Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CYbwLaz7KAMp_SF1f_BB2xsxBho.roa
File: CYbwLaz7KAMp_SF1f_BB2xsxBho.roa (raw, json)
Hash identifier: I3O1905xvsLssVKRNFrnAfGFzr3PzlcHrUIsDWNTDiQ=
Subject key identifier: 09:86:F0:2D:AC:FB:28:03:29:FD:21:75:7F:F0:41:DB:1B:31:06:1A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FCB1A94C7890DE1909C61BC6254758B8A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CYbwLaz7KAMp_SF1f_BB2xsxBho.roa
Signing time: Thu 30 May 2024 20:04:27 +0000
ROA not before: Thu 30 May 2024 20:04:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:cb1a:7a27/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 30 May 2024 20:09:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:cb:1a:94:c7:89:0d:e1:90:9c:61:bc:62:54:75:8b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 30 20:04:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0986f02dacfb280329fd21757ff041db1b31061a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8e:ef:98:82:e4:72:05:c8:45:59:30:95:59:
75:44:ab:c6:8a:db:7d:20:b2:21:54:e1:71:10:45:
e5:fe:b6:74:c0:a9:4a:d9:69:58:87:1e:dc:4c:f0:
b4:49:83:65:c8:55:a0:19:d5:92:18:60:b6:14:ee:
32:12:42:9c:6d:b3:c6:00:e3:35:12:a2:2b:f8:29:
4f:e3:f9:6c:3a:78:d9:f9:ed:c1:20:b2:1b:5b:92:
8c:db:75:3f:5d:23:88:2d:f5:59:9e:45:7d:dd:30:
69:df:79:df:00:65:53:18:0c:18:dd:d0:36:1b:ca:
4b:9d:bb:0b:04:4d:d9:34:20:ae:ea:38:20:e9:bb:
01:98:ce:7a:35:7b:b3:ba:5a:8e:8a:89:6d:28:17:
b0:d6:a2:9a:40:62:8c:0b:b2:24:2b:a0:6b:be:a2:
0b:52:b8:e6:53:71:c3:31:48:87:a8:e0:7e:98:41:
d2:2b:d6:dd:c3:2f:56:82:de:76:87:60:27:40:07:
5b:98:f1:84:8b:a3:a5:d8:3f:f3:1b:9d:bf:6b:5f:
aa:c4:19:09:bf:24:fd:c2:cc:8f:b5:86:ca:77:5d:
0b:55:a8:89:ee:12:ac:44:1f:b0:26:3f:4c:07:1c:
d6:a5:82:1b:4a:d0:26:07:b9:18:58:8d:b6:91:a6:
5b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:86:F0:2D:AC:FB:28:03:29:FD:21:75:7F:F0:41:DB:1B:31:06:1A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CYbwLaz7KAMp_SF1f_BB2xsxBho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:58:a5:de:93:bf:03:af:9e:df:a0:7c:5b:1a:87:22:c7:9b:
82:26:4a:01:bc:c5:c0:a9:c7:e9:c5:7e:20:77:a0:ae:02:d8:
18:0e:0e:c2:a4:5c:78:da:d3:2e:fa:8f:c0:c3:27:3f:51:3a:
ca:61:5e:f1:e5:fa:57:cc:d8:29:3a:7c:18:1a:96:50:c3:82:
b5:9b:d1:3d:72:3b:76:8b:8b:08:3d:51:4b:da:d1:fb:f3:a6:
07:64:2b:4c:01:a6:d5:e9:02:42:96:54:91:8b:1a:55:07:10:
94:ad:65:13:36:18:ec:2c:71:11:37:8a:43:18:8a:ca:c7:6f:
3c:85:8c:af:46:9b:17:b8:62:63:e9:c3:59:66:2b:f2:4d:21:
e2:65:f9:39:5f:57:c6:0b:77:14:c8:81:9c:ae:d3:e4:0e:b8:
51:d5:6f:21:1c:b2:85:8f:de:b8:24:7e:67:53:60:44:c4:fb:
f4:98:56:46:4e:da:65:90:40:34:8b:bc:4f:71:0a:00:fb:31:
e7:cb:a1:6f:47:d9:9d:3b:d4:f2:0e:17:06:87:04:2c:67:e4:
e8:6f:be:9f:92:45:41:52:5c:79:4f:cd:fb:2f:1d:aa:5a:eb:
96:08:15:80:0e:98:07:f4:7e:93:b5:2c:c0:46:c7:cf:40:a6:
f5:5e:52:ee
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/LGpTHiQ3hkJxhvGJUdYuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTMwMjAwNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTg2ZjAyZGFjZmIyODAzMjlmZDIxNzU3ZmYwNDFkYjFiMzEwNjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvI7vmILkcgXIRVkwlVl1RKvGitt9
ILIhVOFxEEXl/rZ0wKlK2WlYhx7cTPC0SYNlyFWgGdWSGGC2FO4yEkKcbbPGAOM1
EqIr+ClP4/lsOnjZ+e3BILIbW5KM23U/XSOILfVZnkV93TBp33nfAGVTGAwY3dA2
G8pLnbsLBE3ZNCCu6jgg6bsBmM56NXuzulqOioltKBew1qKaQGKMC7IkK6BrvqIL
UrjmU3HDMUiHqOB+mEHSK9bdwy9Wgt52h2AnQAdbmPGEi6Ol2D/zG52/a1+qxBkJ
vyT9wsyPtYbKd10LVaiJ7hKsRB+wJj9MBxzWpYIbStAmB7kYWI22kaZbcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAmG8C2s+ygDKf0hdX/wQdsbMQYaMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQ1lid0xhejdLQU1wX1NGMWZfQkIyeHN4QmhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFNYpd6TvwOvnt+gfFsa
hyLHm4ImSgG8xcCpx+nFfiB3oK4C2BgODsKkXHja0y76j8DDJz9ROsphXvHl+lfM
2Ck6fBgallDDgrWb0T1yO3aLiwg9UUva0fvzpgdkK0wBptXpAkKWVJGLGlUHEJSt
ZRM2GOwscRE3ikMYisrHbzyFjK9Gmxe4YmPpw1lmK/JNIeJl+TlfV8YLdxTIgZyu
0+QOuFHVbyEcsoWP3rgkfmdTYETE+/SYVkZO2mWQQDSLvE9xCgD7MefLoW9H2Z07
1PIOFwaHBCxn5Ohvvp+SRUFSXHlPzfsvHapa65YIFYAOmAf0fpO1LMBGx89ApvVe
Uu4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:22 2025 by rpki-client