Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DcY2wFNPIX2MDmHfnJfXhXJLPuU.roa
File: DcY2wFNPIX2MDmHfnJfXhXJLPuU.roa (raw, json)
Hash identifier: oStrZJgLXgEi2yfhZISE5Z1Hhw4QQf1itpgN+/GAUe0=
Subject key identifier: 0D:C6:36:C0:53:4F:21:7D:8C:0E:61:DF:9C:97:D7:85:72:4B:3E:E5
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019090C2B8F777370265D3B0C893586CEAA8
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DcY2wFNPIX2MDmHfnJfXhXJLPuU.roa
Signing time: Mon 08 Jul 2024 05:13:18 +0000
ROA not before: Mon 08 Jul 2024 05:13:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 08 Jul 2024 06:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:90:c2:b8:f7:77:37:02:65:d3:b0:c8:93:58:6c:ea:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 8 05:13:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0dc636c0534f217d8c0e61df9c97d785724b3ee5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:38:66:3c:97:61:66:17:19:fd:e2:d9:2e:72:
cd:8f:08:4e:df:97:33:b2:8e:d1:2f:bd:65:8e:ec:
3d:b6:b8:16:ed:4c:97:76:a8:20:eb:41:d5:21:5e:
d5:03:04:ad:3a:ad:ab:70:e1:3c:90:66:9c:9c:cc:
23:29:6c:f9:d1:6b:cc:40:e9:34:43:f1:b7:3d:9a:
e7:9d:3d:bb:18:62:25:88:9a:ef:20:de:f1:2a:8f:
70:7c:35:01:7c:62:f5:16:62:34:1b:45:3b:ab:09:
5c:71:57:0f:d3:1a:b5:29:f3:8e:12:09:6b:a6:85:
66:50:20:5f:09:e1:78:d9:d1:52:b9:ad:eb:58:03:
93:6f:7b:e2:62:60:27:da:1c:38:da:a1:c7:f3:9f:
00:48:1d:06:84:f7:a0:41:b4:ff:41:a8:12:6d:1f:
22:47:aa:0d:10:e1:26:23:45:70:53:d3:47:77:b5:
d7:eb:ab:72:f8:e1:af:51:c9:01:c4:e3:6d:43:0d:
c7:99:e2:ae:37:03:2a:67:6b:57:9c:dd:3b:ca:9a:
a7:88:5f:53:4c:ff:90:e1:0e:df:ce:1e:d6:23:02:
bd:87:a9:74:aa:ff:de:c1:8b:3c:5c:81:69:f0:0d:
9f:9d:4f:22:5a:12:a0:4f:90:d8:59:ed:79:56:01:
ec:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:C6:36:C0:53:4F:21:7D:8C:0E:61:DF:9C:97:D7:85:72:4B:3E:E5
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DcY2wFNPIX2MDmHfnJfXhXJLPuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
71:7d:9e:b4:15:51:3d:21:2a:b4:7d:0c:a8:f1:4a:e3:7d:ec:
8f:8b:ea:2a:c3:34:f5:bc:e1:02:ed:72:cc:53:d0:1f:74:eb:
46:49:14:b2:cc:53:b1:eb:f0:22:d6:da:2a:22:b3:1e:bb:db:
a6:f3:14:f2:8f:0a:a2:a3:23:32:dc:ab:e9:08:f6:fa:9f:24:
7a:6c:fb:04:56:80:fb:84:b5:60:59:0c:8f:71:70:88:6c:8d:
73:e6:f4:cb:cd:b8:6a:86:fd:f8:a6:4e:29:3a:5e:1a:42:5a:
9a:19:8e:3c:57:1e:f3:cc:7e:7c:87:b8:a0:7c:d6:9c:2d:1a:
fa:cf:70:e0:4b:18:d9:4e:1a:61:33:da:0e:cf:72:1d:ce:3c:
ff:5c:91:d8:a3:11:d1:82:63:f5:d0:7a:42:29:15:53:6f:53:
8e:65:9d:a0:7c:dc:0c:f1:8b:be:a4:4f:df:05:e0:c8:76:de:
67:99:2c:6b:45:73:31:5e:ff:eb:cf:7a:8d:47:9b:d0:2e:4e:
fa:d0:2c:c7:71:77:e8:86:04:49:09:80:7e:03:59:1b:d9:f1:
27:6c:30:0d:da:70:07:ac:ec:97:bb:b6:6d:0f:ef:52:9b:2d:
ff:51:6b:8a:86:01:3f:6a:5c:ce:0d:6f:94:27:41:aa:cd:b5:
b4:a4:42:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCQwrj3dzcCZdOwyJNYbOqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA4MDUxMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGM2MzZjMDUzNGYyMTdkOGMwZTYxZGY5Yzk3ZDc4NTcyNGIzZWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjhmPJdhZhcZ/eLZLnLNjwhO35cz
so7RL71ljuw9trgW7UyXdqgg60HVIV7VAwStOq2rcOE8kGacnMwjKWz50WvMQOk0
Q/G3PZrnnT27GGIliJrvIN7xKo9wfDUBfGL1FmI0G0U7qwlccVcP0xq1KfOOEglr
poVmUCBfCeF42dFSua3rWAOTb3viYmAn2hw42qHH858ASB0GhPegQbT/QagSbR8i
R6oNEOEmI0VwU9NHd7XX66ty+OGvUckBxONtQw3HmeKuNwMqZ2tXnN07ypqniF9T
TP+Q4Q7fzh7WIwK9h6l0qv/ewYs8XIFp8A2fnU8iWhKgT5DYWe15VgHsPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA3GNsBTTyF9jA5h35yX14VySz7lMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRGNZMndGTlBJWDJNRG1IZm5KZlhoWEpMUHVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHF9nrQVUT0hKrR9DKjx
SuN97I+L6irDNPW84QLtcsxT0B9060ZJFLLMU7Hr8CLW2ioisx6726bzFPKPCqKj
IzLcq+kI9vqfJHps+wRWgPuEtWBZDI9xcIhsjXPm9MvNuGqG/fimTik6XhpCWpoZ
jjxXHvPMfnyHuKB81pwtGvrPcOBLGNlOGmEz2g7Pch3OPP9ckdijEdGCY/XQekIp
FVNvU45lnaB83Azxi76kT98F4Mh23meZLGtFczFe/+vPeo1Hm9AuTvrQLMdxd+iG
BEkJgH4DWRvZ8SdsMA3acAes7Je7tm0P71KbLf9Ra4qGAT9qXM4Nb5QnQarNtbSk
Qig=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:20:48 2025 by rpki-client