Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1ojXyWKv9YGX3ThHJlIoe_NKtNc.roa
File: 1ojXyWKv9YGX3ThHJlIoe_NKtNc.roa (raw, json)
Hash identifier: RTUEMpgsmtWbevUsOyQcSLy2HHKX2BsLtjgmS6PC08Y=
Subject key identifier: D6:88:D7:C9:62:AF:F5:81:97:DD:38:47:26:52:28:7B:F3:4A:B4:D7
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FB686DC0F0E150C502933D2AFA99E2672
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1ojXyWKv9YGX3ThHJlIoe_NKtNc.roa
Signing time: Sun 26 May 2024 20:10:42 +0000
ROA not before: Sun 26 May 2024 20:10:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 26 May 2024 21:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b6:86:dc:0f:0e:15:0c:50:29:33:d2:af:a9:9e:26:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 26 20:10:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d688d7c962aff58197dd38472652287bf34ab4d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b2:fc:93:56:ba:cf:b7:c3:a1:07:41:18:d9:
cd:6d:2a:7d:f0:4f:cb:33:aa:67:48:66:e2:75:18:
c5:38:8a:25:89:09:86:b5:13:e2:64:a7:5a:56:68:
22:9f:54:a1:e1:8a:e4:15:32:bd:47:39:04:cf:26:
c7:f3:ec:47:25:32:54:7c:90:fe:95:4e:f2:85:9e:
d4:7c:8a:5f:2c:24:64:5b:4b:01:90:24:37:a7:ff:
76:d1:59:e7:e7:6b:07:13:4a:21:da:80:f4:52:3a:
0d:94:3a:ac:0c:5b:d4:36:1e:fc:88:ff:f7:87:3b:
5c:97:08:70:dd:0a:b2:6f:ce:c7:0a:7c:5d:07:af:
4f:5e:ec:c2:de:c6:1b:02:c0:ef:75:dd:a4:73:82:
2b:71:d6:3f:81:b5:83:04:de:2e:cb:3e:9e:11:eb:
9a:2e:c5:aa:ab:4f:9a:42:a3:47:21:77:87:e0:1f:
cf:2d:cd:96:20:fc:24:4d:09:1b:a1:4f:c2:08:fd:
b7:21:01:26:19:21:2e:24:e1:c0:54:bb:1f:18:bb:
75:4f:2a:89:f3:09:0f:22:18:ea:96:cb:11:3c:69:
34:da:1d:06:89:7e:f1:f1:01:bd:0f:60:dc:e6:48:
31:2a:07:ea:61:b2:5e:8e:66:a7:57:54:f4:53:ec:
ae:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:88:D7:C9:62:AF:F5:81:97:DD:38:47:26:52:28:7B:F3:4A:B4:D7
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1ojXyWKv9YGX3ThHJlIoe_NKtNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
19:85:29:35:ed:d8:ac:02:ca:5f:64:97:85:25:fd:ef:fa:20:
81:aa:ae:10:ca:22:98:0a:22:44:e3:eb:98:73:fe:f8:56:eb:
b0:b6:7b:44:04:4e:8a:8c:33:65:2f:b0:5a:40:4f:ed:3e:41:
79:6f:a2:f8:62:1d:2d:81:0c:4e:79:f0:55:83:b0:96:be:26:
ae:ea:79:86:69:12:64:7c:95:32:f5:d6:9e:c1:da:00:b1:ee:
58:c7:40:68:93:6f:3c:08:74:19:ac:14:3b:33:86:95:60:6c:
52:14:7e:41:0b:31:f1:4a:a8:f6:f9:c8:5a:89:45:5f:00:df:
0d:15:43:98:cd:04:a9:f6:30:26:91:1a:df:c9:19:0b:68:b7:
de:5b:e7:d9:ec:85:89:db:7e:ee:a2:c5:d6:83:bd:df:44:1e:
9c:d0:28:fa:95:e8:df:f1:22:3b:d6:47:05:8e:55:b4:f8:ae:
78:75:0b:a4:6b:5c:e2:b2:41:bf:08:ae:1c:7b:69:a0:9e:0c:
73:9a:86:d6:d9:df:3c:09:9c:64:ec:65:8b:a7:b3:1f:ec:e2:
86:45:64:fb:4e:84:76:81:b7:bd:26:74:66:1f:ce:04:f2:fc:
dd:bd:e0:75:8a:5c:fd:bc:87:af:6a:1a:ce:82:77:cd:85:e7:
3e:60:3c:99
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+2htwPDhUMUCkz0q+pniZyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI2MjAxMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjg4ZDdjOTYyYWZmNTgxOTdkZDM4NDcyNjUyMjg3YmYzNGFiNGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirL8k1a6z7fDoQdBGNnNbSp98E/L
M6pnSGbidRjFOIoliQmGtRPiZKdaVmgin1Sh4YrkFTK9RzkEzybH8+xHJTJUfJD+
lU7yhZ7UfIpfLCRkW0sBkCQ3p/920Vnn52sHE0oh2oD0UjoNlDqsDFvUNh78iP/3
hztclwhw3Qqyb87HCnxdB69PXuzC3sYbAsDvdd2kc4IrcdY/gbWDBN4uyz6eEeua
LsWqq0+aQqNHIXeH4B/PLc2WIPwkTQkboU/CCP23IQEmGSEuJOHAVLsfGLt1TyqJ
8wkPIhjqlssRPGk02h0GiX7x8QG9D2Dc5kgxKgfqYbJejmanV1T0U+yuRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNaI18lir/WBl904RyZSKHvzSrTXMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMW9qWHlXS3Y5WUdYM1RoSEpsSW9lX05LdE5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABmFKTXt2KwCyl9kl4Ul
/e/6IIGqrhDKIpgKIkTj65hz/vhW67C2e0QEToqMM2UvsFpAT+0+QXlvovhiHS2B
DE558FWDsJa+Jq7qeYZpEmR8lTL11p7B2gCx7ljHQGiTbzwIdBmsFDszhpVgbFIU
fkELMfFKqPb5yFqJRV8A3w0VQ5jNBKn2MCaRGt/JGQtot95b59nshYnbfu6ixdaD
vd9EHpzQKPqV6N/xIjvWRwWOVbT4rnh1C6RrXOKyQb8Irhx7aaCeDHOahtbZ3zwJ
nGTsZYunsx/s4oZFZPtOhHaBt70mdGYfzgTy/N294HWKXP28h69qGs6Cd82F5z5g
PJk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:54 2025 by rpki-client