Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9bdTiVaQTvkIRgztIfXN4YLGiXw.roa
File: 9bdTiVaQTvkIRgztIfXN4YLGiXw.roa (raw, json)
Hash identifier: oyX2EEI6y+PwezcQADBW3/DTa7K4X13YW1WterLNIEE=
Subject key identifier: F5:B7:53:89:56:90:4E:F9:08:46:0C:ED:21:F5:CD:E1:82:C6:89:7C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01908FAF2573A8198CFAE99FD3BC12762C89
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9bdTiVaQTvkIRgztIfXN4YLGiXw.roa
Signing time: Mon 08 Jul 2024 00:12:18 +0000
ROA not before: Mon 08 Jul 2024 00:12:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 08 Jul 2024 01:06:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8f:af:25:73:a8:19:8c:fa:e9:9f:d3:bc:12:76:2c:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 8 00:12:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5b7538956904ef908460ced21f5cde182c6897c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7e:2c:39:ea:6a:b1:c1:0a:54:95:1e:44:38:
82:91:c5:14:ff:81:5d:61:9b:8c:d7:50:54:be:45:
14:9c:c1:07:62:6c:1b:fe:45:aa:7f:04:f5:78:9d:
fe:63:da:71:98:29:d1:3a:2d:8c:85:b2:10:f4:c4:
4e:ea:4e:1f:25:43:2f:45:e8:5a:4a:af:5d:f6:b3:
96:8a:a5:3c:37:ea:6b:2e:3b:86:29:3b:b0:56:be:
ab:3b:f1:e0:49:8c:e9:12:74:44:7f:f9:12:16:02:
2d:87:0c:7c:16:a9:71:66:71:05:32:ae:d1:e1:a5:
b8:76:ff:57:32:2f:ee:32:70:8a:cc:8f:51:27:94:
15:f5:16:dc:aa:1a:2c:54:b8:8b:68:fa:3a:f4:af:
25:3b:9e:af:8b:c9:24:10:5a:48:d4:c6:dd:d5:a8:
49:32:5b:7c:ef:b0:f4:ed:7d:3e:e1:35:82:98:3d:
10:1d:27:36:9a:d1:59:c7:75:32:08:84:61:f5:98:
ba:08:ef:59:0f:61:f4:47:d5:36:67:14:88:93:b9:
1c:c9:43:7a:e0:f2:f7:c6:fb:e8:85:a5:e6:65:ab:
28:b3:b4:90:d0:ef:98:95:b2:73:4d:d4:be:3e:bd:
0b:30:09:94:bd:d3:11:e9:43:07:60:be:04:af:62:
eb:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:B7:53:89:56:90:4E:F9:08:46:0C:ED:21:F5:CD:E1:82:C6:89:7C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9bdTiVaQTvkIRgztIfXN4YLGiXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:bd:67:ee:ef:95:de:61:ab:50:c6:d6:16:24:4b:fe:dd:87:
cd:bf:42:14:36:c9:a3:28:53:14:b3:32:dd:80:5a:fd:06:20:
4d:4e:75:84:c1:0c:68:ef:93:5d:db:d0:8b:a2:b7:07:e2:3a:
d8:a7:49:52:af:25:33:bc:c8:89:66:30:87:44:97:3d:c1:62:
af:78:fc:62:18:06:b1:44:da:37:7d:37:f8:95:ca:fd:2d:23:
92:c0:db:1d:ce:da:22:dc:32:38:fc:38:13:28:c6:3f:a3:1f:
7f:03:a2:e2:29:63:cd:c7:8d:c9:42:43:65:5b:99:8f:49:53:
ca:d0:9c:69:73:80:15:01:ce:9d:09:a3:aa:6b:66:17:f4:5a:
1a:34:19:ce:7d:bd:43:86:56:57:14:85:49:6a:1f:a8:36:23:
0b:27:8a:40:93:05:65:cc:fc:4e:fb:f1:19:3f:b3:5e:ab:9c:
e0:eb:3b:0e:37:d7:97:d1:b9:0c:e1:9a:48:6a:1a:b4:9b:73:
3c:5c:71:4d:08:c2:e2:53:ee:fe:da:c8:6a:ea:b3:0e:f5:53:
99:20:55:4d:70:05:0e:b1:69:72:80:f6:f5:d3:6c:7f:b1:2f:
ca:4f:c5:c7:fd:a1:37:72:3d:87:f8:c6:13:3b:e9:70:81:3a:
a2:56:4c:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCPryVzqBmM+umf07wSdiyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA4MDAxMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWI3NTM4OTU2OTA0ZWY5MDg0NjBjZWQyMWY1Y2RlMTgyYzY4OTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH4sOepqscEKVJUeRDiCkcUU/4Fd
YZuM11BUvkUUnMEHYmwb/kWqfwT1eJ3+Y9pxmCnROi2MhbIQ9MRO6k4fJUMvReha
Sq9d9rOWiqU8N+prLjuGKTuwVr6rO/HgSYzpEnREf/kSFgIthwx8FqlxZnEFMq7R
4aW4dv9XMi/uMnCKzI9RJ5QV9RbcqhosVLiLaPo69K8lO56vi8kkEFpI1Mbd1ahJ
Mlt877D07X0+4TWCmD0QHSc2mtFZx3UyCIRh9Zi6CO9ZD2H0R9U2ZxSIk7kcyUN6
4PL3xvvohaXmZasos7SQ0O+YlbJzTdS+Pr0LMAmUvdMR6UMHYL4Er2LrJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPW3U4lWkE75CEYM7SH1zeGCxol8MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvOWJkVGlWYVFUdmtJUmd6dElmWE40WUxHaVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFi9Z+7vld5hq1DG1hYk
S/7dh82/QhQ2yaMoUxSzMt2AWv0GIE1OdYTBDGjvk13b0IuitwfiOtinSVKvJTO8
yIlmMIdElz3BYq94/GIYBrFE2jd9N/iVyv0tI5LA2x3O2iLcMjj8OBMoxj+jH38D
ouIpY83HjclCQ2VbmY9JU8rQnGlzgBUBzp0Jo6prZhf0Who0Gc59vUOGVlcUhUlq
H6g2IwsnikCTBWXM/E778Rk/s16rnODrOw4315fRuQzhmkhqGrSbczxccU0IwuJT
7v7ayGrqsw71U5kgVU1wBQ6xaXKA9vXTbH+xL8pPxcf9oTdyPYf4xhM76XCBOqJW
TFw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:11 2025 by rpki-client