Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3hLWZ2w_Qu4_0vmm6gpiS51rOxU.roa
File: 3hLWZ2w_Qu4_0vmm6gpiS51rOxU.roa (raw, json)
Hash identifier: C903pIVLNDtD8S0Daj3ICxJY06B1z7N63opnJJan9s8=
Subject key identifier: DE:12:D6:67:6C:3F:42:EE:3F:D2:F9:A6:EA:0A:62:4B:9D:6B:3B:15
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FC9A0774DAE8E68391010B116E5CB284A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3hLWZ2w_Qu4_0vmm6gpiS51rOxU.roa
Signing time: Thu 30 May 2024 13:11:27 +0000
ROA not before: Thu 30 May 2024 13:11:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 30 May 2024 14:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c9:a0:77:4d:ae:8e:68:39:10:10:b1:16:e5:cb:28:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 30 13:11:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de12d6676c3f42ee3fd2f9a6ea0a624b9d6b3b15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8b:1f:61:55:1b:30:28:03:95:13:f8:85:42:
18:2e:37:9b:e9:08:76:7e:df:07:2e:ed:ad:6a:5d:
73:e6:82:47:99:19:6c:06:77:fe:d0:c0:ae:9c:e4:
e3:17:c6:6a:b5:29:02:57:df:6b:dd:ad:93:7c:ae:
8f:7c:80:3e:12:2f:22:ad:f0:54:ec:09:3f:a5:a0:
44:74:7a:92:7e:fa:97:e5:d7:9a:bf:d3:15:24:6b:
b2:d7:ea:fa:78:5c:f1:f5:b2:3f:0a:ab:b4:57:ba:
f5:77:79:e1:2e:00:96:7c:f4:34:5c:ca:53:a2:24:
35:e1:21:7f:64:18:27:c2:61:23:43:d5:c8:48:3f:
37:52:65:1f:e8:93:a5:fc:a1:b6:d7:8b:c5:b7:64:
76:9d:9d:bf:fb:18:69:9a:1b:75:32:04:69:7a:ad:
61:63:4b:b6:43:5e:81:2f:b9:1a:ea:71:27:9c:e6:
11:55:81:d9:e4:32:00:cd:3d:b9:92:8f:9a:c8:4b:
fc:b1:c3:e2:6e:e4:04:1b:e1:64:62:4f:13:67:b0:
d3:0f:1a:99:61:6c:eb:42:44:40:58:f1:0d:40:a5:
59:68:03:32:50:54:51:f6:b1:2d:36:c8:6e:83:1f:
7b:1f:e9:94:f5:c6:3e:06:24:7a:3d:2d:52:db:8b:
8b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:12:D6:67:6C:3F:42:EE:3F:D2:F9:A6:EA:0A:62:4B:9D:6B:3B:15
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3hLWZ2w_Qu4_0vmm6gpiS51rOxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2b:3f:9a:83:5e:6e:f0:51:54:35:fc:38:15:73:47:c5:4d:f8:
1f:b6:4f:4f:4a:88:76:95:a0:08:f3:58:81:5e:7e:cc:0e:1a:
33:15:88:e9:69:78:74:b5:91:34:8f:a0:81:c8:9a:7b:32:54:
de:f1:d6:5e:c9:5b:2a:3a:5b:be:9f:da:2c:a2:92:f6:a6:27:
57:65:72:0d:3d:f6:e0:61:18:67:62:11:9f:96:ba:10:1d:03:
eb:b5:1d:b2:a2:77:b2:00:42:92:84:3a:b0:0c:91:4c:64:94:
05:88:00:11:e9:ea:54:95:0a:c6:a0:d5:8a:b9:4b:15:85:8d:
c0:7f:f5:31:9d:e0:0e:80:28:21:14:ad:36:84:f9:1b:15:75:
34:9b:d8:74:8c:03:9f:54:8b:ba:6d:de:9b:5a:98:51:00:54:
12:38:95:4b:61:ae:76:9b:4a:ee:b5:51:c5:c4:f0:8d:e9:a3:
10:33:96:73:13:e8:24:6c:98:8f:8c:bc:02:d8:6c:1d:d3:14:
f9:b5:b7:e4:95:81:de:b6:ec:83:d6:08:07:72:3e:4a:52:26:
19:92:ff:8f:9a:e8:a6:d9:c0:72:4f:18:27:92:2e:5e:db:c7:
64:8b:16:76:4c:ae:db:3a:21:e9:3c:b0:5b:0d:8b:07:e4:d3:
35:72:d5:4c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/JoHdNro5oORAQsRblyyhKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTMwMTMxMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTEyZDY2NzZjM2Y0MmVlM2ZkMmY5YTZlYTBhNjI0YjlkNmIzYjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIsfYVUbMCgDlRP4hUIYLjeb6Qh2
ft8HLu2tal1z5oJHmRlsBnf+0MCunOTjF8ZqtSkCV99r3a2TfK6PfIA+Ei8irfBU
7Ak/paBEdHqSfvqX5deav9MVJGuy1+r6eFzx9bI/Cqu0V7r1d3nhLgCWfPQ0XMpT
oiQ14SF/ZBgnwmEjQ9XISD83UmUf6JOl/KG214vFt2R2nZ2/+xhpmht1MgRpeq1h
Y0u2Q16BL7ka6nEnnOYRVYHZ5DIAzT25ko+ayEv8scPibuQEG+FkYk8TZ7DTDxqZ
YWzrQkRAWPENQKVZaAMyUFRR9rEtNshugx97H+mU9cY+BiR6PS1S24uLPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN4S1mdsP0LuP9L5puoKYkudazsVMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvM2hMV1oyd19RdTRfMHZtbTZncGlTNTFyT3hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACs/moNebvBRVDX8OBVz
R8VN+B+2T09KiHaVoAjzWIFefswOGjMViOlpeHS1kTSPoIHImnsyVN7x1l7JWyo6
W76f2iyikvamJ1dlcg099uBhGGdiEZ+WuhAdA+u1HbKid7IAQpKEOrAMkUxklAWI
ABHp6lSVCsag1Yq5SxWFjcB/9TGd4A6AKCEUrTaE+RsVdTSb2HSMA59Ui7pt3pta
mFEAVBI4lUthrnabSu61UcXE8I3poxAzlnMT6CRsmI+MvALYbB3TFPm1t+SVgd62
7IPWCAdyPkpSJhmS/4+a6KbZwHJPGCeSLl7bx2SLFnZMrts6Iek8sFsNiwfk0zVy
1Uw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:20 2025 by rpki-client