Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4PCH5_ab1X4f1dAzDrhkgq4-DEA.roa
File: 4PCH5_ab1X4f1dAzDrhkgq4-DEA.roa (raw, json)
Hash identifier: 1J6P1nqiPt6sIGLmE4vDeXj04kMZMjl4DfnJK3NNANs=
Subject key identifier: E0:F0:87:E7:F6:9B:D5:7E:1F:D5:D0:33:0E:B8:64:82:AE:3E:0C:40
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01909B42F2D6041EED6591818FE6159A9955
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4PCH5_ab1X4f1dAzDrhkgq4-DEA.roa
Signing time: Wed 10 Jul 2024 06:09:34 +0000
ROA not before: Wed 10 Jul 2024 06:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Jul 2024 07:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9b:42:f2:d6:04:1e:ed:65:91:81:8f:e6:15:9a:99:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 10 06:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0f087e7f69bd57e1fd5d0330eb86482ae3e0c40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:48:a9:f7:41:d0:39:3c:f5:b7:c5:d4:e3:66:
26:38:db:23:38:54:79:2b:06:6d:63:19:c8:4b:d4:
35:0d:81:85:1b:8c:b0:31:1d:ff:65:11:a0:b6:f1:
f7:5f:b8:61:fd:eb:03:8d:60:76:09:31:6f:13:69:
5c:61:ab:dc:b8:e7:5d:e9:76:da:29:e4:65:86:cd:
f1:91:ed:f7:77:a6:23:83:43:36:41:bd:9b:55:71:
ab:02:e4:d0:42:a5:cd:b5:3f:fb:eb:4d:f6:9a:00:
cc:03:04:8a:d4:95:a8:f2:37:52:40:6d:04:f4:82:
96:dd:a6:5c:04:1f:bc:a6:cf:c5:92:33:98:f5:e1:
c6:41:3b:a2:20:a6:72:4b:04:60:fc:eb:02:9b:00:
a4:96:e8:47:7e:b0:cf:3b:d7:ff:a4:d9:56:73:d2:
fb:2b:ee:93:62:f8:be:96:4a:b1:b3:f3:44:a1:4e:
f1:a8:e2:52:12:70:02:4c:df:50:87:43:40:ab:ed:
66:a9:68:28:9e:f5:e0:82:16:ba:52:7c:b0:e4:e8:
4f:2f:59:0c:7a:24:e8:49:2f:fb:00:f1:b4:65:6d:
e9:e9:e4:ac:e7:d3:58:53:9c:0d:54:c8:47:a3:f3:
17:e3:1e:08:34:0d:8e:d0:40:91:43:cb:93:10:90:
04:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:F0:87:E7:F6:9B:D5:7E:1F:D5:D0:33:0E:B8:64:82:AE:3E:0C:40
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4PCH5_ab1X4f1dAzDrhkgq4-DEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
55:e0:43:4c:d0:16:2e:ac:cc:73:90:d4:c9:f9:0e:c2:41:fc:
fa:50:9c:1c:e3:b2:92:9e:42:dd:fe:aa:39:22:42:ad:0b:ae:
9d:ed:4b:3b:c1:38:b5:02:6f:78:81:65:ad:34:f5:38:7f:8e:
9a:c0:78:ec:46:60:11:c1:d6:05:23:43:ba:1c:f6:76:30:84:
87:82:7f:ea:5f:83:58:a3:fd:7d:85:a8:d4:be:ea:96:32:4e:
e1:aa:16:f9:0b:12:9d:1c:04:07:5a:81:04:c3:f1:f7:65:c6:
24:bf:a7:eb:b6:96:ee:51:88:37:8f:f4:9d:ca:55:a5:8a:f9:
f2:2f:f1:58:89:1d:3e:c8:10:40:49:91:ee:2a:1d:73:a6:ef:
62:ff:6f:87:8e:8a:e9:3a:76:7c:ae:28:e1:07:bf:ff:27:20:
cd:cf:e0:4d:e5:bb:fd:53:41:6e:1b:b3:77:df:18:4f:bf:1a:
8c:f8:86:75:15:ca:59:4b:f9:d9:32:ac:99:56:dc:65:24:98:
cc:46:c1:78:8b:bd:be:31:1e:00:7c:10:57:8b:4f:cc:f8:3d:
a4:96:85:eb:e9:f0:3c:d7:f7:f8:82:ef:80:cf:af:1d:a4:0c:
55:67:7d:d3:40:79:e9:4f:9b:14:4e:7d:b9:c3:a8:aa:f7:50:
66:89:5e:c9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCbQvLWBB7tZZGBj+YVmplVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEwMDYwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGYwODdlN2Y2OWJkNTdlMWZkNWQwMzMwZWI4NjQ4MmFlM2UwYzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kip90HQOTz1t8XU42YmONsjOFR5
KwZtYxnIS9Q1DYGFG4ywMR3/ZRGgtvH3X7hh/esDjWB2CTFvE2lcYavcuOdd6Xba
KeRlhs3xke33d6Yjg0M2Qb2bVXGrAuTQQqXNtT/76032mgDMAwSK1JWo8jdSQG0E
9IKW3aZcBB+8ps/FkjOY9eHGQTuiIKZySwRg/OsCmwCkluhHfrDPO9f/pNlWc9L7
K+6TYvi+lkqxs/NEoU7xqOJSEnACTN9Qh0NAq+1mqWgonvXggha6Unyw5OhPL1kM
eiToSS/7APG0ZW3p6eSs59NYU5wNVMhHo/MX4x4INA2O0ECRQ8uTEJAEpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFODwh+f2m9V+H9XQMw64ZIKuPgxAMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNFBDSDVfYWIxWDRmMWRBekRyaGtncTQtREVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFXgQ0zQFi6szHOQ1Mn5
DsJB/PpQnBzjspKeQt3+qjkiQq0Lrp3tSzvBOLUCb3iBZa009Th/jprAeOxGYBHB
1gUjQ7oc9nYwhIeCf+pfg1ij/X2FqNS+6pYyTuGqFvkLEp0cBAdagQTD8fdlxiS/
p+u2lu5RiDeP9J3KVaWK+fIv8ViJHT7IEEBJke4qHXOm72L/b4eOiuk6dnyuKOEH
v/8nIM3P4E3lu/1TQW4bs3ffGE+/Goz4hnUVyllL+dkyrJlW3GUkmMxGwXiLvb4x
HgB8EFeLT8z4PaSWhevp8DzX9/iC74DPrx2kDFVnfdNAeelPmxROfbnDqKr3UGaJ
Xsk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:45 2025 by rpki-client