Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4njYtJyHyJxJR2MEaCgCs-jhTnE.roa
File: 4njYtJyHyJxJR2MEaCgCs-jhTnE.roa (raw, json)
Hash identifier: jaNz3EkfNRC/GkecEic3TymrXtG+jFb+orXvNDDgQH0=
Subject key identifier: E2:78:D8:B4:9C:87:C8:9C:49:47:63:04:68:28:02:B3:E8:E1:4E:71
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FD3E6C635043C086FC52D7662BF8177F5
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4njYtJyHyJxJR2MEaCgCs-jhTnE.roa
Signing time: Sat 01 Jun 2024 13:04:27 +0000
ROA not before: Sat 01 Jun 2024 13:04:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:d3e6:8725/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 01 Jun 2024 13:11:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d3:e6:c6:35:04:3c:08:6f:c5:2d:76:62:bf:81:77:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 1 13:04:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e278d8b49c87c89c49476304682802b3e8e14e71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:df:37:7b:b4:fc:e0:b4:bb:5f:8f:33:34:83:
2c:f8:c8:e1:cd:44:33:04:34:cb:85:3f:7f:33:ee:
e8:ae:c6:dd:20:0b:87:e6:2a:b2:56:ce:0d:64:51:
22:1c:49:ac:70:73:7e:04:0e:60:88:53:78:73:8e:
2f:c8:ef:04:86:61:60:17:c5:3b:68:a7:0f:d3:bd:
43:49:db:99:3a:4a:b3:70:da:f0:4f:9e:6a:5a:98:
cf:65:3d:4e:8b:bd:5a:65:1e:74:e8:19:1d:39:ff:
29:c8:d7:f9:3c:03:ad:15:7c:07:70:bf:12:b6:36:
74:1b:f4:16:9e:d5:8f:25:13:90:fa:23:7b:e8:e6:
04:04:e4:23:e1:f9:c0:5a:c6:2f:93:4d:b4:45:41:
43:71:3b:61:ef:f7:24:65:24:22:90:1f:e9:2c:72:
6d:6e:89:74:f7:73:56:f5:d5:ac:56:aa:ca:57:2f:
40:bc:8f:fb:fd:d1:1a:32:31:38:84:08:69:4d:87:
61:ae:83:11:20:b3:1a:6a:04:70:ef:ad:4e:80:40:
c5:cb:ba:94:55:e7:7a:d1:20:38:6a:3c:84:54:44:
a0:e7:a6:48:91:4e:5e:00:10:b7:db:63:8b:b6:69:
08:70:1b:04:92:b5:07:6f:95:5d:86:64:8e:72:62:
5d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:78:D8:B4:9C:87:C8:9C:49:47:63:04:68:28:02:B3:E8:E1:4E:71
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4njYtJyHyJxJR2MEaCgCs-jhTnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:6c:2d:68:9c:4b:88:ba:97:7f:d2:e0:fc:bf:77:3c:ba:67:
c9:d3:95:57:82:5b:fd:cb:2d:85:f2:72:37:59:8a:0b:78:a6:
e8:bf:35:e5:b2:00:8f:22:e9:9d:f8:6a:82:77:fa:09:8d:f9:
89:1e:a7:bc:8f:84:38:8b:83:be:ef:15:c8:25:ba:fe:07:75:
09:b6:1e:21:9b:31:d8:e3:97:46:14:c2:81:3f:19:e5:e7:39:
f4:e1:53:48:e8:af:70:03:be:90:42:df:8c:96:a2:bb:12:97:
fe:57:f3:06:3d:48:ed:29:3b:92:31:cc:27:d1:f0:fc:31:7d:
3a:0f:9c:11:39:c3:a2:c3:84:2c:85:34:b0:f9:cf:d3:ce:30:
18:b1:02:23:bd:52:4e:b7:3e:c3:19:cf:f2:12:48:a0:f9:00:
ab:59:46:eb:3e:6d:69:1a:89:e5:0e:05:10:51:a5:bb:e5:b2:
9d:0c:83:54:29:67:93:92:f9:dd:ae:4b:05:03:0e:60:f9:bd:
d9:08:47:8e:7c:17:28:aa:8d:6e:61:09:45:c3:19:43:f7:e7:
c3:2b:a4:b0:80:ef:a4:ab:bc:04:ab:09:49:4a:de:ed:74:b7:
e2:c8:3f:51:db:ee:e7:e5:11:d4:bf:08:73:79:f9:c7:2f:11:
96:9f:d6:3c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/T5sY1BDwIb8UtdmK/gXf1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAxMTMwNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjc4ZDhiNDljODdjODljNDk0NzYzMDQ2ODI4MDJiM2U4ZTE0ZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArt83e7T84LS7X48zNIMs+MjhzUQz
BDTLhT9/M+7orsbdIAuH5iqyVs4NZFEiHEmscHN+BA5giFN4c44vyO8EhmFgF8U7
aKcP071DSduZOkqzcNrwT55qWpjPZT1Oi71aZR506BkdOf8pyNf5PAOtFXwHcL8S
tjZ0G/QWntWPJROQ+iN76OYEBOQj4fnAWsYvk020RUFDcTth7/ckZSQikB/pLHJt
bol093NW9dWsVqrKVy9AvI/7/dEaMjE4hAhpTYdhroMRILMaagRw761OgEDFy7qU
Ved60SA4ajyEVESg56ZIkU5eABC322OLtmkIcBsEkrUHb5VdhmSOcmJdxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOJ42LSch8icSUdjBGgoArPo4U5xMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNG5qWXRKeUh5SnhKUjJNRWFDZ0NzLWpoVG5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHJsLWicS4i6l3/S4Py/
dzy6Z8nTlVeCW/3LLYXycjdZigt4pui/NeWyAI8i6Z34aoJ3+gmN+Ykep7yPhDiL
g77vFcgluv4HdQm2HiGbMdjjl0YUwoE/GeXnOfThU0jor3ADvpBC34yWorsSl/5X
8wY9SO0pO5IxzCfR8PwxfToPnBE5w6LDhCyFNLD5z9POMBixAiO9Uk63PsMZz/IS
SKD5AKtZRus+bWkaieUOBRBRpbvlsp0Mg1QpZ5OS+d2uSwUDDmD5vdkIR458Fyiq
jW5hCUXDGUP358MrpLCA76SrvASrCUlK3u10t+LIP1Hb7uflEdS/CHN5+ccvEZaf
1jw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:00 2025 by rpki-client