Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HSwcTjYZRZEDzRxRy1Cq34grdBM.roa
File: HSwcTjYZRZEDzRxRy1Cq34grdBM.roa (raw, json)
Hash identifier: +q9CrdKo3C8oTR7VO+xKMaJQrWWrvlMoDxpn0MesiHQ=
Subject key identifier: 1D:2C:1C:4E:36:19:45:91:03:CD:1C:51:CB:50:AA:DF:88:2B:74:13
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01906C45985DE65FF02348434CBBE903E368
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HSwcTjYZRZEDzRxRy1Cq34grdBM.roa
Signing time: Mon 01 Jul 2024 03:10:18 +0000
ROA not before: Mon 01 Jul 2024 03:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jul 2024 04:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6c:45:98:5d:e6:5f:f0:23:48:43:4c:bb:e9:03:e3:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 1 03:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d2c1c4e3619459103cd1c51cb50aadf882b7413
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7e:11:45:1f:bf:f4:dc:2a:bf:cf:f1:b8:a3:
59:c5:a3:22:ae:3c:33:71:05:c2:69:9d:73:6b:87:
d1:c9:f7:86:03:a9:d2:dd:77:71:c7:37:c1:a4:fa:
3b:2e:43:c8:e5:2d:26:71:4c:d0:ab:51:37:f5:ee:
23:a7:ba:5a:1e:e0:82:13:6b:26:58:82:05:51:75:
8f:8c:3d:13:d5:50:da:ac:61:74:51:25:1f:77:44:
9b:a0:72:b0:5d:14:6b:7f:94:c7:f5:6b:9d:16:33:
c7:34:b3:4f:b9:09:08:0e:ba:a6:8d:d6:0b:47:58:
47:ff:7c:1e:d1:ac:12:d4:64:69:d4:6d:8a:35:c4:
53:8b:04:e3:a9:d7:2d:2b:b3:0d:49:45:e0:66:cb:
68:93:5f:dd:e0:5f:9c:02:ff:8a:60:06:11:bd:d5:
af:a9:8f:c5:67:a7:3c:37:1a:c5:5e:7f:a8:36:ec:
7d:89:18:ce:62:ef:c7:9c:09:1a:01:84:48:b9:d3:
63:38:fb:e6:b6:d3:0d:60:cd:ba:dc:5d:42:65:e6:
50:5f:97:1f:00:67:1e:82:52:ce:18:a0:ad:6d:7f:
fb:9a:6e:f3:d1:7d:48:a1:a7:02:64:c2:a6:c8:4a:
78:73:9e:ae:16:08:b9:16:5e:33:ca:7b:40:33:3d:
32:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:2C:1C:4E:36:19:45:91:03:CD:1C:51:CB:50:AA:DF:88:2B:74:13
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HSwcTjYZRZEDzRxRy1Cq34grdBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:af:d9:66:57:71:91:d5:08:0a:28:09:c6:f8:54:10:37:1d:
99:43:4c:1a:97:51:77:c1:5f:75:bd:bb:75:14:11:70:97:7d:
31:46:87:70:bb:54:a4:7c:2d:87:76:c4:e8:78:e9:28:e4:65:
70:17:78:26:82:6a:23:22:93:c1:1c:c4:70:a5:5a:36:e4:6b:
94:fd:55:89:79:d8:85:bc:15:ac:81:cf:c7:1c:8c:1b:e9:50:
a2:d4:86:80:e2:2e:6e:3a:c6:0c:07:6e:f3:d8:b2:b8:1f:1c:
35:b7:eb:35:20:5f:2d:e2:51:ea:22:22:13:83:93:96:32:77:
39:bd:fa:44:e7:bb:8f:0f:36:03:f6:ee:2c:46:50:f3:ad:49:
49:35:ce:14:1d:17:35:28:8b:df:50:8c:3c:10:ae:39:50:6a:
37:30:c8:1d:29:9b:24:15:30:d8:4d:cb:65:bc:68:25:6c:79:
e4:3d:ba:f4:6c:e8:88:2b:67:f6:ba:d1:99:8a:22:8d:d2:5e:
1d:5b:13:37:9e:65:46:f9:15:4c:63:29:a0:32:db:6f:0e:1c:
e0:9a:56:73:f7:d1:87:0a:2b:26:86:40:0c:2a:54:d9:5f:49:
28:3e:e2:00:03:88:9f:13:cf:a1:d1:96:9f:6e:20:43:dd:e3:
c7:04:1e:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBsRZhd5l/wI0hDTLvpA+NoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAxMDMxMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDJjMWM0ZTM2MTk0NTkxMDNjZDFjNTFjYjUwYWFkZjg4MmI3NDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH4RRR+/9Nwqv8/xuKNZxaMirjwz
cQXCaZ1za4fRyfeGA6nS3XdxxzfBpPo7LkPI5S0mcUzQq1E39e4jp7paHuCCE2sm
WIIFUXWPjD0T1VDarGF0USUfd0SboHKwXRRrf5TH9WudFjPHNLNPuQkIDrqmjdYL
R1hH/3we0awS1GRp1G2KNcRTiwTjqdctK7MNSUXgZstok1/d4F+cAv+KYAYRvdWv
qY/FZ6c8NxrFXn+oNux9iRjOYu/HnAkaAYRIudNjOPvmttMNYM263F1CZeZQX5cf
AGceglLOGKCtbX/7mm7z0X1IoacCZMKmyEp4c56uFgi5Fl4zyntAMz0yhwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB0sHE42GUWRA80cUctQqt+IK3QTMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSFN3Y1RqWVpSWkVEelJ4UnkxQ3EzNGdyZEJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADWv2WZXcZHVCAooCcb4
VBA3HZlDTBqXUXfBX3W9u3UUEXCXfTFGh3C7VKR8LYd2xOh46SjkZXAXeCaCaiMi
k8EcxHClWjbka5T9VYl52IW8FayBz8ccjBvpUKLUhoDiLm46xgwHbvPYsrgfHDW3
6zUgXy3iUeoiIhODk5Yydzm9+kTnu48PNgP27ixGUPOtSUk1zhQdFzUoi99QjDwQ
rjlQajcwyB0pmyQVMNhNy2W8aCVseeQ9uvRs6IgrZ/a60ZmKIo3SXh1bEzeeZUb5
FUxjKaAy228OHOCaVnP30YcKKyaGQAwqVNlfSSg+4gADiJ8Tz6HRlp9uIEPd48cE
HiU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:07 2025 by rpki-client