Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3XyElskPrMav1TQA_GsI3w4fEzY.roa
File: 3XyElskPrMav1TQA_GsI3w4fEzY.roa (raw, json)
Hash identifier: 8E+BJQCa8mqSxmUTi/EiZrDYHH5Cc/ytPGtHSCyoBL0=
Subject key identifier: DD:7C:84:96:C9:0F:AC:C6:AF:D5:34:00:FC:6B:08:DF:0E:1F:13:36
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01908AF5BBDBBCD5A0ADCAAC57257AD8EDB2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3XyElskPrMav1TQA_GsI3w4fEzY.roa
Signing time: Sun 07 Jul 2024 02:11:18 +0000
ROA not before: Sun 07 Jul 2024 02:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 07 Jul 2024 03:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8a:f5:bb:db:bc:d5:a0:ad:ca:ac:57:25:7a:d8:ed:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 7 02:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd7c8496c90facc6afd53400fc6b08df0e1f1336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0f:d5:2c:0f:b3:f4:7f:a3:cf:10:9e:4f:b0:
23:42:8a:6a:1a:70:02:a8:11:cd:55:9e:cc:4a:28:
a2:01:aa:69:7f:51:d2:4c:64:83:9e:67:b0:fc:db:
06:6b:7b:8c:1d:8b:15:08:c5:4b:b2:df:9b:32:20:
55:2e:19:bf:6b:81:f0:35:8a:d2:5f:eb:b4:0d:83:
99:70:e9:a2:d6:e4:2d:36:6c:69:33:a0:66:d2:7b:
7c:2e:76:ab:34:a6:ad:8d:f4:a8:d2:e2:25:02:5a:
a9:64:15:66:b7:da:ce:4c:3a:df:a0:b9:fc:0e:1d:
60:48:76:29:b7:92:95:8b:a0:96:c3:8c:dd:d3:7f:
10:17:6f:32:77:31:3c:37:e5:c9:c0:89:b6:fe:aa:
4a:27:7a:2c:60:9a:41:15:0a:dc:9b:7d:2b:65:6e:
3a:5e:74:c1:6f:30:78:73:93:e7:0c:fd:be:7e:af:
1e:6a:c1:9b:01:8c:24:08:01:91:16:37:00:c2:61:
05:e9:56:21:5b:9f:38:c7:50:ca:0b:b8:f3:d3:d5:
01:44:b5:eb:0f:26:3c:d3:10:77:67:ca:51:f2:08:
b6:a9:78:ef:ae:fe:fe:bc:df:f6:3f:17:61:ef:b9:
b9:80:69:d2:24:f1:16:64:57:39:84:e8:ad:a7:e8:
00:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:7C:84:96:C9:0F:AC:C6:AF:D5:34:00:FC:6B:08:DF:0E:1F:13:36
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3XyElskPrMav1TQA_GsI3w4fEzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:61:2b:8b:dc:2f:b9:eb:81:20:b6:bd:08:1e:cc:cf:ae:23:
f9:ff:3b:5a:eb:e4:4c:b9:4f:e5:28:5e:21:8a:4b:21:84:cb:
8e:7e:07:72:be:c5:db:f4:ab:ab:57:22:5e:37:5b:cf:11:51:
3a:a7:3f:31:8a:3d:71:ca:71:48:82:1f:7e:26:0d:ca:99:1a:
b5:56:82:be:40:a1:78:dd:2b:49:22:8a:ae:8b:5f:f3:5f:58:
1c:95:0c:2a:f8:9a:d5:8e:59:46:9b:1a:1b:51:c5:a4:06:51:
f4:e8:bf:70:be:0f:cb:51:c4:ff:10:f8:d4:87:81:27:3c:a3:
42:8f:c6:08:c8:cd:b7:41:56:3f:48:37:15:25:9d:ec:2a:27:
6d:c7:ae:e3:a6:fc:ac:8b:8e:4e:91:38:60:f6:d3:8a:1e:89:
ef:51:f9:5d:b5:e1:f6:9e:10:b8:3d:2e:8b:a4:68:f8:29:b4:
05:a2:72:22:53:89:66:37:8a:22:fc:88:96:38:9b:ef:da:06:
6e:a4:ce:0d:e3:03:45:35:76:2d:20:db:5b:17:7c:e0:9c:00:
c3:ad:29:aa:69:45:bb:34:ed:6a:ed:9d:a3:7d:9c:49:da:d1:
55:64:13:bf:0d:21:80:48:ce:27:1a:80:65:6e:8e:95:b7:62:
69:84:44:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCK9bvbvNWgrcqsVyV62O2yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA3MDIxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDdjODQ5NmM5MGZhY2M2YWZkNTM0MDBmYzZiMDhkZjBlMWYxMzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQ/VLA+z9H+jzxCeT7AjQopqGnAC
qBHNVZ7MSiiiAappf1HSTGSDnmew/NsGa3uMHYsVCMVLst+bMiBVLhm/a4HwNYrS
X+u0DYOZcOmi1uQtNmxpM6Bm0nt8LnarNKatjfSo0uIlAlqpZBVmt9rOTDrfoLn8
Dh1gSHYpt5KVi6CWw4zd038QF28ydzE8N+XJwIm2/qpKJ3osYJpBFQrcm30rZW46
XnTBbzB4c5PnDP2+fq8easGbAYwkCAGRFjcAwmEF6VYhW584x1DKC7jz09UBRLXr
DyY80xB3Z8pR8gi2qXjvrv7+vN/2Pxdh77m5gGnSJPEWZFc5hOitp+gAXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN18hJbJD6zGr9U0APxrCN8OHxM2MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvM1h5RWxza1ByTWF2MVRRQV9Hc0kzdzRmRXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFJhK4vcL7nrgSC2vQge
zM+uI/n/O1rr5Ey5T+UoXiGKSyGEy45+B3K+xdv0q6tXIl43W88RUTqnPzGKPXHK
cUiCH34mDcqZGrVWgr5AoXjdK0kiiq6LX/NfWByVDCr4mtWOWUabGhtRxaQGUfTo
v3C+D8tRxP8Q+NSHgSc8o0KPxgjIzbdBVj9INxUlnewqJ23HruOm/KyLjk6ROGD2
04oeie9R+V214faeELg9LoukaPgptAWiciJTiWY3iiL8iJY4m+/aBm6kzg3jA0U1
di0g21sXfOCcAMOtKappRbs07WrtnaN9nEna0VVkE78NIYBIzicagGVujpW3YmmE
RM8=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:43:40 2025 by rpki-client