Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4sDnFNYYXLNN0pBt3QPWl_W1MqI.roa
File: 4sDnFNYYXLNN0pBt3QPWl_W1MqI.roa (raw, json)
Hash identifier: IYpRd9hvMTju5hW3micLckHv0Qs3KamWt5G+aZ9AO4I=
Subject key identifier: E2:C0:E7:14:D6:18:5C:B3:4D:D2:90:6D:DD:03:D6:97:F5:B5:32:A2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190833A5CBA4511B8CBB82471EF96D20EAF
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4sDnFNYYXLNN0pBt3QPWl_W1MqI.roa
Signing time: Fri 05 Jul 2024 14:09:18 +0000
ROA not before: Fri 05 Jul 2024 14:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 05 Jul 2024 15:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:83:3a:5c:ba:45:11:b8:cb:b8:24:71:ef:96:d2:0e:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 5 14:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2c0e714d6185cb34dd2906ddd03d697f5b532a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:09:72:95:a1:02:72:28:05:d6:fe:97:84:69:
8f:f2:05:30:52:c1:f3:86:4f:c5:8d:1a:8f:66:8e:
97:40:c8:37:d6:67:fa:d2:4e:be:13:18:34:05:ef:
44:a2:5a:bc:82:cb:5d:54:42:c9:c5:02:9f:67:a5:
80:1a:45:4a:5e:f5:44:ca:6b:e8:e5:2e:cf:ea:be:
65:b3:f4:d1:5b:98:30:d0:60:d9:57:8f:5c:ce:0d:
ad:6f:ea:a7:d2:fa:3d:fa:14:bf:8a:dd:c4:7c:c8:
e9:61:c9:aa:e3:9c:d3:6f:08:cd:c4:97:67:ee:fe:
aa:b1:0f:bd:bb:d3:66:e5:26:cf:d8:da:5f:84:8e:
15:6c:3d:cb:cf:34:84:07:7b:07:98:1d:65:cb:d1:
e9:cf:1d:e0:94:6b:a6:4a:31:3f:af:dc:63:44:e8:
14:89:be:91:39:59:bf:a0:9d:06:b6:3c:33:84:c8:
20:3a:02:eb:87:e6:e3:af:0d:08:8b:d5:24:33:23:
60:cf:cc:84:e2:70:91:1c:f2:4b:5e:35:f7:5a:31:
17:4b:ea:e3:53:45:77:58:dc:32:9e:89:bf:94:59:
4d:ab:cc:bf:f1:a5:02:ae:39:27:8e:2b:1b:4d:10:
3c:d7:25:f0:e6:0f:ba:37:23:22:52:1f:75:85:a8:
1c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C0:E7:14:D6:18:5C:B3:4D:D2:90:6D:DD:03:D6:97:F5:B5:32:A2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4sDnFNYYXLNN0pBt3QPWl_W1MqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7d:b7:d0:a3:b9:86:fc:30:68:e5:db:71:a5:e8:b1:f7:75:8f:
28:e9:c7:12:4c:65:e7:38:bf:e4:00:17:9b:e5:62:ae:87:eb:
06:60:2a:af:f9:39:12:eb:36:10:71:3c:c6:57:94:fe:14:7f:
92:a0:59:0d:0a:73:b0:1a:ac:01:c2:c0:da:28:0a:bf:74:6a:
5e:d2:36:a1:ac:29:c0:02:eb:39:cc:2b:32:c3:3b:e0:e6:f8:
5e:69:bb:d8:22:fc:49:c2:3e:f9:30:04:cb:2a:1c:cd:3e:7d:
73:5a:92:51:17:93:48:e8:3a:68:87:25:da:60:59:a6:b4:51:
71:4c:7c:0e:37:17:cb:cd:3e:e0:67:02:de:e4:9b:d6:cc:26:
5a:22:bc:6b:27:ed:b2:05:13:bb:17:fe:6b:62:4d:b5:e8:6c:
2d:2f:eb:41:a7:a7:87:5d:7d:1e:f9:6e:e1:b4:80:62:1d:77:
48:a3:a0:f3:53:86:f8:92:35:f8:df:88:7f:fa:d1:2b:79:69:
17:90:4b:9a:89:d0:f2:99:da:a8:61:62:e2:b9:ef:44:89:76:
21:e5:8f:77:75:d4:15:5b:69:f1:de:7e:8b:3e:d4:c6:09:53:
1b:d2:61:d0:bb:8f:dd:db:ac:e4:05:f4:9d:7d:63:21:3b:0f:
11:a1:0f:4f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCDOly6RRG4y7gkce+W0g6vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA1MTQwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmMwZTcxNGQ2MTg1Y2IzNGRkMjkwNmRkZDAzZDY5N2Y1YjUzMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1glylaECcigF1v6XhGmP8gUwUsHz
hk/FjRqPZo6XQMg31mf60k6+Exg0Be9Eolq8gstdVELJxQKfZ6WAGkVKXvVEymvo
5S7P6r5ls/TRW5gw0GDZV49czg2tb+qn0vo9+hS/it3EfMjpYcmq45zTbwjNxJdn
7v6qsQ+9u9Nm5SbP2NpfhI4VbD3LzzSEB3sHmB1ly9Hpzx3glGumSjE/r9xjROgU
ib6ROVm/oJ0GtjwzhMggOgLrh+bjrw0Ii9UkMyNgz8yE4nCRHPJLXjX3WjEXS+rj
U0V3WNwynom/lFlNq8y/8aUCrjknjisbTRA81yXw5g+6NyMiUh91hagc/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOLA5xTWGFyzTdKQbd0D1pf1tTKiMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNHNEbkZOWVlYTE5OMHBCdDNRUFdsX1cxTXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH230KO5hvwwaOXbcaXo
sfd1jyjpxxJMZec4v+QAF5vlYq6H6wZgKq/5ORLrNhBxPMZXlP4Uf5KgWQ0Kc7Aa
rAHCwNooCr90al7SNqGsKcAC6znMKzLDO+Dm+F5pu9gi/EnCPvkwBMsqHM0+fXNa
klEXk0joOmiHJdpgWaa0UXFMfA43F8vNPuBnAt7km9bMJloivGsn7bIFE7sX/mti
TbXobC0v60Gnp4ddfR75buG0gGIdd0ijoPNThviSNfjfiH/60St5aReQS5qJ0PKZ
2qhhYuK570SJdiHlj3d11BVbafHefos+1MYJUxvSYdC7j93brOQF9J19YyE7DxGh
D08=
-----END CERTIFICATE-----
Generated at Fri Jul 5 17:06:20 2024 by rpki-client on console-ams.rpki-client.org