Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-JLsKfQUyeNM1ocE2NFxCQayfCI.roa
File: 1-JLsKfQUyeNM1ocE2NFxCQayfCI.roa (raw, json)
Hash identifier: TQIzcL0wb+i7PahCemnACz0HoSwVMOeo4H2BnidYIHo=
Subject key identifier: F8:92:EC:29:F4:14:C9:E3:4C:D6:87:04:D8:D1:71:09:06:B2:7C:22
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FEF94F4DB7B3CDCD1A042ECFCACE5EA2B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-JLsKfQUyeNM1ocE2NFxCQayfCI.roa
Signing time: Thu 06 Jun 2024 22:04:27 +0000
ROA not before: Thu 06 Jun 2024 22:04:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:ef94:bd9e/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 06 Jun 2024 22:09:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ef:94:f4:db:7b:3c:dc:d1:a0:42:ec:fc:ac:e5:ea:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 6 22:04:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f892ec29f414c9e34cd68704d8d1710906b27c22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:73:13:2f:6f:df:7a:b6:ea:27:c4:c4:36:d2:
18:33:d3:a3:31:6a:ab:1f:fe:d4:8c:29:69:09:af:
e2:a7:e2:cb:04:2c:a1:97:0c:19:bb:22:1a:64:70:
1d:f4:52:39:1b:8a:66:19:9a:2e:b0:62:aa:81:eb:
66:b4:33:3c:17:c7:4a:65:db:63:7a:de:f5:8d:a3:
3b:7a:90:2e:2a:bd:80:85:68:56:ad:ee:ed:e9:5e:
4f:13:94:e1:5e:b1:c0:5a:51:9a:03:8f:c1:4b:73:
16:55:80:44:cb:17:d0:9f:63:7c:e0:6c:d6:8a:76:
eb:84:a1:39:b7:cc:3e:08:fa:6d:c1:47:a4:68:79:
d3:ab:05:bc:51:fd:0f:34:a0:e3:79:8f:02:67:fc:
c8:a2:20:02:5f:ae:ab:f1:03:6b:43:b0:12:43:3d:
84:db:9c:ed:a6:07:ba:43:ba:34:f8:05:9e:39:2a:
de:00:67:d2:1c:3f:25:b2:f0:f0:1a:c0:05:4e:25:
f6:b3:73:69:36:61:2d:c7:0b:1b:e3:e8:5a:82:51:
c2:f1:39:54:c6:25:77:05:60:2b:5c:13:37:59:80:
6c:33:5e:1a:65:3c:f2:25:15:e7:4c:8f:fe:86:be:
12:77:a5:66:46:07:83:fe:e6:d8:14:71:e5:29:cd:
be:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:92:EC:29:F4:14:C9:E3:4C:D6:87:04:D8:D1:71:09:06:B2:7C:22
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-JLsKfQUyeNM1ocE2NFxCQayfCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2e:4c:3e:33:50:11:91:52:ad:b8:04:1d:88:71:20:c4:37:52:
8b:64:de:99:d3:03:2f:34:da:1b:f5:31:52:33:40:65:f5:c9:
75:99:df:dd:5a:3b:82:87:b7:18:b5:95:53:c4:75:33:8d:ba:
a5:7c:9b:58:54:21:ec:4a:2f:d1:01:80:a8:47:ad:5f:6e:f8:
c1:84:1b:78:51:18:3e:92:29:6f:1c:27:5b:19:ca:a4:2c:2f:
f5:ed:86:aa:33:e9:9a:38:b5:58:34:4b:91:2c:7c:bb:57:d7:
7f:3a:06:95:6f:8c:65:56:71:ac:2a:8c:4a:bf:bb:40:aa:a8:
bc:48:6f:04:f8:ff:e9:af:d0:69:b0:c9:78:6a:8d:fc:9d:f2:
3a:9e:56:09:ec:f5:b5:c3:2f:c1:26:da:65:be:33:1b:33:5e:
98:82:e8:a3:ac:38:89:c7:4f:0d:6c:84:d5:ab:33:8c:b6:a5:
af:ce:b7:94:8f:f4:92:39:2e:56:a4:60:f1:ac:d5:66:a4:f7:
fc:60:de:b2:6b:ac:15:0f:bb:ca:fb:8c:e1:a4:63:6b:cc:0e:
79:5d:fc:1b:22:39:67:e6:9c:65:06:bc:5f:e4:ec:0e:12:90:
23:d5:84:77:82:96:81:b2:0a:a1:87:2f:77:44:26:9f:2d:ec:
78:51:cb:51
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY/vlPTbezzc0aBC7Pys5eorMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA2MjIwNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODkyZWMyOWY0MTRjOWUzNGNkNjg3MDRkOGQxNzEwOTA2YjI3YzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHMTL2/ferbqJ8TENtIYM9OjMWqr
H/7UjClpCa/ip+LLBCyhlwwZuyIaZHAd9FI5G4pmGZousGKqgetmtDM8F8dKZdtj
et71jaM7epAuKr2AhWhWre7t6V5PE5ThXrHAWlGaA4/BS3MWVYBEyxfQn2N84GzW
inbrhKE5t8w+CPptwUekaHnTqwW8Uf0PNKDjeY8CZ/zIoiACX66r8QNrQ7ASQz2E
25ztpge6Q7o0+AWeOSreAGfSHD8lsvDwGsAFTiX2s3NpNmEtxwsb4+haglHC8TlU
xiV3BWArXBM3WYBsM14aZTzyJRXnTI/+hr4Sd6VmRgeD/ubYFHHlKc2+kQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPiS7Cn0FMnjTNaHBNjRcQkGsnwiMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMS1KTHNLZlFVeWVOTTFvY0UyTkZ4Q1FheWZDSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvMDk4MzdjLTk4ZjMtNGM5Zi1hZWJmLTg4MTQ4OGZmZGJi
MC8xL1VtSUVGZEpKQ2w3RDlwSmJuM2tFRG80aTNiOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQAuTD4zUBGRUq24BB2I
cSDEN1KLZN6Z0wMvNNob9TFSM0Bl9cl1md/dWjuCh7cYtZVTxHUzjbqlfJtYVCHs
Si/RAYCoR61fbvjBhBt4URg+kilvHCdbGcqkLC/17YaqM+maOLVYNEuRLHy7V9d/
OgaVb4xlVnGsKoxKv7tAqqi8SG8E+P/pr9BpsMl4ao38nfI6nlYJ7PW1wy/BJtpl
vjMbM16YguijrDiJx08NbITVqzOMtqWvzreUj/SSOS5WpGDxrNVmpPf8YN6ya6wV
D7vK+4zhpGNrzA55XfwbIjln5pxlBrxf5OwOEpAj1YR3gpaBsgqhhy93RCafLex4
UctR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:43 2025 by rpki-client