Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/509QX3CVk5MrHpYV1EoRc-prRfc.roa
File: 509QX3CVk5MrHpYV1EoRc-prRfc.roa (raw, json)
Hash identifier: VSUV0nuB3b3KOWeq/u6S2V2HQi244/T81U0Z8yQsYfk=
Subject key identifier: E7:4F:50:5F:70:95:93:93:2B:1E:96:15:D4:4A:11:73:EA:6B:45:F7
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190B8AA946AA477D7424C72446A5604041A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/509QX3CVk5MrHpYV1EoRc-prRfc.roa
Signing time: Mon 15 Jul 2024 23:11:45 +0000
ROA not before: Mon 15 Jul 2024 23:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Jul 2024 00:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b8:aa:94:6a:a4:77:d7:42:4c:72:44:6a:56:04:04:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 15 23:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e74f505f709593932b1e9615d44a1173ea6b45f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e7:11:f9:86:1d:bc:44:a0:b6:a9:85:0f:ac:
cd:cb:5c:48:3f:e1:66:75:2b:0f:c6:3c:71:4a:d3:
c8:ea:6e:85:99:52:37:2a:6a:d8:f5:e0:d6:2d:3b:
85:98:dc:a4:b7:0d:3d:89:66:9d:a7:bc:5a:30:f3:
58:b7:89:33:b6:35:2d:72:1a:b0:f6:d0:5b:a8:1e:
b5:0a:36:d1:28:09:23:b7:23:8b:8d:38:02:a4:0a:
8b:0b:fa:ef:89:2b:da:ea:26:d8:43:b4:6b:66:2a:
f0:01:28:b9:d9:dd:c3:30:74:68:4a:95:2e:fe:76:
97:b7:69:12:fa:8e:ec:23:53:e5:86:99:bc:db:2a:
dc:5d:a1:de:1c:5c:eb:4a:79:34:1b:c5:81:6e:b5:
46:3b:60:02:f0:17:67:f9:1b:1b:3e:50:2e:50:d9:
6c:50:f4:98:5f:e5:23:7b:11:bf:b6:bf:03:11:49:
c3:c8:bb:8a:6b:6c:8c:48:9e:c5:30:d3:3a:1d:9c:
7b:2f:cb:5c:dc:55:58:55:20:88:78:23:fb:14:1c:
4c:60:8b:21:ba:2c:61:cb:53:fe:1a:fe:4e:cc:de:
56:b8:cf:77:b6:48:f9:a0:75:73:4c:47:1b:d1:60:
f2:af:f8:6d:85:b1:86:d6:37:a5:41:1f:00:29:e6:
e4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:4F:50:5F:70:95:93:93:2B:1E:96:15:D4:4A:11:73:EA:6B:45:F7
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/509QX3CVk5MrHpYV1EoRc-prRfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
19:48:ec:9e:7f:e1:60:ce:c3:ec:a3:c2:9c:06:51:f0:80:26:
06:1e:e5:7d:6a:b2:0b:28:f8:78:b4:4b:c8:ad:0d:23:4a:b5:
1f:04:8f:e3:79:22:d4:e8:c6:c6:74:41:36:04:21:df:bf:93:
76:e3:d4:8f:d1:3e:85:5e:44:b9:72:a4:b9:e5:6c:4e:d5:b3:
7a:14:af:3d:07:c7:6c:8c:a9:2d:40:bf:0a:22:1b:ae:b2:93:
d1:c5:87:10:c7:8e:73:52:b2:29:25:5e:12:b9:fb:88:b5:0d:
c6:6c:ce:73:00:10:d5:b4:45:d6:43:74:b6:fa:e2:38:f4:52:
a1:43:ca:b6:a2:0b:33:66:75:c3:e6:cf:99:b5:a3:75:4e:3e:
2a:1a:f2:55:e9:56:49:af:91:c1:02:b8:22:63:4a:a1:76:35:
d1:37:51:f6:fd:1f:3a:98:0a:12:ee:a3:14:b7:1d:e3:cb:1c:
c8:d1:bb:46:73:d6:08:ee:67:d8:02:cc:db:31:74:5e:76:d5:
d3:37:d7:39:a8:b3:f1:cd:ee:b5:47:5b:93:23:23:b1:c7:09:
70:1a:0f:8f:a6:9c:9a:45:a6:d2:a3:d6:fb:f6:f6:20:ea:86:
a5:63:d6:5e:b2:73:3a:2d:b2:cf:8d:eb:7f:dd:de:b1:ca:50:
95:f6:54:48
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZC4qpRqpHfXQkxyRGpWBAQaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzE1MjMxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzRmNTA1ZjcwOTU5MzkzMmIxZTk2MTVkNDRhMTE3M2VhNmI0NWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOcR+YYdvESgtqmFD6zNy1xIP+Fm
dSsPxjxxStPI6m6FmVI3KmrY9eDWLTuFmNyktw09iWadp7xaMPNYt4kztjUtchqw
9tBbqB61CjbRKAkjtyOLjTgCpAqLC/rviSva6ibYQ7RrZirwASi52d3DMHRoSpUu
/naXt2kS+o7sI1Plhpm82yrcXaHeHFzrSnk0G8WBbrVGO2AC8Bdn+RsbPlAuUNls
UPSYX+UjexG/tr8DEUnDyLuKa2yMSJ7FMNM6HZx7L8tc3FVYVSCIeCP7FBxMYIsh
uixhy1P+Gv5OzN5WuM93tkj5oHVzTEcb0WDyr/hthbGG1jelQR8AKebkvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOdPUF9wlZOTKx6WFdRKEXPqa0X3MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNTA5UVgzQ1ZrNU1ySHBZVjFFb1JjLXByUmZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABlI7J5/4WDOw+yjwpwG
UfCAJgYe5X1qsgso+Hi0S8itDSNKtR8Ej+N5ItToxsZ0QTYEId+/k3bj1I/RPoVe
RLlypLnlbE7Vs3oUrz0Hx2yMqS1AvwoiG66yk9HFhxDHjnNSsiklXhK5+4i1DcZs
znMAENW0RdZDdLb64jj0UqFDyraiCzNmdcPmz5m1o3VOPioa8lXpVkmvkcECuCJj
SqF2NdE3Ufb9HzqYChLuoxS3HePLHMjRu0Zz1gjuZ9gCzNsxdF521dM31zmos/HN
7rVHW5MjI7HHCXAaD4+mnJpFptKj1vv29iDqhqVj1l6yczotss+N63/d3rHKUJX2
VEg=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:49:26 2025 by rpki-client