Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HMpzg-nHXkmd-PWbJURC4FHO9LM.roa
File: HMpzg-nHXkmd-PWbJURC4FHO9LM.roa (raw, json)
Hash identifier: JhIwnVY8oasWhef9MlT+db7r+IO8e+YaGPdlA+GIdH0=
Subject key identifier: 1C:CA:73:83:E9:C7:5E:49:9D:F8:F5:9B:25:44:42:E0:51:CE:F4:B3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FEFD19AB72EDFC93DE4A5466CDB59C5BE
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HMpzg-nHXkmd-PWbJURC4FHO9LM.roa
Signing time: Thu 06 Jun 2024 23:10:42 +0000
ROA not before: Thu 06 Jun 2024 23:10:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 07 Jun 2024 00:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ef:d1:9a:b7:2e:df:c9:3d:e4:a5:46:6c:db:59:c5:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 6 23:10:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cca7383e9c75e499df8f59b254442e051cef4b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6b:2f:7a:4e:75:af:e4:12:cd:8a:4a:07:e8:
95:d7:70:90:75:14:13:9a:43:8f:d1:d7:2f:36:3e:
c7:a7:20:fb:21:ec:01:fa:3c:40:6b:35:19:8a:52:
5b:d9:fe:d7:5a:95:d9:2c:fa:1b:6e:87:55:ab:a2:
3b:0b:21:74:d5:16:56:25:0e:31:8b:5e:cb:92:7f:
c7:4c:30:47:a4:33:98:9a:32:f0:9f:0b:1f:da:13:
82:b6:5d:5a:ec:04:20:81:9c:0a:1a:a5:d7:78:1c:
a3:87:85:13:4a:35:dd:76:1c:52:cf:84:2f:28:74:
a5:3a:4d:09:24:20:1a:96:57:6f:b8:6d:5c:c3:36:
8f:4b:87:77:33:a6:9b:c1:22:a0:d7:43:af:49:01:
de:7c:ca:ac:4b:8e:65:b7:ca:de:33:8f:5b:d9:99:
a9:dc:4e:c3:37:39:b3:43:6b:21:cf:d6:0a:c4:60:
9d:34:b1:fc:be:a3:7a:a9:91:5e:8c:61:14:14:66:
9a:51:34:b2:02:a2:d1:27:1c:eb:81:30:c2:4c:ae:
56:4b:b6:26:d5:41:57:4d:c1:19:52:57:d6:8b:1b:
65:2c:6e:77:2a:be:8f:16:88:e6:96:06:1f:79:09:
59:0c:72:7f:b1:b4:da:0b:1a:18:ac:fc:4f:08:4a:
d0:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:CA:73:83:E9:C7:5E:49:9D:F8:F5:9B:25:44:42:E0:51:CE:F4:B3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HMpzg-nHXkmd-PWbJURC4FHO9LM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4c:9c:42:26:63:fe:eb:72:85:de:6b:dd:ea:b9:1c:dc:3e:d5:
2e:27:35:fc:99:fc:3f:18:9e:54:06:e3:b7:2a:36:f9:ef:c2:
cb:27:83:33:68:b9:9b:26:32:fd:19:04:e5:2a:6b:a6:eb:ad:
73:5a:5c:17:8b:53:75:67:bd:c3:0d:6f:ef:d5:56:f6:61:50:
f7:bf:99:7c:a5:98:f0:df:3b:af:8b:96:bc:51:01:ea:be:e5:
9a:5d:16:bf:48:c7:5a:d9:a2:35:13:42:64:2c:a6:30:72:5c:
ff:6a:ec:a7:b7:0a:08:df:48:c5:c9:d4:8b:81:98:aa:c6:c9:
6a:ad:8e:db:cc:ef:0e:b9:35:87:51:29:9c:7f:56:08:38:f5:
72:c0:65:e7:f4:02:72:b2:84:7b:dd:13:18:44:70:6b:a8:29:
9b:34:41:ff:c2:1e:fb:4f:6b:04:6c:a4:e9:3f:8e:5a:99:1e:
1b:0d:00:dd:54:9c:5a:76:b5:86:03:64:b5:02:da:24:bd:9b:
ee:2d:9e:71:36:97:3f:ed:64:4f:23:b9:75:67:09:ed:af:67:
6b:8c:04:af:e2:b1:8d:6a:aa:32:01:0b:fe:ab:17:66:07:0b:
db:ce:24:08:a1:93:6d:e6:5b:b5:b1:cf:eb:1c:06:20:39:db:
13:63:9e:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/v0Zq3Lt/JPeSlRmzbWcW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA2MjMxMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2NhNzM4M2U5Yzc1ZTQ5OWRmOGY1OWIyNTQ0NDJlMDUxY2VmNGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmsvek51r+QSzYpKB+iV13CQdRQT
mkOP0dcvNj7HpyD7IewB+jxAazUZilJb2f7XWpXZLPobbodVq6I7CyF01RZWJQ4x
i17Lkn/HTDBHpDOYmjLwnwsf2hOCtl1a7AQggZwKGqXXeByjh4UTSjXddhxSz4Qv
KHSlOk0JJCAalldvuG1cwzaPS4d3M6abwSKg10OvSQHefMqsS45lt8reM49b2Zmp
3E7DNzmzQ2shz9YKxGCdNLH8vqN6qZFejGEUFGaaUTSyAqLRJxzrgTDCTK5WS7Ym
1UFXTcEZUlfWixtlLG53Kr6PFojmlgYfeQlZDHJ/sbTaCxoYrPxPCErQPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBzKc4Ppx15Jnfj1myVEQuBRzvSzMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSE1wemctbkhYa21kLVBXYkpVUkM0RkhPOUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEycQiZj/utyhd5r3eq5
HNw+1S4nNfyZ/D8YnlQG47cqNvnvwssngzNouZsmMv0ZBOUqa6brrXNaXBeLU3Vn
vcMNb+/VVvZhUPe/mXylmPDfO6+LlrxRAeq+5ZpdFr9Ix1rZojUTQmQspjByXP9q
7Ke3CgjfSMXJ1IuBmKrGyWqtjtvM7w65NYdRKZx/Vgg49XLAZef0AnKyhHvdExhE
cGuoKZs0Qf/CHvtPawRspOk/jlqZHhsNAN1UnFp2tYYDZLUC2iS9m+4tnnE2lz/t
ZE8juXVnCe2vZ2uMBK/isY1qqjIBC/6rF2YHC9vOJAihk23mW7Wxz+scBiA52xNj
nhA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:42 2025 by rpki-client