Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7aqcXaY5x1Pfd1F0YI6d4xzADRc.roa
File: 7aqcXaY5x1Pfd1F0YI6d4xzADRc.roa (raw, json)
Hash identifier: 0726lepKfI4dS41SgES5jJNAeeh+QK5gBSCLr7JVod0=
Subject key identifier: ED:AA:9C:5D:A6:39:C7:53:DF:77:51:74:60:8E:9D:E3:1C:C0:0D:17
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019089E22962323DD4D7CB38B2A1C1D7A633
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7aqcXaY5x1Pfd1F0YI6d4xzADRc.roa
Signing time: Sat 06 Jul 2024 21:10:18 +0000
ROA not before: Sat 06 Jul 2024 21:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 06 Jul 2024 22:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:89:e2:29:62:32:3d:d4:d7:cb:38:b2:a1:c1:d7:a6:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 6 21:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=edaa9c5da639c753df775174608e9de31cc00d17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:52:e9:56:bd:8e:59:08:c2:2a:f2:df:ba:7a:
d7:df:49:26:e1:3b:17:2d:4a:ce:af:b2:3a:b6:19:
25:12:99:26:02:3b:61:ed:c6:ff:62:8b:02:f3:52:
45:d0:16:48:83:4a:a5:c4:fd:df:60:5a:8f:16:77:
6b:47:9e:e5:dc:30:7b:e6:fd:da:63:8a:18:4a:f3:
c3:1f:8c:a7:5f:41:92:e7:48:63:ce:42:8e:92:a8:
75:cf:cd:32:0a:0e:42:e8:8a:47:25:c0:90:49:e4:
40:91:75:12:34:46:3e:9a:36:7c:01:89:83:83:79:
2b:de:5c:e6:5a:5a:64:04:83:21:87:15:5b:a9:cc:
18:cc:20:ad:17:0d:e7:8a:11:4e:99:36:69:6e:7e:
5c:db:2a:34:9d:fa:71:8a:dd:07:8d:eb:d8:60:53:
af:60:25:64:89:ab:7c:f5:cc:3f:9a:f6:55:b8:36:
19:f2:7c:c5:38:99:6d:17:9e:07:70:81:27:a2:e7:
c4:ee:bd:ff:99:a2:53:1c:be:06:35:39:f2:77:99:
0a:09:bd:4e:c5:00:15:2a:a7:c2:c6:0b:67:f0:a6:
cf:65:ce:24:94:74:42:cd:86:19:3f:bc:78:bb:36:
97:d4:f8:a9:1e:48:aa:37:8a:46:b5:7a:7e:6f:cc:
d6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:AA:9C:5D:A6:39:C7:53:DF:77:51:74:60:8E:9D:E3:1C:C0:0D:17
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7aqcXaY5x1Pfd1F0YI6d4xzADRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:ad:72:02:e5:8d:ce:4e:3e:b1:e8:17:49:1b:f7:ac:5b:a3:
13:a4:8e:4a:b7:eb:be:36:97:54:92:3b:b4:5f:24:d0:8b:51:
58:f2:ba:6f:e6:45:85:52:2f:8b:08:b4:93:ba:71:df:f9:4d:
0a:e9:60:8f:5c:ae:a6:da:2b:f0:ce:e2:9f:59:68:ff:bc:e8:
8c:ad:fd:7d:92:1c:c9:b3:60:0b:78:bc:a5:19:a7:f4:a5:a9:
40:2a:84:1e:be:54:44:15:e3:7f:7d:91:f3:f7:df:b5:09:9c:
25:2b:11:e5:32:4b:14:46:55:a0:ae:8d:01:4c:7a:79:f2:df:
b5:09:e2:8a:5c:b6:95:86:05:ac:b0:cd:33:78:e0:90:c0:80:
37:92:4d:bd:b2:27:d6:de:8f:c5:7b:ff:99:a8:ce:15:d6:c8:
80:ed:9a:72:89:ac:86:5d:67:73:7c:8a:45:c0:d5:fe:3d:6e:
dd:94:e2:5f:8a:ac:13:e4:7d:aa:72:47:f4:1b:66:80:cc:e6:
48:fd:8c:ce:73:66:b9:1b:45:4a:73:73:88:b2:fa:c2:51:8f:
72:eb:29:ca:4e:e1:0d:19:d2:76:a6:0a:ef:0e:e5:87:38:db:
82:c9:62:29:bd:59:57:37:b3:35:4c:ca:b4:b3:8f:85:ed:aa:
67:6e:70:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCJ4iliMj3U18s4sqHB16YzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA2MjExMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGFhOWM1ZGE2MzljNzUzZGY3NzUxNzQ2MDhlOWRlMzFjYzAwZDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1LpVr2OWQjCKvLfunrX30km4TsX
LUrOr7I6thklEpkmAjth7cb/YosC81JF0BZIg0qlxP3fYFqPFndrR57l3DB75v3a
Y4oYSvPDH4ynX0GS50hjzkKOkqh1z80yCg5C6IpHJcCQSeRAkXUSNEY+mjZ8AYmD
g3kr3lzmWlpkBIMhhxVbqcwYzCCtFw3nihFOmTZpbn5c2yo0nfpxit0HjevYYFOv
YCVkiat89cw/mvZVuDYZ8nzFOJltF54HcIEnoufE7r3/maJTHL4GNTnyd5kKCb1O
xQAVKqfCxgtn8KbPZc4klHRCzYYZP7x4uzaX1PipHkiqN4pGtXp+b8zWlQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO2qnF2mOcdT33dRdGCOneMcwA0XMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvN2FxY1hhWTV4MVBmZDFGMFlJNmQ0eHpBRFJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACatcgLljc5OPrHoF0kb
96xboxOkjkq36742l1SSO7RfJNCLUVjyum/mRYVSL4sItJO6cd/5TQrpYI9crqba
K/DO4p9ZaP+86Iyt/X2SHMmzYAt4vKUZp/SlqUAqhB6+VEQV4399kfP337UJnCUr
EeUySxRGVaCujQFMenny37UJ4opctpWGBaywzTN44JDAgDeSTb2yJ9bej8V7/5mo
zhXWyIDtmnKJrIZdZ3N8ikXA1f49bt2U4l+KrBPkfapyR/QbZoDM5kj9jM5zZrkb
RUpzc4iy+sJRj3LrKcpO4Q0Z0namCu8O5Yc424LJYim9WVc3szVMyrSzj4Xtqmdu
cNg=
-----END CERTIFICATE-----
Generated at Sat Jul 6 23:02:41 2024 by rpki-client on console-ams.rpki-client.org