Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7ptYGn5Gn33dlvAzxXb0Lib2RdQ.roa
File: 7ptYGn5Gn33dlvAzxXb0Lib2RdQ.roa (raw, json)
Hash identifier: aLJwM2wWheKg/3r+AJRU53c3LhqhZ86Y6h7ouSdTFaE=
Subject key identifier: EE:9B:58:1A:7E:46:9F:7D:DD:96:F0:33:C5:76:F4:2E:26:F6:45:D4
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FD0B44AE24A6DA72F009CC7C484096CDE
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7ptYGn5Gn33dlvAzxXb0Lib2RdQ.roa
Signing time: Fri 31 May 2024 22:10:27 +0000
ROA not before: Fri 31 May 2024 22:10:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 31 May 2024 23:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d0:b4:4a:e2:4a:6d:a7:2f:00:9c:c7:c4:84:09:6c:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 31 22:10:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee9b581a7e469f7ddd96f033c576f42e26f645d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:99:36:c1:eb:32:6d:b9:ed:a9:2a:87:1c:1b:
04:55:ab:c8:95:41:73:ca:09:ca:6d:74:0f:e5:01:
74:cc:6d:d5:ad:b6:23:8a:18:56:82:2e:d2:be:95:
1a:ed:7d:e3:72:12:30:df:9b:83:0d:3a:31:8b:42:
d6:8c:c7:6c:51:5a:a4:bc:41:b9:33:4a:fe:c5:dd:
c7:18:06:45:98:ed:71:95:57:ad:a3:c6:30:1d:7d:
a5:bf:86:a4:82:73:1c:f7:4c:61:25:a4:c6:06:7d:
07:13:74:1f:42:8b:11:e5:3b:38:ee:8b:38:c4:b8:
c4:61:ff:5c:cf:31:b5:96:1a:7d:ec:42:23:f2:1a:
f9:e0:30:44:60:cc:68:2d:58:33:bb:37:37:e6:e7:
8e:3b:9b:14:ab:41:a9:8d:13:76:76:ff:69:52:d8:
8a:ba:21:d2:62:dc:d9:08:3f:cf:19:4a:e4:48:5a:
1e:ff:41:b6:96:f2:8d:01:02:42:cf:b4:e8:dd:37:
b6:ee:b3:c1:1f:ef:c8:c2:20:cf:33:a9:0b:5c:36:
fd:57:16:b9:ca:f0:d6:51:db:05:3d:7a:7b:6e:4d:
9b:9d:f8:6e:09:05:70:12:74:ab:11:f7:7c:28:56:
88:86:52:41:6a:fb:9d:26:09:38:4d:aa:3c:ae:7b:
e0:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:9B:58:1A:7E:46:9F:7D:DD:96:F0:33:C5:76:F4:2E:26:F6:45:D4
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7ptYGn5Gn33dlvAzxXb0Lib2RdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:a7:05:0e:69:33:9f:df:94:c1:4f:ca:5b:3f:96:3a:c2:c7:
3e:b4:0d:89:06:e8:d2:06:9f:6f:59:40:19:51:bc:0f:6b:44:
3c:ff:2b:28:85:79:31:a1:ee:82:59:0d:69:b6:15:6e:b4:5f:
b5:6f:f2:66:3f:9e:ed:2d:c0:cc:3c:e7:01:62:c0:c3:c5:3c:
d9:bb:b5:d2:9e:c3:6f:ab:fc:03:b8:03:cd:b2:fe:31:96:c3:
2c:d8:fc:d1:f4:f1:b5:a0:dd:9a:19:e8:d1:1e:5a:3e:5b:02:
56:b3:60:f7:05:2a:3d:0f:a7:79:02:97:97:ef:b1:5c:40:d8:
f9:5e:c9:0f:65:21:a0:10:13:b0:53:21:5d:af:7b:ff:86:33:
2f:cc:69:da:1e:0a:44:5c:16:e0:08:9c:e9:49:cb:0f:54:45:
95:90:2d:a2:d4:38:33:ea:1b:80:3a:84:47:57:1b:0a:eb:fd:
09:7f:80:84:fd:d5:82:c6:21:92:b2:33:45:97:c7:6d:b1:4f:
f8:ae:b8:2a:70:02:b7:93:de:ab:d8:59:62:aa:9b:02:f9:6d:
a1:80:ad:8b:33:2e:44:e4:f8:ca:83:82:58:a1:e7:a5:b9:99:
56:5f:30:18:9e:21:89:c2:d1:dd:81:10:aa:6e:74:fa:32:98:
f1:e9:dc:43
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/QtEriSm2nLwCcx8SECWzeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTMxMjIxMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTliNTgxYTdlNDY5ZjdkZGQ5NmYwMzNjNTc2ZjQyZTI2ZjY0NWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpk2wesybbntqSqHHBsEVavIlUFz
ygnKbXQP5QF0zG3VrbYjihhWgi7SvpUa7X3jchIw35uDDToxi0LWjMdsUVqkvEG5
M0r+xd3HGAZFmO1xlVeto8YwHX2lv4akgnMc90xhJaTGBn0HE3QfQosR5Ts47os4
xLjEYf9czzG1lhp97EIj8hr54DBEYMxoLVgzuzc35ueOO5sUq0GpjRN2dv9pUtiK
uiHSYtzZCD/PGUrkSFoe/0G2lvKNAQJCz7To3Te27rPBH+/IwiDPM6kLXDb9Vxa5
yvDWUdsFPXp7bk2bnfhuCQVwEnSrEfd8KFaIhlJBavudJgk4Tao8rnvgbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO6bWBp+Rp993ZbwM8V29C4m9kXUMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvN3B0WUduNUduMzNkbHZBenhYYjBMaWIyUmRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAynBQ5pM5/flMFPyls/
ljrCxz60DYkG6NIGn29ZQBlRvA9rRDz/KyiFeTGh7oJZDWm2FW60X7Vv8mY/nu0t
wMw85wFiwMPFPNm7tdKew2+r/AO4A82y/jGWwyzY/NH08bWg3ZoZ6NEeWj5bAlaz
YPcFKj0Pp3kCl5fvsVxA2PleyQ9lIaAQE7BTIV2ve/+GMy/MadoeCkRcFuAInOlJ
yw9URZWQLaLUODPqG4A6hEdXGwrr/Ql/gIT91YLGIZKyM0WXx22xT/iuuCpwAreT
3qvYWWKqmwL5baGArYszLkTk+MqDglih56W5mVZfMBieIYnC0d2BEKpudPoymPHp
3EM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:51 2024 by rpki-client on console-fra.rpki-client.org