Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9w9UnkC-qls41m56hCdAq_k9ytU.roa
File: 9w9UnkC-qls41m56hCdAq_k9ytU.roa (raw, json)
Hash identifier: zwaZqFlhvtHNNzn4G/VLC+ZbLTwKjdsD3LkF5OXNW4Y=
Subject key identifier: F7:0F:54:9E:40:BE:AA:5B:38:D6:6E:7A:84:27:40:AB:F9:3D:CA:D5
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01902E42976CB698244DB241010FA1E3B7B0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9w9UnkC-qls41m56hCdAq_k9ytU.roa
Signing time: Wed 19 Jun 2024 02:10:34 +0000
ROA not before: Wed 19 Jun 2024 02:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 19 Jun 2024 03:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2e:42:97:6c:b6:98:24:4d:b2:41:01:0f:a1:e3:b7:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 19 02:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f70f549e40beaa5b38d66e7a842740abf93dcad5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:54:b4:af:f0:9b:09:82:fa:6a:47:30:f1:86:
fc:ec:d4:4f:aa:70:ed:e3:bc:bc:72:7c:21:06:5a:
8e:67:33:90:80:4d:ce:92:bc:9d:4e:7a:da:69:86:
45:ab:30:f7:fc:f5:79:97:ad:55:72:16:05:9a:6d:
3f:bb:bd:f0:7e:06:db:1e:b2:59:32:a5:a5:44:0d:
ac:3c:01:31:54:03:e2:d8:15:6a:8b:4a:bc:85:94:
bf:dd:4b:8c:60:59:44:6a:28:77:c8:4a:99:9e:29:
1d:e8:bd:1f:56:d9:4e:18:23:27:bf:76:89:57:71:
bb:8a:05:79:84:c8:c1:a4:be:33:ba:26:56:ac:89:
0a:b5:2b:04:a4:9f:b8:d0:dc:f9:8e:43:90:cb:7a:
8d:34:8a:5c:ec:87:47:2b:0a:3d:7c:66:91:2a:8d:
91:56:97:ae:35:e6:db:a4:03:2d:1f:e1:06:6b:9b:
65:4d:c5:52:d6:c2:87:ec:80:28:f9:6d:f9:6f:f4:
5a:0f:13:03:1e:b1:13:5a:c6:94:b6:cc:24:73:0b:
c1:e7:a9:70:4c:22:e3:e0:80:12:2d:ca:05:67:c4:
db:29:e1:ea:e2:80:e7:29:b2:c3:11:d7:4e:f6:b4:
24:9d:0f:f2:83:f2:c8:b6:f9:63:4c:fa:6b:6c:c1:
40:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:0F:54:9E:40:BE:AA:5B:38:D6:6E:7A:84:27:40:AB:F9:3D:CA:D5
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9w9UnkC-qls41m56hCdAq_k9ytU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:3f:87:4d:fc:14:47:b7:41:d0:c3:c6:b6:7f:ff:4f:94:89:
95:53:d5:46:f6:cc:0f:fd:ed:42:ad:c3:80:1e:bd:d8:31:da:
8d:85:b8:92:9a:4d:f9:8b:99:39:ae:3b:63:68:b3:38:a6:44:
c5:63:aa:03:18:16:99:0c:08:0c:f9:a2:d1:68:97:ad:08:08:
45:ea:33:c2:73:df:9c:29:9f:9e:11:3b:35:e5:40:e8:af:d2:
80:3c:ea:a7:fc:b7:75:f7:09:76:92:ec:e4:45:b4:59:b9:5a:
41:92:fb:ed:66:34:f4:ea:56:55:8c:82:b8:69:53:ae:6a:e4:
57:66:3a:bb:e4:84:d2:7c:6b:76:eb:d6:00:ff:ca:fd:ad:a4:
84:af:34:1f:57:f1:a9:89:de:96:57:2e:ee:42:65:f6:99:ed:
b2:06:47:dc:ba:6c:3a:e2:fe:8c:76:cb:aa:b5:c8:00:bb:96:
35:18:02:44:b9:1b:98:79:27:d2:7b:29:06:ef:c0:e2:f1:c6:
06:79:ce:0e:3d:e0:c7:f2:69:72:88:5d:c8:f5:f1:bf:07:2e:
e2:96:c1:ce:cf:e3:c3:79:a8:08:ca:89:47:62:fe:cb:75:e6:
3c:93:37:47:a6:4e:bd:cf:b3:1c:ef:c6:bc:27:68:40:0e:50:
bf:a4:39:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAuQpdstpgkTbJBAQ+h47ewMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE5MDIxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzBmNTQ5ZTQwYmVhYTViMzhkNjZlN2E4NDI3NDBhYmY5M2RjYWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlS0r/CbCYL6akcw8Yb87NRPqnDt
47y8cnwhBlqOZzOQgE3OkrydTnraaYZFqzD3/PV5l61VchYFmm0/u73wfgbbHrJZ
MqWlRA2sPAExVAPi2BVqi0q8hZS/3UuMYFlEaih3yEqZnikd6L0fVtlOGCMnv3aJ
V3G7igV5hMjBpL4zuiZWrIkKtSsEpJ+40Nz5jkOQy3qNNIpc7IdHKwo9fGaRKo2R
VpeuNebbpAMtH+EGa5tlTcVS1sKH7IAo+W35b/RaDxMDHrETWsaUtswkcwvB56lw
TCLj4IASLcoFZ8TbKeHq4oDnKbLDEddO9rQknQ/yg/LItvljTPprbMFAdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPcPVJ5AvqpbONZueoQnQKv5PcrVMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvOXc5VW5rQy1xbHM0MW01NmhDZEFxX2s5eXRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADM/h038FEe3QdDDxrZ/
/0+UiZVT1Ub2zA/97UKtw4Aevdgx2o2FuJKaTfmLmTmuO2NoszimRMVjqgMYFpkM
CAz5otFol60ICEXqM8Jz35wpn54ROzXlQOiv0oA86qf8t3X3CXaS7ORFtFm5WkGS
++1mNPTqVlWMgrhpU65q5FdmOrvkhNJ8a3br1gD/yv2tpISvNB9X8amJ3pZXLu5C
ZfaZ7bIGR9y6bDri/ox2y6q1yAC7ljUYAkS5G5h5J9J7KQbvwOLxxgZ5zg494Mfy
aXKIXcj18b8HLuKWwc7P48N5qAjKiUdi/st15jyTN0emTr3PsxzvxrwnaEAOUL+k
ORk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:39 2025 by rpki-client