Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7_8BJ2xuMfNY3WWbVJz2H_RDSRM.roa
File: 7_8BJ2xuMfNY3WWbVJz2H_RDSRM.roa (raw, json)
Hash identifier: oBfBeCcmUvi8bnicUCOCToKaEDyqSm0i6QCAUp6sXYo=
Subject key identifier: EF:FF:01:27:6C:6E:31:F3:58:DD:65:9B:54:9C:F6:1F:F4:43:49:13
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190313E240C960B3928E2CD18E1A45E1412
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7_8BJ2xuMfNY3WWbVJz2H_RDSRM.roa
Signing time: Wed 19 Jun 2024 16:04:34 +0000
ROA not before: Wed 19 Jun 2024 16:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:313d:df42/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 19 Jun 2024 16:11:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:31:3e:24:0c:96:0b:39:28:e2:cd:18:e1:a4:5e:14:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 19 16:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=efff01276c6e31f358dd659b549cf61ff4434913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:72:01:c8:55:31:6b:29:3a:4b:78:9e:1e:9a:
be:46:7a:d3:f1:1a:06:1a:7d:96:56:b0:e7:0e:cf:
cf:d5:47:f5:f5:4c:6d:a4:2f:b4:d9:46:8e:4e:e0:
c9:81:22:d8:09:ac:7b:b9:bd:28:2f:fc:e9:8a:14:
a7:01:3f:4f:12:19:ec:cd:c3:02:df:e5:52:c9:5f:
cd:ff:37:86:74:ff:e2:41:68:6b:79:c5:3e:2f:70:
99:56:06:c7:57:e0:e8:8f:5b:a4:6e:c5:a1:fe:cc:
8a:d5:f0:88:59:a5:b5:96:c7:66:54:33:cc:59:d3:
1c:af:b1:8f:0a:78:32:23:08:fe:39:07:41:66:34:
eb:10:86:c2:a0:4c:e1:82:e6:0c:8c:f9:4e:e3:73:
34:14:33:91:3b:97:a6:90:84:6d:b0:a5:4c:0d:bb:
80:d2:14:3d:df:97:90:a1:43:3e:e2:a3:94:70:06:
8e:0e:66:23:39:7d:7b:ff:0a:7e:1b:23:f9:f8:b7:
51:1e:70:63:6a:08:bb:b1:d1:1e:e9:1a:03:b5:a0:
f9:2d:7a:6e:0f:6a:c7:99:07:ef:70:0a:6a:9f:9f:
87:35:b8:4b:5c:00:84:30:37:7a:4a:e9:36:39:b0:
e8:cd:65:90:79:a0:63:f7:36:ee:92:dd:ab:3c:e5:
e1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:FF:01:27:6C:6E:31:F3:58:DD:65:9B:54:9C:F6:1F:F4:43:49:13
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7_8BJ2xuMfNY3WWbVJz2H_RDSRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3c:8c:e0:16:1e:17:34:86:db:cd:c0:22:e4:0f:8c:06:4d:68:
3c:99:a2:9b:07:1a:d5:77:c2:f1:ef:d7:c8:9c:10:f0:a9:25:
45:a8:1d:08:79:34:3f:01:ab:78:98:64:bf:65:58:d7:cf:dc:
91:ac:4c:7f:d4:f4:9b:6e:1a:34:c3:17:31:40:b4:a1:cf:41:
28:a8:d7:4b:84:b2:c0:fc:d6:ee:5e:c9:90:bc:47:0a:dc:cd:
d0:ba:df:1c:af:e4:74:8f:a5:ff:da:e1:7a:69:1f:43:43:0c:
a2:be:30:29:84:1e:86:a9:07:2b:05:53:81:f7:fc:0c:88:0d:
de:65:f2:06:8b:32:f5:7e:3a:1b:56:76:42:a8:17:4b:f4:c3:
b0:42:c2:7d:0b:35:06:22:c1:16:14:ab:20:f3:7f:b0:b2:aa:
d8:6e:ea:ad:c4:55:26:5a:18:1f:e1:29:00:47:53:45:06:c9:
66:55:ad:86:5b:3b:b6:4a:ef:06:79:d0:0a:69:5f:a5:df:80:
14:81:57:90:52:6c:7b:63:ad:7b:c8:41:21:a5:9c:c6:b6:5d:
a7:2e:69:52:df:7c:ee:81:e1:f8:35:6c:ea:64:f8:ef:6a:34:
db:df:dc:a4:59:c7:90:33:9c:53:ad:41:b3:bc:04:c5:e6:38:
66:05:e1:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAxPiQMlgs5KOLNGOGkXhQSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE5MTYwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmZmMDEyNzZjNmUzMWYzNThkZDY1OWI1NDljZjYxZmY0NDM0OTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXIByFUxayk6S3ieHpq+RnrT8RoG
Gn2WVrDnDs/P1Uf19UxtpC+02UaOTuDJgSLYCax7ub0oL/zpihSnAT9PEhnszcMC
3+VSyV/N/zeGdP/iQWhrecU+L3CZVgbHV+Doj1ukbsWh/syK1fCIWaW1lsdmVDPM
WdMcr7GPCngyIwj+OQdBZjTrEIbCoEzhguYMjPlO43M0FDORO5emkIRtsKVMDbuA
0hQ935eQoUM+4qOUcAaODmYjOX17/wp+GyP5+LdRHnBjagi7sdEe6RoDtaD5LXpu
D2rHmQfvcApqn5+HNbhLXACEMDd6Suk2ObDozWWQeaBj9zbukt2rPOXhgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO//ASdsbjHzWN1lm1Sc9h/0Q0kTMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvN184QkoyeHVNZk5ZM1dXYlZKejJIX1JEU1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADyM4BYeFzSG283AIuQP
jAZNaDyZopsHGtV3wvHv18icEPCpJUWoHQh5ND8Bq3iYZL9lWNfP3JGsTH/U9Jtu
GjTDFzFAtKHPQSio10uEssD81u5eyZC8RwrczdC63xyv5HSPpf/a4XppH0NDDKK+
MCmEHoapBysFU4H3/AyIDd5l8gaLMvV+OhtWdkKoF0v0w7BCwn0LNQYiwRYUqyDz
f7Cyqthu6q3EVSZaGB/hKQBHU0UGyWZVrYZbO7ZK7wZ50AppX6XfgBSBV5BSbHtj
rXvIQSGlnMa2XacuaVLffO6B4fg1bOpk+O9qNNvf3KRZx5AznFOtQbO8BMXmOGYF
4Q4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:17 2025 by rpki-client