Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9PNC5rKngf1UuvRwi2fiUx8PCgs.roa
File: 9PNC5rKngf1UuvRwi2fiUx8PCgs.roa (raw, json)
Hash identifier: P+7hZvq4/QJZhKO2IyP4KB0z0+OxDqKdALkAvL5cCeU=
Subject key identifier: F4:F3:42:E6:B2:A7:81:FD:54:BA:F4:70:8B:67:E2:53:1F:0F:0A:0B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01908FE6136EE7561893333FEC070E258B9A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9PNC5rKngf1UuvRwi2fiUx8PCgs.roa
Signing time: Mon 08 Jul 2024 01:12:18 +0000
ROA not before: Mon 08 Jul 2024 01:12:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 08 Jul 2024 02:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8f:e6:13:6e:e7:56:18:93:33:3f:ec:07:0e:25:8b:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 8 01:12:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4f342e6b2a781fd54baf4708b67e2531f0f0a0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d6:ba:01:ee:62:e5:46:da:c4:bd:8d:69:c5:
f4:b9:f7:06:df:7a:c4:89:69:87:6a:f1:cf:5a:8e:
95:ed:a9:8f:5c:ca:5d:d9:db:44:b0:e0:18:1f:a9:
5c:ee:75:69:27:93:2c:0e:cd:11:34:ee:f2:6f:27:
f6:5d:cb:bd:f1:0c:1e:24:eb:d4:90:19:13:da:30:
f8:ff:33:e0:18:1a:42:ba:5e:3d:be:4a:a1:fb:d9:
70:4b:84:05:e2:5c:13:11:1d:29:68:b7:85:f8:1e:
b0:a3:59:fd:8b:a6:3d:9d:3f:97:56:e6:37:74:ca:
58:6d:a2:e7:a7:48:f4:70:cb:c1:03:d9:81:a1:f7:
b6:90:f9:4a:f5:f9:ed:b5:37:b3:b5:b3:1c:71:cd:
a9:dd:78:d7:fe:79:0b:22:2d:d4:b6:ec:9f:65:65:
ca:02:bf:d7:6d:56:75:75:52:13:74:b8:a5:7a:e6:
8e:f1:2e:40:39:d7:f7:7a:84:b6:cb:f2:41:d4:f5:
1e:11:c1:a9:da:82:75:f6:38:f0:6d:f6:3a:f3:74:
ec:d9:7c:d5:23:93:ee:ac:f7:af:d3:1b:83:4b:31:
9e:23:e1:8e:b7:dc:f9:78:1f:47:65:aa:9d:46:f1:
3b:e3:e7:56:94:9a:6b:de:75:57:03:5e:0a:ea:dc:
34:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F3:42:E6:B2:A7:81:FD:54:BA:F4:70:8B:67:E2:53:1F:0F:0A:0B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9PNC5rKngf1UuvRwi2fiUx8PCgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:0e:23:fb:01:84:5b:27:12:c3:f3:f3:9f:4b:95:f6:31:1f:
61:da:14:36:b0:2f:a6:71:23:6a:7a:fb:92:a1:e5:66:bd:07:
1a:34:0c:a7:d6:c0:6d:69:38:d3:de:8f:52:d4:4c:0e:2f:7b:
fa:b9:d0:fc:be:fa:da:45:d8:3e:b1:40:1d:7c:ea:99:cc:87:
ed:42:89:0d:33:83:7c:16:59:8c:e0:ac:a4:9b:b9:7a:d6:cd:
c1:ff:ab:58:a2:2c:6b:d8:7e:87:23:39:25:2d:9e:c3:61:9e:
ca:23:78:96:73:3d:4c:5e:61:6b:9d:65:3d:ed:c3:9f:88:6b:
54:a8:09:10:b2:69:0d:b0:ec:6a:53:74:6b:be:d5:ef:2e:ff:
24:e0:4a:17:0f:9f:6e:f1:e0:ad:79:e3:1d:7a:d7:0d:2f:c2:
ed:00:f0:02:9e:1c:e5:2f:f0:f7:62:36:16:6a:83:41:a4:1c:
cf:61:64:b4:a3:11:39:1b:ae:ea:53:b8:86:90:d3:c0:0a:83:
c0:e9:37:cc:ca:9e:ad:3c:d6:8e:17:db:9f:e6:87:36:6d:5e:
7e:03:ea:42:d5:49:ef:59:70:25:7f:39:ed:66:38:a7:75:7b:
f4:26:85:1b:ce:cd:ea:cc:8f:42:32:18:fc:f0:27:94:84:d1:
41:22:36:30
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCP5hNu51YYkzM/7AcOJYuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA4MDExMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGYzNDJlNmIyYTc4MWZkNTRiYWY0NzA4YjY3ZTI1MzFmMGYwYTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxta6Ae5i5UbaxL2NacX0ufcG33rE
iWmHavHPWo6V7amPXMpd2dtEsOAYH6lc7nVpJ5MsDs0RNO7ybyf2Xcu98QweJOvU
kBkT2jD4/zPgGBpCul49vkqh+9lwS4QF4lwTER0paLeF+B6wo1n9i6Y9nT+XVuY3
dMpYbaLnp0j0cMvBA9mBofe2kPlK9fnttTeztbMccc2p3XjX/nkLIi3UtuyfZWXK
Ar/XbVZ1dVITdLileuaO8S5AOdf3eoS2y/JB1PUeEcGp2oJ19jjwbfY683Ts2XzV
I5PurPev0xuDSzGeI+GOt9z5eB9HZaqdRvE74+dWlJpr3nVXA14K6tw0gwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPTzQuayp4H9VLr0cItn4lMfDwoLMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvOVBOQzVyS25nZjFVdXZSd2kyZmlVeDhQQ2dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADsOI/sBhFsnEsPz859L
lfYxH2HaFDawL6ZxI2p6+5Kh5Wa9Bxo0DKfWwG1pONPej1LUTA4ve/q50Py++tpF
2D6xQB186pnMh+1CiQ0zg3wWWYzgrKSbuXrWzcH/q1iiLGvYfocjOSUtnsNhnsoj
eJZzPUxeYWudZT3tw5+Ia1SoCRCyaQ2w7GpTdGu+1e8u/yTgShcPn27x4K154x16
1w0vwu0A8AKeHOUv8PdiNhZqg0GkHM9hZLSjETkbrupTuIaQ08AKg8DpN8zKnq08
1o4X25/mhzZtXn4D6kLVSe9ZcCV/Oe1mOKd1e/QmhRvOzerMj0IyGPzwJ5SE0UEi
NjA=
Generated at Mon Jul 8 04:08:20 2024 by rpki-client on console-fra.rpki-client.org