Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IDspNpGs5SuqWGrGEcHDLSkxpxw.roa
File: IDspNpGs5SuqWGrGEcHDLSkxpxw.roa (raw, json)
Hash identifier: /9BS8CI7gvwG+17EANOHpdMd4sG5cO5JhpvdaCd+cF4=
Subject key identifier: 20:3B:29:36:91:AC:E5:2B:AA:58:6A:C6:11:C1:C3:2D:29:31:A7:1C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01908C3D7D6ED6BFB407AA9DF6711D960FA9
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IDspNpGs5SuqWGrGEcHDLSkxpxw.roa
Signing time: Sun 07 Jul 2024 08:09:18 +0000
ROA not before: Sun 07 Jul 2024 08:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 07 Jul 2024 09:04:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8c:3d:7d:6e:d6:bf:b4:07:aa:9d:f6:71:1d:96:0f:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 7 08:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=203b293691ace52baa586ac611c1c32d2931a71c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d8:4c:78:24:03:ad:41:59:68:6e:9c:4e:00:
d8:68:db:c9:a4:e2:f9:ba:b5:f2:a7:4a:e2:75:28:
49:02:8e:87:3b:60:38:d3:0c:db:03:02:69:b9:8c:
0d:25:4c:c4:a8:09:88:85:95:5f:03:56:22:78:e1:
f9:06:98:ee:e7:f1:10:f1:9d:f6:7e:46:08:1a:1e:
0b:2a:24:ab:f4:9a:80:e4:93:42:ad:b2:dd:a3:33:
a9:71:77:03:af:c1:ac:16:cf:66:13:72:ff:b3:a3:
87:1b:11:c3:7f:bc:2e:96:27:26:e3:ca:26:d4:1f:
5f:17:30:10:34:2c:71:77:3e:c0:6e:df:a0:31:c7:
de:3a:52:e9:5c:e2:31:7b:46:5e:33:32:c5:45:e9:
5b:db:3a:ec:a5:47:0c:21:3b:ee:fa:65:3f:af:03:
d5:5d:16:cc:2c:9a:60:23:de:67:67:0b:19:97:be:
c0:d6:0d:51:61:2a:3f:4a:a7:b1:fd:38:eb:ff:da:
0b:d3:fe:34:80:92:62:90:fd:68:7b:4a:02:1b:b0:
a0:a2:02:be:88:f5:71:44:4d:db:5e:e8:67:74:f8:
9b:bf:d1:74:89:be:a5:a4:73:97:ff:43:dd:b1:a0:
5f:a6:7c:6b:ff:7a:8c:bc:85:85:a1:75:b3:a1:ba:
b6:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:3B:29:36:91:AC:E5:2B:AA:58:6A:C6:11:C1:C3:2D:29:31:A7:1C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IDspNpGs5SuqWGrGEcHDLSkxpxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:86:e9:ac:ea:7e:06:b8:b5:ee:2b:0b:44:03:27:ad:1a:3a:
9a:fd:5d:9c:0c:02:14:bc:d0:1c:32:17:6a:33:83:5e:73:1e:
de:67:66:5b:07:17:3a:40:74:b6:97:f0:ba:03:e7:d3:2d:77:
93:3d:68:d1:e4:96:cd:ba:75:d2:8b:40:03:d1:0a:90:e1:1a:
21:1b:bb:22:56:f5:ed:23:71:22:82:b0:b6:19:91:ab:f3:1e:
ac:b5:e1:3a:37:02:65:24:2b:8e:91:ab:71:c7:4a:38:74:17:
c6:a6:dd:55:d8:fa:53:8f:3c:64:c1:01:b9:b8:89:58:72:b9:
dc:d6:13:44:94:44:2f:a8:81:4c:5b:7f:a8:44:84:5f:55:9a:
bc:40:0a:e6:6b:21:3c:a5:a4:fa:86:ee:2f:ce:6b:65:a0:00:
05:62:b1:0e:da:0b:7f:7d:a8:1d:b6:82:ca:02:b4:e0:b7:63:
28:6a:6d:83:28:92:2b:6d:af:89:4c:cf:3c:43:23:fc:9f:08:
08:0e:1d:9e:a6:cd:e4:a0:5e:a6:d1:59:34:e1:5f:0b:e4:b9:
c4:bd:75:0e:0d:d2:1e:97:2c:21:f9:c2:07:5a:6a:68:36:ce:
bc:ad:8c:b9:1b:59:81:10:d4:bf:54:aa:bc:31:c2:5c:6d:58:
77:9f:62:7b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCMPX1u1r+0B6qd9nEdlg+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA3MDgwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDNiMjkzNjkxYWNlNTJiYWE1ODZhYzYxMWMxYzMyZDI5MzFhNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdhMeCQDrUFZaG6cTgDYaNvJpOL5
urXyp0ridShJAo6HO2A40wzbAwJpuYwNJUzEqAmIhZVfA1YieOH5Bpju5/EQ8Z32
fkYIGh4LKiSr9JqA5JNCrbLdozOpcXcDr8GsFs9mE3L/s6OHGxHDf7wulicm48om
1B9fFzAQNCxxdz7Abt+gMcfeOlLpXOIxe0ZeMzLFRelb2zrspUcMITvu+mU/rwPV
XRbMLJpgI95nZwsZl77A1g1RYSo/Sqex/Tjr/9oL0/40gJJikP1oe0oCG7CgogK+
iPVxRE3bXuhndPibv9F0ib6lpHOX/0PdsaBfpnxr/3qMvIWFoXWzobq2dQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCA7KTaRrOUrqlhqxhHBwy0pMaccMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSURzcE5wR3M1U3VxV0dyR0VjSERMU2t4cHh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA6G6azqfga4te4rC0QD
J60aOpr9XZwMAhS80BwyF2ozg15zHt5nZlsHFzpAdLaX8LoD59Mtd5M9aNHkls26
ddKLQAPRCpDhGiEbuyJW9e0jcSKCsLYZkavzHqy14To3AmUkK46Rq3HHSjh0F8am
3VXY+lOPPGTBAbm4iVhyudzWE0SURC+ogUxbf6hEhF9VmrxACuZrITylpPqG7i/O
a2WgAAVisQ7aC399qB22gsoCtOC3YyhqbYMokittr4lMzzxDI/yfCAgOHZ6mzeSg
XqbRWTThXwvkucS9dQ4N0h6XLCH5wgdaamg2zrytjLkbWYEQ1L9UqrwxwlxtWHef
Yns=
-----END CERTIFICATE-----
Generated at Sun Jul 7 11:10:27 2024 by rpki-client on console-ams.rpki-client.org