Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8MlV7st_OfLt8igCqK-tDwlVgFg.roa
File: 8MlV7st_OfLt8igCqK-tDwlVgFg.roa (raw, json)
Hash identifier: PuRzhlF9oR9zeEVc0nsSa4U6ZTWoluWEH3MZdQJvCTk=
Subject key identifier: F0:C9:55:EE:CB:7F:39:F2:ED:F2:28:02:A8:AF:AD:0F:09:55:80:58
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FF03D69B6BF9DCE9D919944DCAF32669D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8MlV7st_OfLt8igCqK-tDwlVgFg.roa
Signing time: Fri 07 Jun 2024 01:08:27 +0000
ROA not before: Fri 07 Jun 2024 01:08:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 07 Jun 2024 02:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f0:3d:69:b6:bf:9d:ce:9d:91:99:44:dc:af:32:66:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 7 01:08:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0c955eecb7f39f2edf22802a8afad0f09558058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f7:0c:6b:a5:c3:2d:97:f2:c2:78:cd:d6:21:
a0:a0:8f:4a:99:e7:9d:e5:da:d8:ae:21:e5:94:69:
1e:12:4c:21:23:83:d1:12:5c:33:6e:47:1e:cb:7c:
38:8b:39:6d:82:09:68:b6:f5:07:78:36:10:f9:10:
8c:da:b2:df:e1:a5:58:0d:ea:ef:82:b4:52:0a:d7:
e4:06:d0:cf:a6:fb:81:17:8f:e3:61:6f:f1:e2:f3:
d6:83:00:e0:d8:7e:77:a7:ae:75:c9:7d:fa:cd:1e:
2e:4d:58:88:eb:ca:df:86:6e:53:80:90:04:47:8a:
6a:04:87:e3:c0:67:61:f0:54:40:e5:04:52:1d:bd:
69:83:79:ec:e2:2d:c8:49:b9:7d:c0:2e:97:b2:a0:
8c:12:3f:85:1b:e8:df:91:9a:7d:0b:a3:e1:40:71:
1f:df:fa:5a:bb:20:45:19:a5:40:d9:08:a3:cc:b7:
15:28:94:09:8f:1d:09:dc:34:f9:0f:d5:74:c4:4b:
47:00:e2:d4:18:f6:50:e7:28:ee:11:d6:51:e3:f4:
92:fa:83:12:05:39:53:f6:0a:de:be:48:a4:dc:95:
2c:38:d8:26:dc:dc:46:61:24:3f:e6:08:23:db:49:
ff:dd:82:4d:40:83:f9:c3:27:a6:9d:f8:76:2b:cb:
a8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C9:55:EE:CB:7F:39:F2:ED:F2:28:02:A8:AF:AD:0F:09:55:80:58
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8MlV7st_OfLt8igCqK-tDwlVgFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
39:2e:86:c0:61:52:bd:69:24:97:df:99:b4:ef:2c:1c:8d:8d:
26:de:89:24:fd:22:d5:01:79:32:d8:70:31:0a:8c:7a:31:d1:
da:ea:a3:0a:73:ab:35:5c:29:cc:43:f8:4a:8a:4e:ca:d3:57:
df:e5:34:69:c7:c0:1f:dc:17:85:6a:33:96:56:7f:1d:65:58:
73:4f:de:3a:a9:e8:55:fd:58:80:76:37:dc:1b:d3:09:da:37:
aa:14:d0:c1:f2:d1:a2:56:59:37:41:c1:89:e8:c4:72:08:e0:
1f:20:6a:ce:66:9e:f3:71:e1:53:c7:78:88:8e:c2:9c:8f:c0:
83:c3:b0:4d:c4:8b:4a:13:d6:ab:62:4a:9d:fa:d9:d3:b8:f9:
c2:61:a9:1f:e5:d4:0d:35:4b:fc:5b:75:11:e7:50:4b:f3:0a:
bc:28:de:0e:4d:35:d2:60:6a:3a:b6:76:39:ea:d9:96:4a:91:
96:3d:31:05:1a:de:06:d9:85:50:2d:3b:91:2a:7d:7d:5a:bd:
33:18:2a:b9:9b:ce:f1:99:86:cd:76:6d:7b:74:cd:27:52:63:
d9:8c:fe:9a:40:ba:3b:31:ea:7c:df:d5:2b:6f:ec:25:c4:3e:
21:c5:15:c9:20:49:ad:a8:af:f7:8b:99:8d:a8:69:d0:b9:f1:
c4:40:59:76
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/wPWm2v53OnZGZRNyvMmadMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA3MDEwODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGM5NTVlZWNiN2YzOWYyZWRmMjI4MDJhOGFmYWQwZjA5NTU4MDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfcMa6XDLZfywnjN1iGgoI9Kmeed
5drYriHllGkeEkwhI4PRElwzbkcey3w4izltgglotvUHeDYQ+RCM2rLf4aVYDerv
grRSCtfkBtDPpvuBF4/jYW/x4vPWgwDg2H53p651yX36zR4uTViI68rfhm5TgJAE
R4pqBIfjwGdh8FRA5QRSHb1pg3ns4i3ISbl9wC6XsqCMEj+FG+jfkZp9C6PhQHEf
3/pauyBFGaVA2QijzLcVKJQJjx0J3DT5D9V0xEtHAOLUGPZQ5yjuEdZR4/SS+oMS
BTlT9grevkik3JUsONgm3NxGYSQ/5ggj20n/3YJNQIP5wyemnfh2K8uodQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPDJVe7Lfzny7fIoAqivrQ8JVYBYMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvOE1sVjdzdF9PZkx0OGlnQ3FLLXREd2xWZ0ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADkuhsBhUr1pJJffmbTv
LByNjSbeiST9ItUBeTLYcDEKjHox0drqowpzqzVcKcxD+EqKTsrTV9/lNGnHwB/c
F4VqM5ZWfx1lWHNP3jqp6FX9WIB2N9wb0wnaN6oU0MHy0aJWWTdBwYnoxHII4B8g
as5mnvNx4VPHeIiOwpyPwIPDsE3Ei0oT1qtiSp362dO4+cJhqR/l1A01S/xbdRHn
UEvzCrwo3g5NNdJgajq2djnq2ZZKkZY9MQUa3gbZhVAtO5EqfX1avTMYKrmbzvGZ
hs12bXt0zSdSY9mM/ppAujsx6nzf1Stv7CXEPiHFFckgSa2or/eLmY2oadC58cRA
WXY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:30 2025 by rpki-client