Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Eo4sjS_dQ-gKVZQ0XgK7I9fsmJk.roa
File: Eo4sjS_dQ-gKVZQ0XgK7I9fsmJk.roa (raw, json)
Hash identifier: lCejEyTcWRi79rRD4JfsEMTbgRvbVLjn5N8LWCzePPo=
Subject key identifier: 12:8E:2C:8D:2F:DD:43:E8:0A:55:94:34:5E:02:BB:23:D7:EC:98:99
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FBE423B8E79AA64BE12815E872AF509DD
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Eo4sjS_dQ-gKVZQ0XgK7I9fsmJk.roa
Signing time: Tue 28 May 2024 08:12:42 +0000
ROA not before: Tue 28 May 2024 08:12:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 May 2024 09:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:be:42:3b:8e:79:aa:64:be:12:81:5e:87:2a:f5:09:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 28 08:12:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=128e2c8d2fdd43e80a5594345e02bb23d7ec9899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:dd:7f:de:6d:07:41:75:9b:33:f6:33:09:a8:
dd:e3:47:a5:88:7f:f7:a6:0a:6c:3f:25:78:0f:49:
a8:f6:a2:b0:98:04:4c:34:30:ed:ba:15:f5:42:00:
53:45:5a:65:85:3f:e2:59:b8:96:ef:b5:e6:4f:94:
92:84:86:b4:79:cd:26:65:8b:ba:e0:31:dd:b7:5a:
99:c8:f2:d0:b5:46:76:95:c9:40:eb:ca:4f:39:61:
67:2e:18:af:e0:dd:4c:71:54:04:a1:24:4b:b2:18:
d8:03:ca:1f:51:64:0a:e3:13:8f:d0:2b:8b:10:c0:
fe:88:3a:c3:45:9a:bc:44:ce:14:43:8f:7b:5f:e6:
4a:2c:49:27:de:db:3b:d1:61:23:17:80:54:c8:3f:
34:79:d7:90:cb:89:8d:c0:ff:24:d4:ae:10:5e:41:
d9:74:06:aa:be:7e:f9:22:9b:7d:1b:72:22:9c:ed:
a1:32:66:89:dc:aa:27:c6:c0:44:b8:57:4b:a3:ec:
b4:ea:61:fc:43:13:fe:de:d0:df:83:df:0a:b2:64:
44:98:60:11:19:c9:64:d9:ea:ef:89:d4:2a:82:b1:
79:f2:1f:53:dd:85:51:4e:00:0d:41:20:5c:44:8e:
28:b8:9e:0b:57:80:93:72:b9:44:d7:49:29:18:8d:
fd:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:8E:2C:8D:2F:DD:43:E8:0A:55:94:34:5E:02:BB:23:D7:EC:98:99
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Eo4sjS_dQ-gKVZQ0XgK7I9fsmJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:7e:fe:a8:3f:8d:99:72:aa:7e:3a:a4:3b:5b:2b:d7:60:f8:
4f:30:73:8b:8e:29:03:7f:8b:e4:49:de:77:ba:51:1d:38:98:
33:95:80:8d:22:d0:25:fc:0d:dd:cc:c7:f0:46:65:48:f7:db:
b9:6f:79:cf:9b:6d:a2:ea:c4:67:06:54:5d:5e:d3:e7:d2:58:
be:85:63:c1:a2:c7:07:fd:00:c7:1d:50:7d:ab:5e:62:3c:e6:
6d:60:51:5c:20:a3:c3:7f:b2:7c:d3:2a:38:9e:c3:c9:12:e0:
9e:c5:26:24:d5:eb:b2:93:57:fd:8d:fb:a5:4a:ad:30:67:94:
4a:d8:33:8c:4b:4a:9a:63:de:88:d0:6f:9e:fa:f3:62:25:b5:
d5:60:7f:25:85:3f:82:c1:5a:b3:2c:88:53:a0:c0:98:6e:cf:
55:f1:9e:5f:b0:c3:30:01:51:a8:cb:c6:f5:ff:a2:cb:72:6f:
ee:b2:da:5d:35:24:cc:ba:b9:d5:89:dc:3e:74:44:ed:27:7e:
c4:14:9f:29:a6:1f:03:07:9c:17:d4:75:f3:6e:ac:01:07:21:
82:d4:fd:62:dd:bd:1c:d5:c6:4c:e6:cc:33:d0:d8:9f:fd:f2:
98:6f:6b:2f:41:5b:a5:9b:1c:1b:75:ed:58:a8:f2:34:3c:f3:
e5:39:31:8c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY++QjuOeapkvhKBXocq9QndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI4MDgxMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjhlMmM4ZDJmZGQ0M2U4MGE1NTk0MzQ1ZTAyYmIyM2Q3ZWM5ODk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApt1/3m0HQXWbM/YzCajd40eliH/3
pgpsPyV4D0mo9qKwmARMNDDtuhX1QgBTRVplhT/iWbiW77XmT5SShIa0ec0mZYu6
4DHdt1qZyPLQtUZ2lclA68pPOWFnLhiv4N1McVQEoSRLshjYA8ofUWQK4xOP0CuL
EMD+iDrDRZq8RM4UQ497X+ZKLEkn3ts70WEjF4BUyD80edeQy4mNwP8k1K4QXkHZ
dAaqvn75Ipt9G3IinO2hMmaJ3KonxsBEuFdLo+y06mH8QxP+3tDfg98KsmREmGAR
Gclk2ervidQqgrF58h9T3YVRTgANQSBcRI4ouJ4LV4CTcrlE10kpGI392wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBKOLI0v3UPoClWUNF4CuyPX7JiZMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRW80c2pTX2RRLWdLVlpRMFhnSzdJOWZzbUprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGZ+/qg/jZlyqn46pDtb
K9dg+E8wc4uOKQN/i+RJ3ne6UR04mDOVgI0i0CX8Dd3Mx/BGZUj327lvec+bbaLq
xGcGVF1e0+fSWL6FY8Gixwf9AMcdUH2rXmI85m1gUVwgo8N/snzTKjiew8kS4J7F
JiTV67KTV/2N+6VKrTBnlErYM4xLSppj3ojQb57682IltdVgfyWFP4LBWrMsiFOg
wJhuz1Xxnl+wwzABUajLxvX/ostyb+6y2l01JMy6udWJ3D50RO0nfsQUnymmHwMH
nBfUdfNurAEHIYLU/WLdvRzVxkzmzDPQ2J/98phvay9BW6WbHBt17Vio8jQ88+U5
MYw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:55 2025 by rpki-client