Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2dHCCqrz_90HnWN6o3Hb6dvaq_I.roa
File: 2dHCCqrz_90HnWN6o3Hb6dvaq_I.roa (raw, json)
Hash identifier: X8h/JbzHR8ELnAAGs6xQxQ2I7YmcPXf3TI4trkBFXA4=
Subject key identifier: D9:D1:C2:0A:AA:F3:FF:DD:07:9D:63:7A:A3:71:DB:E9:DB:DA:AB:F2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01908417015F3D9E561C11F73A8B195F2B06
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2dHCCqrz_90HnWN6o3Hb6dvaq_I.roa
Signing time: Fri 05 Jul 2024 18:10:18 +0000
ROA not before: Fri 05 Jul 2024 18:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 05 Jul 2024 19:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:84:17:01:5f:3d:9e:56:1c:11:f7:3a:8b:19:5f:2b:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 5 18:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9d1c20aaaf3ffdd079d637aa371dbe9dbdaabf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:db:f7:7d:4c:63:1f:0e:9a:b4:ec:b7:65:93:
12:fd:b9:46:82:61:0e:b6:8d:7c:b7:bd:1c:ca:fa:
87:3a:87:8f:73:33:f8:16:f1:4e:a8:2e:de:d4:87:
3b:4a:b5:da:d8:46:df:95:7b:03:68:e5:83:62:87:
d9:e6:cd:54:26:79:59:9f:77:52:d7:e5:e9:ea:3a:
75:5d:dd:7f:d7:bb:4a:a0:fa:08:07:30:c3:85:29:
2b:5a:e2:9b:63:c8:ac:8a:eb:e6:ed:3e:79:d0:a5:
37:ea:96:db:26:5b:c0:d5:74:60:cd:56:19:b4:95:
5f:86:f9:0b:6b:d2:cd:7e:4a:b8:32:2a:33:ea:c1:
e8:3a:08:3a:92:c4:2b:2c:1c:be:78:59:04:0d:f1:
9b:c0:d3:2d:98:69:f5:a7:e7:e9:4f:67:4d:9e:0c:
99:8a:26:2d:43:91:59:e1:fc:9e:55:a5:1c:65:f3:
6d:10:81:01:62:ab:79:c7:bf:a4:69:3a:dc:94:03:
08:d1:6b:b1:7c:aa:0d:43:c4:ed:e4:9d:64:1c:ec:
50:9a:22:95:3e:65:d5:be:8b:6e:a8:3f:a2:18:50:
07:e7:27:ad:1f:51:0b:46:22:b5:50:ee:b3:5a:87:
f1:e0:95:95:31:17:ec:6c:b4:a9:7b:11:fd:de:03:
ab:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D1:C2:0A:AA:F3:FF:DD:07:9D:63:7A:A3:71:DB:E9:DB:DA:AB:F2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2dHCCqrz_90HnWN6o3Hb6dvaq_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7e:bf:1d:13:ed:ed:dc:6a:ab:32:51:75:01:72:6f:97:d3:51:
30:63:f6:28:a4:b3:08:95:18:ed:1e:c0:6c:fa:9b:bc:01:cd:
bc:a4:b2:a0:2d:6e:32:69:e4:fb:fd:c5:77:23:c8:ba:af:c0:
ff:69:e0:41:36:00:1c:c5:51:01:5f:63:61:7e:71:ed:c1:16:
ed:36:4d:2b:60:c5:64:92:c5:26:3e:fc:ab:3f:41:02:3e:ff:
ff:0b:4f:fe:b8:e9:15:15:f1:2e:d7:99:92:22:6a:7b:be:f0:
29:78:39:79:39:8e:00:32:f9:a7:b7:6e:b9:d7:3b:4b:c2:0f:
e8:9e:9e:70:4b:a3:cc:61:f2:1c:0e:f0:f6:a2:6b:10:39:89:
9d:d5:dc:62:9b:ca:19:32:c1:06:ac:8d:de:0a:57:bb:d0:13:
9c:dd:d3:63:4d:0c:68:80:d8:77:c2:69:ca:7b:78:96:a7:01:
92:15:a1:bc:40:01:27:af:c3:73:75:21:74:ac:48:5e:b6:39:
ea:f8:51:88:15:5c:c6:17:1d:c4:e2:20:41:6c:98:28:a2:1b:
cb:10:55:ed:46:97:49:5f:0c:8f:d5:95:e3:d5:94:ee:91:07:
9a:12:da:c5:1a:db:fc:5f:75:53:98:55:69:1f:2d:a6:82:f6:
ec:3a:8d:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCEFwFfPZ5WHBH3OosZXysGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA1MTgxMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWQxYzIwYWFhZjNmZmRkMDc5ZDYzN2FhMzcxZGJlOWRiZGFhYmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNv3fUxjHw6atOy3ZZMS/blGgmEO
to18t70cyvqHOoePczP4FvFOqC7e1Ic7SrXa2EbflXsDaOWDYofZ5s1UJnlZn3dS
1+Xp6jp1Xd1/17tKoPoIBzDDhSkrWuKbY8isiuvm7T550KU36pbbJlvA1XRgzVYZ
tJVfhvkLa9LNfkq4Mioz6sHoOgg6ksQrLBy+eFkEDfGbwNMtmGn1p+fpT2dNngyZ
iiYtQ5FZ4fyeVaUcZfNtEIEBYqt5x7+kaTrclAMI0WuxfKoNQ8Tt5J1kHOxQmiKV
PmXVvotuqD+iGFAH5yetH1ELRiK1UO6zWofx4JWVMRfsbLSpexH93gOrFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNnRwgqq8//dB51jeqNx2+nb2qvyMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMmRIQ0NxcnpfOTBIbldONm8zSGI2ZHZhcV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH6/HRPt7dxqqzJRdQFy
b5fTUTBj9iikswiVGO0ewGz6m7wBzbyksqAtbjJp5Pv9xXcjyLqvwP9p4EE2ABzF
UQFfY2F+ce3BFu02TStgxWSSxSY+/Ks/QQI+//8LT/646RUV8S7XmZIianu+8Cl4
OXk5jgAy+ae3brnXO0vCD+iennBLo8xh8hwO8PaiaxA5iZ3V3GKbyhkywQasjd4K
V7vQE5zd02NNDGiA2HfCacp7eJanAZIVobxAASevw3N1IXSsSF62Oer4UYgVXMYX
HcTiIEFsmCiiG8sQVe1Gl0lfDI/VlePVlO6RB5oS2sUa2/xfdVOYVWkfLaaC9uw6
jYk=
-----END CERTIFICATE-----
Generated at Fri Jul 5 21:12:00 2024 by rpki-client on console-ams.rpki-client.org