e:5e:ef:66:10:da:cd:6f:00:8b:f6:
ad:4e:aa:b2:76:50:a6:46:9e:07:a3:c5:72:83:62:
46:b8:4b:cf:80:88:a6:76:59:d3:77:32:94:25:2c:
64:41:32:2b:a3:a2:96:d9:0c:e5:f9:fd:69:b7:c8:
a2:51:af:25:1a:9f:4d:1d:63:e5:64:cb:99:d3:f4:
e1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:DD:61:F2:E5:C5:84:D5:58:13:57:A7:B0:77:68:B6:00:54:E0:F1
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-91h8uXFhNVYE1ensHdotgBU4PE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6a:a3:03:8a:d7:0b:e3:71:7d:6a:c8:a8:63:fa:ea:20:d0:cc:
53:cc:08:9a:a7:ff:1d:a7:48:b5:77:f7:28:08:d9:e2:7a:55:
b8:7e:6c:53:15:6e:89:fb:65:fa:fb:05:00:8c:12:2c:70:87:
9f:d8:fb:90:45:eb:a1:bf:cb:0c:95:83:21:6b:f4:6f:ae:02:
d9:ce:3d:5c:13:17:f2:90:9b:38:87:a7:7c:89:5c:50:63:db:
67:f7:96:08:7f:f9:fe:63:95:6a:c6:f7:e1:74:84:27:5e:ae:
a9:f0:2c:c6:40:76:c0:91:0f:46:e7:fa:b9:08:17:0b:22:fe:
7c:d6:95:c3:ee:f3:2a:53:8d:0c:c6:22:fd:77:85:04:b4:8e:
45:c6:90:ba:7e:93:00:86:ae:da:8f:02:e9:13:6b:2f:35:ee:
9c:3d:a7:61:6d:43:0b:4e:07:55:e0:48:f6:6c:d5:b1:29:a3:
52:2f:28:9d:ab:62:f3:97:16:74:43:4a:d4:88:4f:b4:84:c9:
a4:ea:96:5d:bc:3c:5a:eb:80:c8:be:45:f0:9a:a4:b8:d0:94:
75:a8:9e:e3:e6:69:7a:09:03:ff:c2:7c:95:3c:f9:96:de:18:
43:6d:e4:64:72:74:c8:fc:68:f9:83:18:88:88:b4:a4:87:e3:
22:0b:dc:c7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZAO7pPaGunTEHueB7IlUU2VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjEzMDAxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmRkNjFmMmU1YzU4NGQ1NTgxMzU3YTdiMDc3NjhiNjAwNTRlMGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdlGdCycajccxiAeNjOv0Xp8DEC3
UcKMPqW2WvRFwnu99VYL7Mz/WtsJ0w7iBdIfq42rh6KJVvYYcy+wRsXnu7OQYJ4g
dr1yoeiFjYqTkEB+z8FZpPevx67jbT23NlEph3ZtuHFeD9Q3izo7oiDMkhMKRe5n
eFIzLHVXmYTnPBhScK9DDPtYkkVNhbIlUQ2m2UUh061xMJsOvrNhff3BQqTKQOSX
p0gFv6UTonTatKyVjD8irxeejl7vZhDazW8Ai/atTqqydlCmRp4Ho8Vyg2JGuEvP
gIimdlnTdzKUJSxkQTIro6KW2Qzl+f1pt8iiUa8lGp9NHWPlZMuZ0/ThQwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPvdYfLlxYTVWBNXp7B3aLYAVODxMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMS05MWg4dVhGaE5WWUUxZW5zSGRvdGdCVTRQRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvMDk4MzdjLTk4ZjMtNGM5Zi1hZWJmLTg4MTQ4OGZmZGJi
MC8xL1VtSUVGZEpKQ2w3RDlwSmJuM2tFRG80aTNiOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQBqowOK1wvjcX1qyKhj
+uog0MxTzAiap/8dp0i1d/coCNnielW4fmxTFW6J+2X6+wUAjBIscIef2PuQReuh
v8sMlYMha/RvrgLZzj1cExfykJs4h6d8iVxQY9tn95YIf/n+Y5VqxvfhdIQnXq6p
8CzGQHbAkQ9G5/q5CBcLIv581pXD7vMqU40MxiL9d4UEtI5FxpC6fpMAhq7ajwLp
E2svNe6cPadhbUMLTgdV4Ej2bNWxKaNSLyidq2LzlxZ0Q0rUiE+0hMmk6pZdvDxa
64DIvkXwmqS40JR1qJ7j5ml6CQP/wnyVPPmW3hhDbeRkcnTI/Gj5gxiIiLSkh+Mi
C9zH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:51 2025 by rpki-client