Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/FnOqWZveMHEq5iPhzl--8StgFfs.roa
File: FnOqWZveMHEq5iPhzl--8StgFfs.roa (raw, json)
Hash identifier: reny4v17LMnfAIAVDA3pe1JiZ9P6J4PEzyZOLZspVMs=
Subject key identifier: 16:73:AA:59:9B:DE:30:71:2A:E6:23:E1:CE:5F:BE:F1:2B:60:15:FB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190201919F9FD0D59B792A52D6ADFF748C4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/FnOqWZveMHEq5iPhzl--8StgFfs.roa
Signing time: Sun 16 Jun 2024 08:10:34 +0000
ROA not before: Sun 16 Jun 2024 08:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 16 Jun 2024 09:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:20:19:19:f9:fd:0d:59:b7:92:a5:2d:6a:df:f7:48:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 16 08:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1673aa599bde30712ae623e1ce5fbef12b6015fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a0:6b:1c:3b:6a:a0:63:5a:c1:7d:fc:ed:90:
c6:fa:56:ee:15:8b:0d:e4:70:2a:8f:0d:05:6d:d9:
5f:1c:71:7c:cc:70:ae:fe:ab:e7:e7:2b:29:1a:be:
83:d2:fa:7d:26:51:9e:53:fc:5f:d6:98:2f:1e:35:
61:5b:5d:d0:b3:ec:f8:fd:c1:07:1f:16:3a:a4:dd:
b8:f6:c7:11:17:4a:6b:e9:db:c7:50:f0:65:fa:30:
c0:d1:da:d3:b9:35:2e:70:cc:60:43:a4:48:1d:72:
d0:82:a0:e5:e5:1b:05:2d:4b:a4:8a:0d:6d:fb:fa:
f0:b7:a2:29:25:23:2e:d0:7d:37:08:b3:ec:f7:cb:
92:39:9b:f8:1f:f8:84:7e:0b:30:c5:5a:87:99:20:
6d:93:5b:c8:6a:1c:b1:93:02:f4:d9:ff:49:ac:91:
b0:2f:8a:e3:cb:fd:fe:26:c3:42:0b:0c:38:d9:c2:
87:b9:33:8b:85:53:cc:cb:81:24:75:d4:5d:98:1a:
b3:62:e2:9f:0e:af:c9:50:e0:56:3a:b7:4e:d9:86:
86:b4:9b:16:bf:60:91:38:76:12:d1:e2:cf:9b:e5:
23:a9:65:4e:e2:33:57:da:59:8e:70:14:05:02:20:
81:39:9c:77:66:f0:9e:b0:18:55:a4:88:af:61:24:
8b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:73:AA:59:9B:DE:30:71:2A:E6:23:E1:CE:5F:BE:F1:2B:60:15:FB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/FnOqWZveMHEq5iPhzl--8StgFfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8a:b0:fa:a3:e9:10:cb:e5:90:0d:f2:15:a5:76:bf:9d:d9:97:
75:00:d5:7b:45:2c:ed:5d:e5:fb:9e:2f:b7:29:61:d0:e7:69:
e7:4d:49:a3:61:9a:a7:9e:9c:e9:cc:90:d1:88:be:77:ab:2d:
d6:da:f9:78:90:7e:4e:43:5b:f6:30:b0:97:ca:d9:2a:54:2e:
f6:38:4e:a2:5c:a4:c1:74:92:b4:8f:69:71:a7:dd:44:b0:d8:
80:7c:8b:bc:b8:9e:66:50:9f:d1:ab:f1:a2:72:e5:43:26:bc:
d8:a2:ef:c5:ec:c6:96:bb:b5:46:10:0f:24:c4:2b:c9:64:aa:
21:78:b6:56:6f:10:0b:58:77:73:84:05:53:d9:36:58:d0:80:
28:74:ac:98:b9:89:ea:2b:17:48:6a:22:29:61:d5:68:04:e5:
b3:7a:f8:64:4d:45:09:4e:43:d2:bd:a4:96:9b:98:6d:f3:04:
2d:0e:0e:34:fb:08:38:af:4e:af:c4:d3:a3:03:13:2f:d0:1c:
3c:a6:4d:5b:12:e3:de:a4:d0:52:3f:ba:a9:73:b3:68:af:da:
2a:0b:97:01:f1:b8:f1:ca:48:a9:48:b5:86:66:64:f3:da:df:
e9:ea:83:fd:d3:1f:6a:8c:bd:46:eb:af:5f:a6:e6:ef:d0:03:
a9:1d:6d:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAgGRn5/Q1Zt5KlLWrf90jEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE2MDgxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjczYWE1OTliZGUzMDcxMmFlNjIzZTFjZTVmYmVmMTJiNjAxNWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKBrHDtqoGNawX387ZDG+lbuFYsN
5HAqjw0FbdlfHHF8zHCu/qvn5yspGr6D0vp9JlGeU/xf1pgvHjVhW13Qs+z4/cEH
HxY6pN249scRF0pr6dvHUPBl+jDA0drTuTUucMxgQ6RIHXLQgqDl5RsFLUukig1t
+/rwt6IpJSMu0H03CLPs98uSOZv4H/iEfgswxVqHmSBtk1vIahyxkwL02f9JrJGw
L4rjy/3+JsNCCww42cKHuTOLhVPMy4EkddRdmBqzYuKfDq/JUOBWOrdO2YaGtJsW
v2CROHYS0eLPm+UjqWVO4jNX2lmOcBQFAiCBOZx3ZvCesBhVpIivYSSLXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBZzqlmb3jBxKuYj4c5fvvErYBX7MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRm5PcVdadmVNSEVxNWlQaHpsLS04U3RnRmZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIqw+qPpEMvlkA3yFaV2
v53Zl3UA1XtFLO1d5fueL7cpYdDnaedNSaNhmqeenOnMkNGIvnerLdba+XiQfk5D
W/YwsJfK2SpULvY4TqJcpMF0krSPaXGn3USw2IB8i7y4nmZQn9Gr8aJy5UMmvNii
78Xsxpa7tUYQDyTEK8lkqiF4tlZvEAtYd3OEBVPZNljQgCh0rJi5ieorF0hqIilh
1WgE5bN6+GRNRQlOQ9K9pJabmG3zBC0ODjT7CDivTq/E06MDEy/QHDymTVsS496k
0FI/uqlzs2iv2ioLlwHxuPHKSKlItYZmZPPa3+nqg/3TH2qMvUbrr1+m5u/QA6kd
bZA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:58 2025 by rpki-client