Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DHYeb_ZwsFgbyzcpgu_Q5GUFdfw.roa
File: DHYeb_ZwsFgbyzcpgu_Q5GUFdfw.roa (raw, json)
Hash identifier: EjKFJPFL9vdxNwr/zEdxtKF09gxQqUQ9+qGXuTNNOwk=
Subject key identifier: 0C:76:1E:6F:F6:70:B0:58:1B:CB:37:29:82:EF:D0:E4:65:05:75:FC
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190437FE8A9E1FB2370FCC017000B2734A2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DHYeb_ZwsFgbyzcpgu_Q5GUFdfw.roa
Signing time: Sun 23 Jun 2024 05:09:34 +0000
ROA not before: Sun 23 Jun 2024 05:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 23 Jun 2024 06:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:43:7f:e8:a9:e1:fb:23:70:fc:c0:17:00:0b:27:34:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 23 05:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c761e6ff670b0581bcb372982efd0e4650575fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8c:b9:fa:91:56:5e:cb:d1:1c:dd:a6:00:96:
08:ef:84:e9:46:19:e4:f4:89:75:d8:bc:93:8d:05:
76:77:5b:bd:13:b1:d7:b4:7f:f5:fc:ab:70:5c:1e:
ae:6c:e6:f1:b2:1c:e6:1a:fe:75:de:ed:b1:88:55:
26:ce:30:8a:1a:5d:78:50:59:36:3f:9e:9b:44:1f:
42:64:91:95:d3:bc:bc:c1:93:35:e2:c4:c1:67:e6:
d7:8a:16:aa:7c:dd:64:6b:76:59:17:e4:6e:f9:a2:
5f:19:aa:e4:a8:97:4f:fb:ee:ce:62:9a:10:1c:74:
85:38:f0:14:e7:71:db:3f:f2:fb:03:2d:41:17:8b:
3d:f8:f8:7c:8e:c7:2d:c1:c7:8e:8b:b6:0b:a9:f0:
27:81:55:ea:2c:b0:56:29:83:23:fe:0a:25:80:7b:
6d:e3:4d:4d:70:81:02:c9:33:39:48:53:0f:64:14:
aa:6d:b4:fc:64:04:2b:bb:c8:d0:b4:79:05:ea:3b:
e2:24:4c:34:73:c6:36:54:fb:ae:75:56:1c:37:08:
ad:83:5d:a2:c6:9a:ab:8b:8b:b5:27:70:30:a8:f1:
e0:91:80:fc:62:60:e9:f1:e5:ff:1a:df:e9:47:03:
47:d8:11:c6:bc:a3:51:ee:4b:f8:5e:b3:9d:aa:2b:
f1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:76:1E:6F:F6:70:B0:58:1B:CB:37:29:82:EF:D0:E4:65:05:75:FC
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DHYeb_ZwsFgbyzcpgu_Q5GUFdfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
25:3e:9a:c0:2a:d1:bb:43:35:62:eb:06:9d:60:ac:fe:f2:35:
35:e8:58:f0:06:d4:83:c2:5d:bd:a3:82:ad:bd:67:93:17:0c:
6f:05:70:81:c7:d7:0b:20:ca:8c:ae:7f:04:53:0e:6c:60:a9:
63:33:9c:2d:51:67:cb:d9:01:da:8a:c9:a8:f6:e1:46:2b:b4:
76:5a:a6:c5:96:d4:33:f2:f6:c0:17:66:06:ef:a1:f3:aa:15:
e0:1e:d1:57:eb:f6:12:23:60:5e:66:94:65:19:91:dc:52:9b:
1a:da:67:70:2e:0f:14:e1:73:c7:a4:27:81:ce:a7:c2:93:c4:
fc:52:7f:81:38:02:24:25:9d:dd:32:d3:ce:0e:64:5e:a6:95:
50:e0:84:00:cb:0c:90:27:76:45:fc:cd:6c:ca:22:d7:96:6b:
b5:61:14:d8:a9:21:ff:37:77:d1:2e:69:38:5c:6a:43:0f:8a:
09:af:cd:58:db:6f:e0:8f:34:30:3a:b3:eb:6b:15:a7:4f:e8:
e8:c1:fe:35:62:cc:6b:f6:dc:5c:27:4b:71:45:49:be:6f:7d:
19:29:8b:06:f6:f8:cc:13:ec:75:1f:b2:2e:3c:b5:23:1d:8d:
a4:17:dd:f7:a6:d5:e8:4f:5a:58:5d:4e:d2:da:bc:d2:10:f7:
41:91:09:9a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBDf+ip4fsjcPzAFwALJzSiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIzMDUwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzc2MWU2ZmY2NzBiMDU4MWJjYjM3Mjk4MmVmZDBlNDY1MDU3NWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIy5+pFWXsvRHN2mAJYI74TpRhnk
9Il12LyTjQV2d1u9E7HXtH/1/KtwXB6ubObxshzmGv513u2xiFUmzjCKGl14UFk2
P56bRB9CZJGV07y8wZM14sTBZ+bXihaqfN1ka3ZZF+Ru+aJfGarkqJdP++7OYpoQ
HHSFOPAU53HbP/L7Ay1BF4s9+Ph8jsctwceOi7YLqfAngVXqLLBWKYMj/golgHtt
401NcIECyTM5SFMPZBSqbbT8ZAQru8jQtHkF6jviJEw0c8Y2VPuudVYcNwitg12i
xpqri4u1J3AwqPHgkYD8YmDp8eX/Gt/pRwNH2BHGvKNR7kv4XrOdqivxOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAx2Hm/2cLBYG8s3KYLv0ORlBXX8MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvREhZZWJfWndzRmdieXpjcGd1X1E1R1VGZGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACU+msAq0btDNWLrBp1g
rP7yNTXoWPAG1IPCXb2jgq29Z5MXDG8FcIHH1wsgyoyufwRTDmxgqWMznC1RZ8vZ
AdqKyaj24UYrtHZapsWW1DPy9sAXZgbvofOqFeAe0Vfr9hIjYF5mlGUZkdxSmxra
Z3AuDxThc8ekJ4HOp8KTxPxSf4E4AiQlnd0y084OZF6mlVDghADLDJAndkX8zWzK
IteWa7VhFNipIf83d9EuaThcakMPigmvzVjbb+CPNDA6s+trFadP6OjB/jVizGv2
3FwnS3FFSb5vfRkpiwb2+MwT7HUfsi48tSMdjaQX3fem1ehPWlhdTtLavNIQ90GR
CZo=
-----END CERTIFICATE-----
Generated at Sun Jun 23 07:39:15 2024 by rpki-client on console-ams.rpki-client.org