Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ep48JfjzjGJKmorJyNBdO9Ay5Mo.roa
File: Ep48JfjzjGJKmorJyNBdO9Ay5Mo.roa (raw, json)
Hash identifier: OeyTCM2ws1FTEDib4ZzpUqsDm9mNhq6FxlVjVJBFyE0=
Subject key identifier: 12:9E:3C:25:F8:F3:8C:62:4A:9A:8A:C9:C8:D0:5D:3B:D0:32:E4:CA
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019089744C796AB11D75DCEEEADADCBEF315
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ep48JfjzjGJKmorJyNBdO9Ay5Mo.roa
Signing time: Sat 06 Jul 2024 19:10:18 +0000
ROA not before: Sat 06 Jul 2024 19:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 06 Jul 2024 20:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:89:74:4c:79:6a:b1:1d:75:dc:ee:ea:da:dc:be:f3:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 6 19:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=129e3c25f8f38c624a9a8ac9c8d05d3bd032e4ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:54:e4:00:fb:68:c3:5a:3e:81:6f:79:1a:94:
00:0b:51:55:20:a9:d4:61:ad:0d:de:72:60:ca:cd:
72:97:6e:88:2f:30:91:da:68:6d:30:57:6c:cd:48:
ab:ca:07:9e:15:f2:62:49:60:22:38:c1:8c:b1:94:
7b:a4:2f:37:31:b4:d5:e5:de:bf:2d:fc:64:f0:72:
fd:35:04:1d:22:19:af:21:94:21:b1:d5:1e:5d:47:
64:3e:26:54:9c:8f:88:34:94:72:b5:11:82:d3:79:
5a:ab:e7:f4:b8:9b:e3:6e:23:d9:39:b0:a4:d7:82:
7b:7c:56:dd:22:6e:40:e7:7d:91:c9:9a:3d:b1:56:
f9:60:c1:2c:39:7c:22:5f:a5:71:60:c4:54:c1:97:
cd:9e:c4:4d:15:39:60:06:4e:2b:8e:2e:a2:99:6a:
b7:1c:e4:b6:60:4e:74:a2:2d:4a:60:e0:5a:8a:70:
9a:f0:f7:0d:fa:3f:1b:fb:87:89:92:9a:e3:d5:d4:
ae:12:fa:79:4f:0b:59:82:f4:66:ed:03:b7:46:16:
2c:2d:15:05:c7:54:f6:09:5f:7d:0f:33:fc:cd:13:
9d:ca:30:31:f8:dd:3f:f5:ba:b6:ea:82:a6:e9:12:
92:13:51:fa:0b:21:db:03:b3:00:8e:e3:11:ff:9c:
41:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:9E:3C:25:F8:F3:8C:62:4A:9A:8A:C9:C8:D0:5D:3B:D0:32:E4:CA
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ep48JfjzjGJKmorJyNBdO9Ay5Mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8b:74:d9:a9:b4:f3:2d:97:0a:85:20:01:4e:70:fa:0c:50:96:
ba:83:8b:34:2f:7e:c1:d1:c1:62:23:89:39:4c:d2:ec:41:c4:
61:dc:d2:93:70:85:7d:ba:5f:f9:72:45:de:e2:aa:73:8f:c5:
ca:ab:76:ea:0e:4f:d9:9c:b0:b6:32:db:33:b3:f9:8c:22:d6:
88:5d:58:75:f2:b0:2c:47:16:93:44:2e:ba:02:ac:50:f5:1c:
2c:c5:74:9f:b6:58:b4:3b:13:70:22:97:e7:ff:fa:43:4a:f3:
92:2d:7e:2f:73:1c:01:28:0b:d0:0c:94:f8:59:91:bb:2e:e4:
28:3b:1d:1c:12:6f:35:e0:d1:fb:50:80:ed:a4:5e:10:f6:00:
57:81:74:02:05:59:0c:2a:88:b3:b1:ee:cc:d3:87:ba:8f:49:
e2:8a:0e:f4:33:07:1a:2c:d3:f0:d9:3f:11:fa:bd:85:d7:e3:
cf:d3:c3:46:96:d3:f0:ce:65:7e:cd:b5:69:c3:a6:eb:9e:ca:
f6:57:e7:b8:1b:66:59:bd:e9:ad:c0:2e:d1:0e:1d:7f:47:cb:
9b:1c:52:69:a9:44:44:9f:64:eb:b1:41:d0:fe:81:64:80:db:
e6:d7:5c:a3:e9:06:19:a9:99:1f:d0:c9:db:d9:69:1a:e0:6f:
c0:5e:55:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCJdEx5arEdddzu6trcvvMVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA2MTkxMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjllM2MyNWY4ZjM4YzYyNGE5YThhYzljOGQwNWQzYmQwMzJlNGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVTkAPtow1o+gW95GpQAC1FVIKnU
Ya0N3nJgys1yl26ILzCR2mhtMFdszUirygeeFfJiSWAiOMGMsZR7pC83MbTV5d6/
Lfxk8HL9NQQdIhmvIZQhsdUeXUdkPiZUnI+INJRytRGC03laq+f0uJvjbiPZObCk
14J7fFbdIm5A532RyZo9sVb5YMEsOXwiX6VxYMRUwZfNnsRNFTlgBk4rji6imWq3
HOS2YE50oi1KYOBainCa8PcN+j8b+4eJkprj1dSuEvp5TwtZgvRm7QO3RhYsLRUF
x1T2CV99DzP8zROdyjAx+N0/9bq26oKm6RKSE1H6CyHbA7MAjuMR/5xB6QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBKePCX484xiSpqKycjQXTvQMuTKMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRXA0OEpmanpqR0pLbW9ySnlOQmRPOUF5NU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIt02am08y2XCoUgAU5w
+gxQlrqDizQvfsHRwWIjiTlM0uxBxGHc0pNwhX26X/lyRd7iqnOPxcqrduoOT9mc
sLYy2zOz+Ywi1ohdWHXysCxHFpNELroCrFD1HCzFdJ+2WLQ7E3Ail+f/+kNK85It
fi9zHAEoC9AMlPhZkbsu5Cg7HRwSbzXg0ftQgO2kXhD2AFeBdAIFWQwqiLOx7szT
h7qPSeKKDvQzBxos0/DZPxH6vYXX48/Tw0aW0/DOZX7NtWnDpuueyvZX57gbZlm9
6a3ALtEOHX9Hy5scUmmpRESfZOuxQdD+gWSA2+bXXKPpBhmpmR/QydvZaRrgb8Be
VbM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:18:16 2025 by rpki-client