Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1AlBwIoCEcs871pJ-_S2R7dqDAc.roa
File: 1AlBwIoCEcs871pJ-_S2R7dqDAc.roa (raw, json)
Hash identifier: mg2dVF3vIgsWFjxvC+bBfLoQtUa5u1G39Rt2PetWHy8=
Subject key identifier: D4:09:41:C0:8A:02:11:CB:3C:EF:5A:49:FB:F4:B6:47:B7:6A:0C:07
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01908CE41F31230EBEE2EBBE159EA198274D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1AlBwIoCEcs871pJ-_S2R7dqDAc.roa
Signing time: Sun 07 Jul 2024 11:11:18 +0000
ROA not before: Sun 07 Jul 2024 11:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 07 Jul 2024 12:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8c:e4:1f:31:23:0e:be:e2:eb:be:15:9e:a1:98:27:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 7 11:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d40941c08a0211cb3cef5a49fbf4b647b76a0c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:92:d9:f1:82:93:d4:0d:86:03:72:42:ca:d6:
fa:71:bf:70:b3:10:7b:90:f8:38:12:e9:ab:5c:b4:
e5:28:ac:1f:bf:0c:90:63:bd:83:9c:f4:ef:56:05:
41:23:49:c3:24:17:6a:cd:00:bc:29:07:42:82:79:
95:65:0f:91:69:9d:0c:a4:26:aa:0a:31:fc:86:f5:
79:ba:59:76:35:33:3d:a6:45:37:fc:36:41:c0:12:
9d:35:6b:65:93:46:18:fc:00:4c:42:d7:a1:77:f0:
b1:39:22:2b:7d:15:90:80:9c:53:50:56:23:05:0f:
9a:66:fc:e0:ab:aa:34:76:27:58:2d:be:3d:cf:74:
d2:90:77:86:66:06:c9:03:17:8b:05:c3:0d:0d:87:
fb:77:dc:62:3b:07:25:6d:b4:18:d9:b6:4f:f7:0a:
be:e4:7b:4d:f1:c1:62:28:05:6c:fd:be:22:a1:09:
a3:8d:1e:7f:bf:52:aa:e4:fa:5f:4f:a6:67:f7:18:
ae:c9:ee:53:b6:ca:43:ae:63:e1:0b:a1:b5:bd:e4:
0c:b0:ea:82:72:61:a0:52:3f:7b:f0:3c:04:c5:bb:
c7:4f:e3:37:35:73:e6:79:d6:75:51:c4:00:62:95:
a2:84:0b:ad:65:8b:cf:8e:55:76:f0:02:a4:1b:9d:
32:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:09:41:C0:8A:02:11:CB:3C:EF:5A:49:FB:F4:B6:47:B7:6A:0C:07
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1AlBwIoCEcs871pJ-_S2R7dqDAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:45:a1:25:39:cb:97:5e:d7:f6:58:86:6a:ee:d0:a4:e5:01:
18:9b:67:03:fd:91:90:ed:26:09:9f:45:af:61:48:41:f9:da:
80:d3:fa:b4:fa:4e:f1:1b:6a:a3:dc:06:7e:22:c6:e7:26:d4:
d2:cf:e7:99:66:81:21:02:76:95:9e:8d:27:f2:96:e4:e2:f6:
41:39:76:ff:a7:4b:78:75:5c:55:4b:c9:2b:99:9a:f9:05:62:
39:b7:c1:a5:74:fa:3c:e0:6b:fb:e2:48:46:aa:35:da:6f:cb:
f3:7e:df:80:44:b9:f3:f5:4c:e2:5e:b1:05:6e:14:bd:17:e0:
71:90:60:90:44:da:48:f5:cf:11:fb:8b:61:40:fe:41:14:b5:
84:ac:02:c1:df:57:1e:08:db:b8:34:00:e0:c0:4e:65:89:6b:
38:f4:29:b9:af:ef:c6:94:63:b3:f6:78:c0:0e:e2:b0:77:2a:
c3:b9:62:26:22:eb:50:5c:50:3e:64:b8:e5:48:a1:67:eb:e0:
63:b3:b8:b8:b0:97:41:d4:0c:9f:c0:fa:bb:26:f9:f2:8b:12:
34:42:dd:4a:4e:99:3f:28:f2:b2:4a:02:4c:7f:36:71:09:61:
78:53:a3:bd:16:96:90:a5:cb:e6:68:62:35:33:c9:d3:d4:3d:
79:4e:39:2c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCM5B8xIw6+4uu+FZ6hmCdNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA3MTExMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDA5NDFjMDhhMDIxMWNiM2NlZjVhNDlmYmY0YjY0N2I3NmEwYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJLZ8YKT1A2GA3JCytb6cb9wsxB7
kPg4EumrXLTlKKwfvwyQY72DnPTvVgVBI0nDJBdqzQC8KQdCgnmVZQ+RaZ0MpCaq
CjH8hvV5ull2NTM9pkU3/DZBwBKdNWtlk0YY/ABMQtehd/CxOSIrfRWQgJxTUFYj
BQ+aZvzgq6o0didYLb49z3TSkHeGZgbJAxeLBcMNDYf7d9xiOwclbbQY2bZP9wq+
5HtN8cFiKAVs/b4ioQmjjR5/v1Kq5PpfT6Zn9xiuye5TtspDrmPhC6G1veQMsOqC
cmGgUj978DwExbvHT+M3NXPmedZ1UcQAYpWihAutZYvPjlV28AKkG50yTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNQJQcCKAhHLPO9aSfv0tke3agwHMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMUFsQndJb0NFY3M4NzFwSi1fUzJSN2RxREFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGBFoSU5y5de1/ZYhmru
0KTlARibZwP9kZDtJgmfRa9hSEH52oDT+rT6TvEbaqPcBn4ixucm1NLP55lmgSEC
dpWejSfyluTi9kE5dv+nS3h1XFVLySuZmvkFYjm3waV0+jzga/viSEaqNdpvy/N+
34BEufP1TOJesQVuFL0X4HGQYJBE2kj1zxH7i2FA/kEUtYSsAsHfVx4I27g0AODA
TmWJazj0Kbmv78aUY7P2eMAO4rB3KsO5YiYi61BcUD5kuOVIoWfr4GOzuLiwl0HU
DJ/A+rsm+fKLEjRC3UpOmT8o8rJKAkx/NnEJYXhTo70WlpCly+ZoYjUzydPUPXlO
OSw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:36:22 2025 by rpki-client