Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/G5U5lkRcDP3SWEBo8FHTM80xRzo.roa
File: G5U5lkRcDP3SWEBo8FHTM80xRzo.roa (raw, json)
Hash identifier: cPlGpxYtD88brG6aXXg1mNo9NxneWdX4ifdluKLEvjY=
Subject key identifier: 1B:95:39:96:44:5C:0C:FD:D2:58:40:68:F0:51:D3:33:CD:31:47:3A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01909FC483C8D8ED3810ACB7D6FFB32E1FC0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/G5U5lkRcDP3SWEBo8FHTM80xRzo.roa
Signing time: Thu 11 Jul 2024 03:09:34 +0000
ROA not before: Thu 11 Jul 2024 03:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jul 2024 04:05:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9f:c4:83:c8:d8:ed:38:10:ac:b7:d6:ff:b3:2e:1f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 11 03:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b953996445c0cfdd2584068f051d333cd31473a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:15:59:57:35:f4:45:ea:36:18:bb:ff:e6:4f:
41:e4:f2:e2:ae:03:90:cf:b1:97:82:e5:ce:54:bc:
e5:69:c8:aa:65:da:b4:23:35:92:0b:6f:3f:46:af:
ea:13:40:6c:be:a1:6c:e9:64:7a:9c:45:1e:c1:ce:
66:b4:58:fe:de:8d:3b:f4:18:8d:b0:a4:f0:61:91:
0c:83:03:53:60:41:c0:a0:a5:bb:4e:3c:82:ea:a2:
c6:f0:38:3c:16:2b:7b:ee:50:4d:de:9c:da:67:85:
7b:f8:61:99:01:b4:5c:c8:5d:d3:bf:74:b6:bb:ba:
03:e7:48:1b:84:c4:af:7c:b3:6e:fd:73:9b:30:9b:
ae:c2:9a:10:5b:96:aa:76:2f:1e:08:b8:e8:a7:b2:
0c:b6:5f:e0:8c:97:73:34:a4:be:50:21:fc:19:0f:
24:a7:96:c4:38:17:7d:85:14:45:76:8d:e7:41:ce:
11:18:1b:88:f9:1e:f5:a2:37:ac:c5:15:b1:62:49:
42:6f:96:b4:39:8a:fd:21:65:0e:6f:74:7f:7c:b5:
29:b9:74:ec:65:52:11:13:95:80:da:7f:1f:8f:01:
36:59:e0:f9:fd:e3:b1:db:f5:82:32:6f:65:5a:56:
63:94:8f:e2:a2:51:5e:33:4e:a5:c4:3f:30:9b:e7:
0b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:95:39:96:44:5C:0C:FD:D2:58:40:68:F0:51:D3:33:CD:31:47:3A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/G5U5lkRcDP3SWEBo8FHTM80xRzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2e:57:78:6a:ab:84:3a:b1:ef:d8:32:da:d3:a5:6c:ec:16:f0:
c8:7f:26:ae:0b:7c:dd:f6:1d:64:8d:59:d2:fc:06:8e:fe:7d:
0f:6e:32:eb:92:42:b0:5c:7e:69:2c:46:5b:d2:e6:1c:59:f5:
0c:c0:6c:5e:a1:c0:ed:29:92:cc:d5:7f:bd:7f:c1:4e:e5:57:
b3:27:4d:3d:8d:c7:35:3e:92:e5:e5:9d:05:ee:6f:bc:84:d2:
37:f6:1f:c0:03:4f:a2:ab:e7:2c:a9:73:b8:82:a6:41:b3:7f:
46:46:74:e0:fd:13:1f:89:11:13:88:8a:98:54:3e:8f:ce:b3:
14:85:af:01:79:48:72:c9:40:cf:af:1d:82:a0:72:a4:24:a3:
09:42:59:2d:2c:14:ee:63:93:7b:9b:8b:51:d7:4c:93:aa:8d:
d1:bd:b8:50:c2:b3:75:04:b2:43:30:c9:4c:f5:07:83:6a:a6:
33:75:c9:4c:9c:61:27:6a:70:13:22:33:85:8a:46:0c:84:55:
f1:1b:80:40:0c:a1:5f:61:50:ea:b7:e1:07:0f:c3:b3:b3:8a:
d4:be:60:9c:cf:bd:ec:09:1d:e5:79:cb:98:cf:02:50:eb:f9:
06:b1:ec:13:4c:76:81:ce:b4:28:74:37:a2:8a:e2:02:08:34:
1e:7f:4d:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCfxIPI2O04EKy31v+zLh/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzExMDMwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjk1Mzk5NjQ0NWMwY2ZkZDI1ODQwNjhmMDUxZDMzM2NkMzE0NzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7hVZVzX0Reo2GLv/5k9B5PLirgOQ
z7GXguXOVLzlaciqZdq0IzWSC28/Rq/qE0BsvqFs6WR6nEUewc5mtFj+3o079BiN
sKTwYZEMgwNTYEHAoKW7TjyC6qLG8Dg8Fit77lBN3pzaZ4V7+GGZAbRcyF3Tv3S2
u7oD50gbhMSvfLNu/XObMJuuwpoQW5aqdi8eCLjop7IMtl/gjJdzNKS+UCH8GQ8k
p5bEOBd9hRRFdo3nQc4RGBuI+R71ojesxRWxYklCb5a0OYr9IWUOb3R/fLUpuXTs
ZVIRE5WA2n8fjwE2WeD5/eOx2/WCMm9lWlZjlI/iolFeM06lxD8wm+cLPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBuVOZZEXAz90lhAaPBR0zPNMUc6MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRzVVNWxrUmNEUDNTV0VCbzhGSFRNODB4UnpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC5XeGqrhDqx79gy2tOl
bOwW8Mh/Jq4LfN32HWSNWdL8Bo7+fQ9uMuuSQrBcfmksRlvS5hxZ9QzAbF6hwO0p
kszVf71/wU7lV7MnTT2NxzU+kuXlnQXub7yE0jf2H8ADT6Kr5yypc7iCpkGzf0ZG
dOD9Ex+JEROIiphUPo/OsxSFrwF5SHLJQM+vHYKgcqQkowlCWS0sFO5jk3ubi1HX
TJOqjdG9uFDCs3UEskMwyUz1B4NqpjN1yUycYSdqcBMiM4WKRgyEVfEbgEAMoV9h
UOq34QcPw7OzitS+YJzPvewJHeV5y5jPAlDr+Qax7BNMdoHOtCh0N6KK4gIINB5/
TfQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:02 2025 by rpki-client