Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1ZRpVLLwM2L3E0e5QEyyKxOXZOQ.roa
File: 1ZRpVLLwM2L3E0e5QEyyKxOXZOQ.roa (raw, json)
Hash identifier: 2De4ojH7+9ATzDAMYe01P6i5B7nwgeDbE2Qq5TTWnJ8=
Subject key identifier: D5:94:69:54:B2:F0:33:62:F7:13:47:B9:40:4C:B2:2B:13:97:64:E4
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FC13C26BCA73CE84CDFFCB6668D23633E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1ZRpVLLwM2L3E0e5QEyyKxOXZOQ.roa
Signing time: Tue 28 May 2024 22:04:55 +0000
ROA not before: Tue 28 May 2024 22:04:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:c13b:880d/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 28 May 2024 22:11:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c1:3c:26:bc:a7:3c:e8:4c:df:fc:b6:66:8d:23:63:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 28 22:04:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5946954b2f03362f71347b9404cb22b139764e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d8:95:70:d6:38:78:cb:6d:c8:dd:fd:58:2b:
e3:4e:ce:92:82:e2:62:1e:db:53:17:7d:fc:11:5b:
24:44:85:4a:a6:10:f5:55:2c:88:b2:f1:05:82:f7:
18:fb:62:2b:bb:19:7c:49:50:6e:52:86:f8:48:6e:
76:94:ea:d2:de:23:6d:bf:a9:26:cf:8d:e8:57:16:
b2:65:2c:e2:b4:2c:3c:47:1f:97:06:d8:40:e6:83:
bd:a7:a0:4a:66:68:72:a6:cf:2a:4c:c0:df:cb:5d:
a1:60:83:65:3f:9c:10:1e:06:8c:cf:41:62:9c:32:
ef:96:05:f5:bc:c8:43:b1:d6:cf:ed:76:31:35:a1:
cd:f1:eb:24:01:24:94:29:37:c7:22:45:1c:9c:eb:
c3:59:3e:e5:8f:ea:29:4f:03:0e:77:3a:98:46:66:
4e:10:1a:d9:91:c5:d9:a7:9c:01:87:ef:dd:d6:31:
8e:9f:a3:c7:a6:ae:07:c5:8a:c8:3e:ad:3a:e3:8e:
41:8c:7b:32:89:fe:29:13:78:9f:5a:71:35:cf:c1:
18:9a:1e:e6:7d:c7:e7:92:f1:d7:96:8b:f3:f1:29:
62:77:81:70:39:0a:ad:6a:b5:a2:3a:24:40:f6:52:
da:c4:88:55:cf:31:20:b8:20:ea:c8:26:eb:80:1f:
0b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:94:69:54:B2:F0:33:62:F7:13:47:B9:40:4C:B2:2B:13:97:64:E4
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1ZRpVLLwM2L3E0e5QEyyKxOXZOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:11:f3:84:a5:b8:4a:d9:a0:81:db:6e:bb:e7:29:c7:3f:a4:
35:58:71:39:cb:33:60:91:12:b2:47:fa:af:bc:6c:59:cc:fc:
b0:d1:0a:29:61:85:ac:9f:7b:09:d2:3a:26:eb:f8:34:45:be:
82:ff:bc:32:dd:7e:dc:76:c1:90:b8:03:4b:9c:b7:c9:57:1b:
37:a5:4f:43:da:38:e1:4d:32:3c:67:78:f6:be:fa:8b:b6:1b:
79:3b:ef:a1:1e:0e:9e:bc:85:65:7d:c3:65:f0:8e:03:02:d8:
a3:15:d2:3a:e1:6c:30:34:2c:c2:26:f0:79:0b:e0:55:ce:a1:
f2:bb:92:e8:33:a5:64:22:4b:99:0d:ce:7c:ae:ec:54:14:a1:
d9:9d:fd:de:05:d4:d9:5c:94:b9:64:9d:0b:5b:bd:10:7a:c4:
50:9f:e1:f9:2f:c3:60:9f:ae:fc:0b:b6:7c:83:cf:b7:a3:39:
08:be:00:a3:be:87:7f:e0:bc:77:60:2b:4c:d3:af:a9:b2:8a:
a2:d4:e3:05:0b:10:ad:fb:66:f0:d4:2b:0c:ab:0b:8f:e1:4d:
ee:cb:39:15:63:d7:10:3d:9a:f2:c9:19:8c:83:5c:fe:df:5e:
70:66:35:54:3f:5b:9b:3e:46:d8:89:86:89:31:dc:9a:09:b6:
e2:62:43:73
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/BPCa8pzzoTN/8tmaNI2M+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI4MjIwNDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTk0Njk1NGIyZjAzMzYyZjcxMzQ3Yjk0MDRjYjIyYjEzOTc2NGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tiVcNY4eMttyN39WCvjTs6SguJi
HttTF338EVskRIVKphD1VSyIsvEFgvcY+2Iruxl8SVBuUob4SG52lOrS3iNtv6km
z43oVxayZSzitCw8Rx+XBthA5oO9p6BKZmhyps8qTMDfy12hYINlP5wQHgaMz0Fi
nDLvlgX1vMhDsdbP7XYxNaHN8eskASSUKTfHIkUcnOvDWT7lj+opTwMOdzqYRmZO
EBrZkcXZp5wBh+/d1jGOn6PHpq4HxYrIPq06445BjHsyif4pE3ifWnE1z8EYmh7m
fcfnkvHXlovz8Slid4FwOQqtarWiOiRA9lLaxIhVzzEguCDqyCbrgB8LswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNWUaVSy8DNi9xNHuUBMsisTl2TkMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMVpScFZMTHdNMkwzRTBlNVFFeXlLeE9YWk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAwR84SluErZoIHbbrvn
Kcc/pDVYcTnLM2CRErJH+q+8bFnM/LDRCilhhayfewnSOibr+DRFvoL/vDLdftx2
wZC4A0uct8lXGzelT0PaOOFNMjxnePa++ou2G3k776EeDp68hWV9w2XwjgMC2KMV
0jrhbDA0LMIm8HkL4FXOofK7kugzpWQiS5kNznyu7FQUodmd/d4F1NlclLlknQtb
vRB6xFCf4fkvw2CfrvwLtnyDz7ejOQi+AKO+h3/gvHdgK0zTr6myiqLU4wULEK37
ZvDUKwyrC4/hTe7LORVj1xA9mvLJGYyDXP7fXnBmNVQ/W5s+RtiJhokx3JoJtuJi
Q3M=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:36 2025 by rpki-client