Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HyJQeY5oKii13EIN6iqWVUFTq4Q.roa
File: HyJQeY5oKii13EIN6iqWVUFTq4Q.roa (raw, json)
Hash identifier: RWH4BfdKpwZ/QhNNK4wKxJAmArHRwmhky6bTnHQCTMI=
Subject key identifier: 1F:22:50:79:8E:68:2A:28:B5:DC:42:0D:EA:2A:96:55:41:53:AB:84
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190AB563EC4FDF464A3438C5BBAE0139ACD
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HyJQeY5oKii13EIN6iqWVUFTq4Q.roa
Signing time: Sat 13 Jul 2024 09:04:34 +0000
ROA not before: Sat 13 Jul 2024 09:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:ab56:24c1/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 13 Jul 2024 09:11:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ab:56:3e:c4:fd:f4:64:a3:43:8c:5b:ba:e0:13:9a:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 13 09:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f2250798e682a28b5dc420dea2a96554153ab84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:78:aa:53:48:aa:d7:9f:5a:30:ad:db:a3:6b:
95:8d:e1:ae:74:52:7c:7b:96:4e:9d:2c:6f:7b:0d:
8f:aa:49:96:f7:bc:4a:dc:59:6b:30:de:a2:1c:86:
50:21:c4:5b:93:61:eb:37:39:4a:bc:67:32:41:e0:
3d:dc:25:59:da:34:59:ee:2d:a5:86:3d:e2:37:ad:
f1:a7:1a:49:7b:a7:0f:a6:85:4b:77:55:79:20:2c:
cb:ad:7f:79:50:33:11:49:20:ae:44:dc:21:36:24:
7d:5d:61:aa:b8:31:97:14:8c:a5:51:34:d4:5d:17:
21:d1:0e:be:14:b7:65:87:83:7d:0d:62:02:e3:53:
d9:14:16:14:60:b2:ff:a3:6f:29:c4:a1:e4:63:38:
66:b4:34:2f:5f:92:9a:1d:33:18:47:c5:91:a3:13:
d3:4f:bc:8a:16:7e:b4:89:06:88:eb:7c:04:be:af:
d3:6c:23:02:85:1e:ac:d1:58:63:61:77:2f:f9:c7:
a5:0a:a1:f2:f6:17:41:b4:43:cb:bb:a9:fc:64:0a:
95:14:24:d6:7b:3f:3d:71:82:3f:9a:20:b8:8c:c2:
a8:b1:f0:f0:64:20:63:c6:3d:9d:70:49:83:64:2a:
7a:61:fe:c5:b4:a9:69:0f:1f:6c:6f:54:46:40:55:
83:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:22:50:79:8E:68:2A:28:B5:DC:42:0D:EA:2A:96:55:41:53:AB:84
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HyJQeY5oKii13EIN6iqWVUFTq4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:4f:8d:72:cd:1e:e5:f5:ef:03:2c:86:b1:ca:3f:d7:9f:db:
6e:be:a7:74:f9:f1:92:17:70:e8:de:71:57:4d:5e:c9:de:4d:
75:b6:f6:1f:a0:8f:ae:2c:67:cf:d2:2b:ef:6c:3e:27:53:c7:
3b:9e:72:27:1f:0a:48:76:c7:7c:fa:d5:6b:21:11:80:fc:51:
f6:47:08:90:4c:a6:60:be:cc:e9:41:7c:4f:cb:60:f6:85:42:
d7:d7:17:b4:98:58:6c:8b:e8:33:69:c5:21:ae:ec:3b:4b:13:
fb:eb:53:ea:2d:19:cd:43:d5:81:5e:c4:51:1e:cd:3a:c9:bb:
05:f5:6e:55:6d:62:11:0d:96:9f:24:14:ca:95:d6:65:0f:f6:
83:8d:a7:d2:98:ac:ca:18:d5:0f:f1:fb:3c:42:f7:d6:0e:26:
32:2f:dc:16:30:9f:81:9a:07:c4:97:2e:54:c6:ed:04:70:b7:
a0:3c:4d:69:cb:4b:84:3b:32:e0:de:72:1b:ff:bf:de:28:8d:
f0:5e:cb:fa:fb:09:40:62:b9:45:c9:74:00:a4:4b:bc:db:33:
44:dc:59:0d:4f:d3:31:9e:7d:2c:41:03:13:23:8a:aa:92:91:
b5:fe:b3:5c:c4:ba:90:f5:59:57:35:0d:20:27:6b:41:58:93:
cc:71:b8:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCrVj7E/fRko0OMW7rgE5rNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEzMDkwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjIyNTA3OThlNjgyYTI4YjVkYzQyMGRlYTJhOTY1NTQxNTNhYjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApniqU0iq159aMK3bo2uVjeGudFJ8
e5ZOnSxvew2PqkmW97xK3FlrMN6iHIZQIcRbk2HrNzlKvGcyQeA93CVZ2jRZ7i2l
hj3iN63xpxpJe6cPpoVLd1V5ICzLrX95UDMRSSCuRNwhNiR9XWGquDGXFIylUTTU
XRch0Q6+FLdlh4N9DWIC41PZFBYUYLL/o28pxKHkYzhmtDQvX5KaHTMYR8WRoxPT
T7yKFn60iQaI63wEvq/TbCMChR6s0VhjYXcv+celCqHy9hdBtEPLu6n8ZAqVFCTW
ez89cYI/miC4jMKosfDwZCBjxj2dcEmDZCp6Yf7FtKlpDx9sb1RGQFWD0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB8iUHmOaCootdxCDeoqllVBU6uEMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSHlKUWVZNW9LaWkxM0VJTjZpcVdWVUZUcTRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJhPjXLNHuX17wMshrHK
P9ef226+p3T58ZIXcOjecVdNXsneTXW29h+gj64sZ8/SK+9sPidTxzuecicfCkh2
x3z61WshEYD8UfZHCJBMpmC+zOlBfE/LYPaFQtfXF7SYWGyL6DNpxSGu7DtLE/vr
U+otGc1D1YFexFEezTrJuwX1blVtYhENlp8kFMqV1mUP9oONp9KYrMoY1Q/x+zxC
99YOJjIv3BYwn4GaB8SXLlTG7QRwt6A8TWnLS4Q7MuDechv/v94ojfBey/r7CUBi
uUXJdACkS7zbM0TcWQ1P0zGefSxBAxMjiqqSkbX+s1zEupD1WVc1DSAna0FYk8xx
uIE=
-----END CERTIFICATE-----
Generated at Sat Jul 13 11:28:05 2024 by rpki-client on console-fra.rpki-client.org