Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/5g8SErKN8706brWN4iGXZZMsNVU.roa
File: 5g8SErKN8706brWN4iGXZZMsNVU.roa (raw, json)
Hash identifier: AEEiFkd7SYvmAZxDtzhrvXpOmBKdUnmaUIKCzhf3ylA=
Subject key identifier: E6:0F:12:12:B2:8D:F3:BD:3A:6E:B5:8D:E2:21:97:65:93:2C:35:55
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019074D78841732E98132FAA3B5A608CC8D0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/5g8SErKN8706brWN4iGXZZMsNVU.roa
Signing time: Tue 02 Jul 2024 19:06:40 +0000
ROA not before: Tue 02 Jul 2024 19:06:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:74d5:7129/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 02 Jul 2024 19:13:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:74:d7:88:41:73:2e:98:13:2f:aa:3b:5a:60:8c:c8:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 2 19:06:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e60f1212b28df3bd3a6eb58de2219765932c3555
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8e:3e:cf:fd:f9:67:37:cf:f6:eb:31:c8:7c:
f0:04:76:ee:95:42:ab:23:ad:d2:96:e1:7d:11:4d:
6d:83:ad:42:6d:15:34:d5:ff:36:5d:6a:74:86:b5:
85:95:62:79:77:eb:79:fc:a0:95:ba:60:90:cc:8c:
8f:d7:4a:29:51:13:e6:06:aa:5f:df:93:c9:24:dc:
f5:83:84:05:60:85:dd:a4:42:3c:ad:84:e9:5c:03:
99:b5:70:73:6d:fe:20:21:9b:1d:3f:c4:64:5d:3a:
65:e3:0f:22:68:e9:61:85:31:6d:0b:18:96:1f:67:
aa:da:bd:c4:6a:34:5b:a4:6e:85:96:48:65:b9:4f:
88:cb:b4:67:1d:92:47:e9:e2:bc:32:0c:e4:d2:41:
ae:da:e2:8d:6f:6a:73:03:47:95:1e:67:06:39:d2:
61:2c:ee:78:db:de:c5:64:44:98:9d:6d:5f:fe:49:
4a:82:61:ff:fa:f1:95:5b:09:b5:23:04:5a:e6:8b:
24:e7:13:69:b4:0d:a1:27:3a:78:10:f8:1e:11:e1:
67:7f:f5:c7:9c:40:0d:c9:c5:6e:c5:a7:57:76:11:
45:f8:69:5c:08:b8:5a:cb:72:54:f2:6d:b5:2d:e3:
f4:bc:ae:02:32:37:40:41:f8:36:6f:d5:bb:5a:99:
74:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:0F:12:12:B2:8D:F3:BD:3A:6E:B5:8D:E2:21:97:65:93:2C:35:55
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/5g8SErKN8706brWN4iGXZZMsNVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:4f:38:fd:fc:f6:3a:83:10:0a:36:df:1b:49:86:a9:65:7e:
71:f1:9d:d8:ce:ab:e2:04:67:af:10:36:48:71:f8:7d:b5:2a:
cb:ca:5b:d7:f6:13:36:cc:68:a1:f9:96:c3:34:e5:64:63:d6:
e9:bd:54:38:f6:22:0f:be:ae:f2:40:24:e4:37:f7:cc:fc:c7:
46:77:68:eb:4f:3f:04:96:d7:24:42:cb:3c:de:85:f4:e0:01:
3d:61:74:a0:62:84:20:54:ad:7c:3a:d7:23:dd:37:ab:49:68:
be:db:7e:55:10:b4:ea:71:45:87:81:c5:35:e6:ca:ab:2b:5d:
82:e5:9b:1e:ea:1c:f9:82:e8:30:59:4d:0a:78:c6:2f:63:4c:
d7:92:cc:82:e6:bc:25:71:4e:4c:c0:00:e5:dd:6b:77:3b:29:
a1:95:60:c8:5c:91:ee:7a:cb:24:bf:1c:bc:70:7a:9d:0b:aa:
0d:1f:89:90:6f:49:e9:6e:9a:57:b7:7a:4b:ed:bf:29:41:b7:
23:98:6e:45:9a:cd:41:84:a3:0c:ac:46:12:1d:9c:0f:e9:cc:
c5:95:81:63:50:4f:41:15:51:7d:b0:2c:97:96:54:ab:e1:d5:
86:9d:d7:12:62:b4:51:67:20:09:0d:6f:9d:13:46:5b:cb:3c:
53:7a:4c:3a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZB014hBcy6YEy+qO1pgjMjQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAyMTkwNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjBmMTIxMmIyOGRmM2JkM2E2ZWI1OGRlMjIxOTc2NTkzMmMzNTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwI4+z/35ZzfP9usxyHzwBHbulUKr
I63SluF9EU1tg61CbRU01f82XWp0hrWFlWJ5d+t5/KCVumCQzIyP10opURPmBqpf
35PJJNz1g4QFYIXdpEI8rYTpXAOZtXBzbf4gIZsdP8RkXTpl4w8iaOlhhTFtCxiW
H2eq2r3EajRbpG6FlkhluU+Iy7RnHZJH6eK8Mgzk0kGu2uKNb2pzA0eVHmcGOdJh
LO54297FZESYnW1f/klKgmH/+vGVWwm1IwRa5osk5xNptA2hJzp4EPgeEeFnf/XH
nEANycVuxadXdhFF+GlcCLhay3JU8m21LeP0vK4CMjdAQfg2b9W7Wpl06QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOYPEhKyjfO9Om61jeIhl2WTLDVVMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNWc4U0VyS044NzA2YnJXTjRpR1haWk1zTlZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEBPOP389jqDEAo23xtJ
hqllfnHxndjOq+IEZ68QNkhx+H21KsvKW9f2EzbMaKH5lsM05WRj1um9VDj2Ig++
rvJAJOQ398z8x0Z3aOtPPwSW1yRCyzzehfTgAT1hdKBihCBUrXw61yPdN6tJaL7b
flUQtOpxRYeBxTXmyqsrXYLlmx7qHPmC6DBZTQp4xi9jTNeSzILmvCVxTkzAAOXd
a3c7KaGVYMhcke56yyS/HLxwep0Lqg0fiZBvSelumle3ekvtvylBtyOYbkWazUGE
owysRhIdnA/pzMWVgWNQT0EVUX2wLJeWVKvh1Yad1xJitFFnIAkNb50TRlvLPFN6
TDo=
-----END CERTIFICATE-----
Generated at Tue Jul 2 20:56:37 2024 by rpki-client on console-fra.rpki-client.org