Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2l3OAn_U6s6XY7NoJnMa47qudhs.roa
File: 2l3OAn_U6s6XY7NoJnMa47qudhs.roa (raw, json)
Hash identifier: gGpeXAzfG39163Nny4IvG33zi0fKCitgmERLnoO65oc=
Subject key identifier: DA:5D:CE:02:7F:D4:EA:CE:97:63:B3:68:26:73:1A:E3:BA:AE:76:1B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FC3D49F5049EF098F1DF23C90D58030FF
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2l3OAn_U6s6XY7NoJnMa47qudhs.roa
Signing time: Wed 29 May 2024 10:10:42 +0000
ROA not before: Wed 29 May 2024 10:10:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 May 2024 11:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c3:d4:9f:50:49:ef:09:8f:1d:f2:3c:90:d5:80:30:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 29 10:10:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da5dce027fd4eace9763b36826731ae3baae761b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c4:52:e0:39:ce:32:5a:f4:2b:e1:89:67:3e:
db:87:1d:3f:06:0d:80:5c:ce:2c:6a:91:26:94:eb:
49:e7:91:bd:26:f0:74:d3:b0:6d:c5:59:51:64:70:
3a:6e:2b:cd:eb:c3:d1:c9:d5:90:b0:ed:40:f9:05:
1e:35:79:bc:24:06:60:fc:9f:0d:e0:c2:a3:c5:0f:
7e:75:50:69:c4:10:c8:03:8e:d3:ae:47:cf:1f:fd:
aa:5d:e9:9b:7b:85:ba:05:2a:2a:96:84:bd:7d:08:
c8:a2:be:ba:05:04:97:86:61:80:a8:08:9f:05:95:
19:f9:c2:b3:38:71:49:44:63:9c:42:ed:86:0e:85:
f3:5e:56:23:10:93:21:71:95:bf:08:3e:88:3d:ea:
db:bb:a9:dd:c4:03:0d:47:f9:75:90:3c:70:ea:a7:
d0:50:ab:8c:fb:61:06:19:44:1b:45:be:af:7a:43:
09:65:61:e3:e5:02:92:66:be:2a:5e:89:e2:31:f5:
6b:c7:6d:25:1d:a9:48:22:17:b2:7c:a5:9d:57:f5:
cf:21:c2:62:6d:2f:9a:8d:a6:59:1e:12:36:b9:b5:
ae:5e:73:83:af:29:ae:bd:c2:1b:fa:1f:4e:22:c4:
ce:a0:85:a1:cd:77:4d:e6:39:e1:65:7e:ce:b3:d4:
f4:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:5D:CE:02:7F:D4:EA:CE:97:63:B3:68:26:73:1A:E3:BA:AE:76:1B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2l3OAn_U6s6XY7NoJnMa47qudhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:43:3d:e4:ab:38:cc:3f:23:ec:17:65:e8:19:0d:f0:2e:a7:
68:74:ce:09:55:e5:86:d1:64:7b:58:a2:9a:ff:d8:0c:97:3b:
04:40:73:d2:24:de:69:f6:6f:a8:0f:3c:fc:e9:b7:74:f3:85:
5b:f1:19:04:18:c7:4d:9b:65:65:6b:72:2e:8e:f9:52:75:ff:
ef:ff:7a:d3:2f:45:54:ac:15:63:ad:b5:85:7c:c2:10:8f:2b:
c0:0c:29:f4:01:09:c6:ca:5f:a0:b1:b2:8a:27:3f:9e:94:62:
1b:4c:c0:ac:8c:72:51:c1:87:21:da:43:3d:78:d7:57:84:a0:
42:c7:1b:b0:d6:f4:43:a6:42:f8:ac:85:cb:46:35:9e:be:4d:
28:ba:24:fb:ec:5b:fd:c0:13:b8:18:9b:06:df:1f:68:dc:dd:
d6:f6:3d:13:f3:44:f2:67:e7:41:6a:3b:ae:9c:ce:08:c2:1b:
e4:3c:a1:78:a4:98:13:c7:4d:29:ad:c4:1f:5a:f5:9a:71:1b:
47:24:50:f0:ed:28:72:42:ee:37:05:b5:87:b5:aa:45:47:99:
3b:2d:26:67:f9:b6:04:dd:c9:ca:63:18:b0:fd:c1:a9:6d:05:
4c:9f:f7:a2:a5:a1:5f:dc:6b:be:48:fc:76:69:a6:58:a4:a6:
7b:23:fa:03
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/D1J9QSe8Jjx3yPJDVgDD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI5MTAxMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTVkY2UwMjdmZDRlYWNlOTc2M2IzNjgyNjczMWFlM2JhYWU3NjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8RS4DnOMlr0K+GJZz7bhx0/Bg2A
XM4sapEmlOtJ55G9JvB007BtxVlRZHA6bivN68PRydWQsO1A+QUeNXm8JAZg/J8N
4MKjxQ9+dVBpxBDIA47TrkfPH/2qXembe4W6BSoqloS9fQjIor66BQSXhmGAqAif
BZUZ+cKzOHFJRGOcQu2GDoXzXlYjEJMhcZW/CD6IPerbu6ndxAMNR/l1kDxw6qfQ
UKuM+2EGGUQbRb6vekMJZWHj5QKSZr4qXoniMfVrx20lHalIIheyfKWdV/XPIcJi
bS+ajaZZHhI2ubWuXnODrymuvcIb+h9OIsTOoIWhzXdN5jnhZX7Os9T0swIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNpdzgJ/1OrOl2OzaCZzGuO6rnYbMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMmwzT0FuX1U2czZYWTdOb0puTWE0N3F1ZGhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACpDPeSrOMw/I+wXZegZ
DfAup2h0zglV5YbRZHtYopr/2AyXOwRAc9Ik3mn2b6gPPPzpt3TzhVvxGQQYx02b
ZWVrci6O+VJ1/+//etMvRVSsFWOttYV8whCPK8AMKfQBCcbKX6CxsoonP56UYhtM
wKyMclHBhyHaQz1411eEoELHG7DW9EOmQvishctGNZ6+TSi6JPvsW/3AE7gYmwbf
H2jc3db2PRPzRPJn50FqO66czgjCG+Q8oXikmBPHTSmtxB9a9ZpxG0ckUPDtKHJC
7jcFtYe1qkVHmTstJmf5tgTdycpjGLD9waltBUyf96KloV/ca75I/HZpplikpnsj
+gM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:07 2025 by rpki-client