Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/81mJ42pZyLXMbJF5OVlmmCLdhDo.roa
File: 81mJ42pZyLXMbJF5OVlmmCLdhDo.roa (raw, json)
Hash identifier: +mt+q3uSKuIuwJX/HWJyJNUxCTKMB3vEidceJqmoERc=
Subject key identifier: F3:59:89:E3:6A:59:C8:B5:CC:6C:91:79:39:59:66:98:22:DD:84:3A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01907EEB2764F8164A38B29C5776178DBED7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/81mJ42pZyLXMbJF5OVlmmCLdhDo.roa
Signing time: Thu 04 Jul 2024 18:04:18 +0000
ROA not before: Thu 04 Jul 2024 18:04:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:7eeb:1bac/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 04 Jul 2024 18:08:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7e:eb:27:64:f8:16:4a:38:b2:9c:57:76:17:8d:be:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 4 18:04:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f35989e36a59c8b5cc6c91793959669822dd843a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:27:87:35:88:94:e4:9e:77:a8:4b:76:28:26:
e1:62:67:41:40:c7:09:34:80:49:5f:4f:24:69:e8:
b9:28:3f:bb:cf:65:f1:70:d8:ee:dd:d8:5d:2f:31:
e6:30:b7:5e:99:ef:62:83:35:7f:a3:3b:b0:ff:ab:
15:81:8c:53:6a:93:ad:01:d3:9b:b8:01:9c:86:c2:
2d:cf:91:47:d2:68:56:5b:8f:c7:29:20:da:49:55:
1f:e3:d4:f0:f2:31:92:66:b3:53:d2:d3:04:ef:3e:
f7:a3:98:4b:5d:fe:fc:b7:f8:9f:41:eb:e9:d2:03:
a5:b5:85:50:99:19:21:71:17:db:21:be:18:ae:24:
74:73:53:57:58:6c:8f:0a:19:a4:6c:f2:02:4f:06:
e9:a5:ce:3c:18:13:e5:5e:cc:27:c2:01:9f:52:b4:
8c:b7:4b:a9:4b:38:dc:21:f2:93:74:1e:f0:75:b6:
e7:f0:d7:5a:1e:ad:e8:9e:b8:88:bc:8b:b0:14:e0:
54:ac:04:b2:27:1e:b5:6e:b9:e3:aa:e2:d1:5d:6f:
8f:80:3b:2d:b7:84:d3:ad:04:d5:49:35:52:39:75:
9d:e8:46:f2:b1:16:10:d6:89:32:b0:08:20:63:e2:
21:43:76:35:59:17:8f:83:d2:cb:46:f5:1f:cb:29:
0c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:59:89:E3:6A:59:C8:B5:CC:6C:91:79:39:59:66:98:22:DD:84:3A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/81mJ42pZyLXMbJF5OVlmmCLdhDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:e7:e1:56:f6:9b:2e:9a:f1:ef:04:a4:4f:14:70:40:a3:76:
4a:70:75:44:73:d3:48:31:ef:3d:53:dd:ad:3f:3b:ef:34:59:
75:cf:6f:6e:ea:5a:b2:cc:39:cb:5f:2e:13:48:d7:53:04:26:
da:4a:48:7a:f6:f2:5e:1c:84:41:7d:2d:ad:43:13:d2:e8:fe:
d0:f0:1d:9a:ea:fe:18:e8:6b:b2:74:cd:48:aa:68:2f:8b:14:
dd:a8:ec:a4:80:7b:41:ef:7f:56:76:55:c0:8c:30:a5:3e:6d:
26:b1:9f:9c:75:b8:d8:b0:fe:57:18:06:2d:85:76:b3:eb:e6:
0c:9c:a2:6f:e3:aa:ac:d7:18:9f:63:38:d8:8a:bf:0f:17:c5:
1d:91:79:5e:ac:a1:c7:8d:7a:4e:13:90:85:05:1a:ee:b8:20:
4d:c0:00:1a:4a:28:cb:97:7f:b6:a8:f0:5f:f0:d5:b4:cd:af:
80:f1:f9:cb:12:d1:c2:aa:91:86:fc:9e:c9:b5:3a:e1:a7:04:
24:10:1e:64:2d:8c:50:c1:f6:ba:be:61:5f:7e:54:73:e3:d3:
c7:25:5f:55:dd:38:2d:b3:1e:53:ea:cb:b6:d0:fb:c3:7e:26:
97:2b:03:e7:15:f9:74:a8:fb:eb:62:78:f3:a7:10:cc:6c:96:
08:4d:70:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZB+6ydk+BZKOLKcV3YXjb7XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA0MTgwNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzU5ODllMzZhNTljOGI1Y2M2YzkxNzkzOTU5NjY5ODIyZGQ4NDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqieHNYiU5J53qEt2KCbhYmdBQMcJ
NIBJX08kaei5KD+7z2XxcNju3dhdLzHmMLdeme9igzV/ozuw/6sVgYxTapOtAdOb
uAGchsItz5FH0mhWW4/HKSDaSVUf49Tw8jGSZrNT0tME7z73o5hLXf78t/ifQevp
0gOltYVQmRkhcRfbIb4YriR0c1NXWGyPChmkbPICTwbppc48GBPlXswnwgGfUrSM
t0upSzjcIfKTdB7wdbbn8NdaHq3onriIvIuwFOBUrASyJx61brnjquLRXW+PgDst
t4TTrQTVSTVSOXWd6EbysRYQ1okysAggY+IhQ3Y1WRePg9LLRvUfyykMywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPNZieNqWci1zGyReTlZZpgi3YQ6MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvODFtSjQycFp5TFhNYkpGNU9WbG1tQ0xkaERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFHn4Vb2my6a8e8EpE8U
cECjdkpwdURz00gx7z1T3a0/O+80WXXPb27qWrLMOctfLhNI11MEJtpKSHr28l4c
hEF9La1DE9Lo/tDwHZrq/hjoa7J0zUiqaC+LFN2o7KSAe0Hvf1Z2VcCMMKU+bSax
n5x1uNiw/lcYBi2FdrPr5gycom/jqqzXGJ9jONiKvw8XxR2ReV6soceNek4TkIUF
Gu64IE3AABpKKMuXf7ao8F/w1bTNr4Dx+csS0cKqkYb8nsm1OuGnBCQQHmQtjFDB
9rq+YV9+VHPj08clX1XdOC2zHlPqy7bQ+8N+JpcrA+cV+XSo++tiePOnEMxslghN
cA4=
-----END CERTIFICATE-----
Generated at Thu Jul 4 20:25:19 2024 by rpki-client on console-ams.rpki-client.org