Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-GhttY8kbeynt6V8R3DBPh8rwBQ.roa
File: 1-GhttY8kbeynt6V8R3DBPh8rwBQ.roa (raw, json)
Hash identifier: 0/oLTtKJpiP5leXgeXIsbtrszE7ds5cqcn5Fa9pg5TI=
Subject key identifier: F8:68:6D:B5:8F:24:6D:EC:A7:B7:A5:7C:47:70:C1:3E:1F:2B:C0:14
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190ABC8B0CD79131312ECB07854163CD192
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-GhttY8kbeynt6V8R3DBPh8rwBQ.roa
Signing time: Sat 13 Jul 2024 11:09:34 +0000
ROA not before: Sat 13 Jul 2024 11:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 13 Jul 2024 12:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ab:c8:b0:cd:79:13:13:12:ec:b0:78:54:16:3c:d1:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 13 11:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8686db58f246deca7b7a57c4770c13e1f2bc014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:42:06:e6:be:51:be:35:b8:ba:6c:4b:c2:72:
71:86:d5:5e:1f:dd:ab:88:0f:05:45:e8:38:ac:27:
71:68:6c:be:7f:da:ad:dc:78:00:5c:0d:60:a5:9f:
33:52:cd:21:36:77:9b:8c:c7:6f:27:93:fa:98:c4:
29:82:5a:5f:33:db:ec:7d:4c:09:ef:32:9e:48:d3:
1e:8d:f5:61:9e:4a:97:21:19:88:74:ed:97:09:db:
9b:df:fb:45:79:d6:f8:19:c5:ed:a6:24:4e:3a:30:
dc:de:50:bb:dd:20:ce:33:3b:85:23:e3:68:fa:c6:
68:c7:ef:5d:f0:dc:e7:27:8a:c1:60:9c:6b:bd:0a:
60:c7:30:c4:93:fe:2e:76:2a:42:47:c2:d6:6a:84:
2d:7e:32:1f:06:f2:3e:bb:cb:b4:a2:ac:4f:7f:25:
cf:dc:b0:cf:71:fd:6d:63:04:d5:49:ef:10:52:ec:
34:2b:c9:ab:e6:cd:1d:3b:13:98:ed:b5:d0:54:9f:
5f:db:68:f7:3d:68:2f:b1:04:64:10:60:74:8b:b7:
07:3a:27:1a:d4:78:29:6d:ce:7b:f0:20:3b:04:67:
55:32:c2:03:5c:c0:15:9f:8d:00:dc:ab:39:12:0b:
ae:0a:40:b3:54:e4:4f:db:2b:ec:9c:80:d5:10:5a:
10:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:68:6D:B5:8F:24:6D:EC:A7:B7:A5:7C:47:70:C1:3E:1F:2B:C0:14
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-GhttY8kbeynt6V8R3DBPh8rwBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
39:e0:bc:7b:2c:d1:d0:6b:a4:1b:8a:42:fd:07:5a:c6:fa:c9:
39:2a:c8:68:d4:8b:c5:80:26:ea:8f:c8:fa:47:9b:e3:0b:da:
3d:93:ea:63:b2:4b:2d:5d:1a:3e:25:33:57:7d:e7:94:49:93:
8f:e0:5b:32:41:ff:8a:ab:e1:e0:00:85:de:40:3b:f3:c8:b6:
c9:a2:1c:1d:6b:a1:71:ec:7f:3f:e7:7b:52:b9:99:17:da:a3:
09:e5:71:dc:1b:7e:c3:70:29:e6:34:66:6d:f2:da:7f:f7:df:
42:58:1d:82:87:66:9b:0f:04:39:bd:48:dd:74:16:c0:a8:3e:
8e:9c:1f:d0:84:3d:3e:5d:b0:4f:46:ce:b0:3e:cf:4a:0d:78:
7a:af:88:68:56:fe:f5:7c:cd:36:9b:eb:e5:86:df:2b:46:39:
e4:5b:cf:32:ac:f4:cf:f0:21:f8:ce:9a:3b:0e:b7:3b:f0:a6:
12:e3:03:a4:c9:a2:72:8a:a7:fe:2d:eb:44:63:9d:3e:8e:b1:
85:e0:4f:78:56:c8:18:3c:ab:d1:2f:96:96:41:9f:94:db:0a:
62:39:9f:00:f1:77:85:34:71:ff:47:05:41:61:d6:6a:81:02:
b1:cb:ac:bd:e9:f0:fb:0d:82:af:43:c3:84:a7:6d:7f:9e:81:
ab:c1:bf:5d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZCryLDNeRMTEuyweFQWPNGSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEzMTEwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODY4NmRiNThmMjQ2ZGVjYTdiN2E1N2M0NzcwYzEzZTFmMmJjMDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5UIG5r5RvjW4umxLwnJxhtVeH92r
iA8FReg4rCdxaGy+f9qt3HgAXA1gpZ8zUs0hNnebjMdvJ5P6mMQpglpfM9vsfUwJ
7zKeSNMejfVhnkqXIRmIdO2XCdub3/tFedb4GcXtpiROOjDc3lC73SDOMzuFI+No
+sZox+9d8NznJ4rBYJxrvQpgxzDEk/4udipCR8LWaoQtfjIfBvI+u8u0oqxPfyXP
3LDPcf1tYwTVSe8QUuw0K8mr5s0dOxOY7bXQVJ9f22j3PWgvsQRkEGB0i7cHOica
1Hgpbc578CA7BGdVMsIDXMAVn40A3Ks5EguuCkCzVORP2yvsnIDVEFoQoQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPhobbWPJG3sp7elfEdwwT4fK8AUMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMS1HaHR0WThrYmV5bnQ2VjhSM0RCUGg4cndCUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvMDk4MzdjLTk4ZjMtNGM5Zi1hZWJmLTg4MTQ4OGZmZGJi
MC8xL1VtSUVGZEpKQ2w3RDlwSmJuM2tFRG80aTNiOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQA54Lx7LNHQa6QbikL9
B1rG+sk5Ksho1IvFgCbqj8j6R5vjC9o9k+pjskstXRo+JTNXfeeUSZOP4FsyQf+K
q+HgAIXeQDvzyLbJohwda6Fx7H8/53tSuZkX2qMJ5XHcG37DcCnmNGZt8tp/999C
WB2Ch2abDwQ5vUjddBbAqD6OnB/QhD0+XbBPRs6wPs9KDXh6r4hoVv71fM02m+vl
ht8rRjnkW88yrPTP8CH4zpo7Drc78KYS4wOkyaJyiqf+LetEY50+jrGF4E94VsgY
PKvRL5aWQZ+U2wpiOZ8A8XeFNHH/RwVBYdZqgQKxy6y96fD7DYKvQ8OEp21/noGr
wb9d
-----END CERTIFICATE-----
Generated at Sat Jul 13 13:54:00 2024 by rpki-client on console-fra.rpki-client.org