Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IT_5t33qQM35cfsYIdvUTTmmVbA.roa
File: IT_5t33qQM35cfsYIdvUTTmmVbA.roa (raw, json)
Hash identifier: VPVb9/A0rCcFrBF5EstjeTnZh1aBOz5Xn91YBkA7v20=
Subject key identifier: 21:3F:F9:B7:7D:EA:40:CD:F9:71:FB:18:21:DB:D4:4D:39:A6:55:B0
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190995665C2EAAE452A19F32FECFCAE1C06
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IT_5t33qQM35cfsYIdvUTTmmVbA.roa
Signing time: Tue 09 Jul 2024 21:11:34 +0000
ROA not before: Tue 09 Jul 2024 21:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Jul 2024 22:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:99:56:65:c2:ea:ae:45:2a:19:f3:2f:ec:fc:ae:1c:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 9 21:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=213ff9b77dea40cdf971fb1821dbd44d39a655b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:99:2a:fc:7f:4c:7f:58:74:68:74:3a:2e:42:
b8:aa:7f:26:68:3f:8b:79:7c:df:3e:a2:56:29:05:
8a:04:3d:32:c3:4f:b3:c0:31:8d:0f:5c:d7:50:8a:
5c:be:7f:89:79:3a:94:2c:d0:8f:ec:2c:f4:65:81:
0f:89:d3:88:34:8c:15:ad:37:0a:69:54:ff:ed:cc:
85:e9:02:21:5c:62:b1:a8:58:a5:87:57:63:b8:a7:
7a:cc:f9:e2:15:6d:61:13:5b:64:52:10:c3:5f:56:
90:ff:49:f8:eb:63:b8:e5:b2:c6:c2:33:bd:7f:80:
a8:8e:49:3e:63:99:fb:3b:48:fd:9a:26:fa:f0:0c:
0b:ac:c6:b8:b9:3a:59:90:7c:53:54:ea:43:4e:65:
92:25:fd:4b:87:85:3e:aa:e5:b8:2e:a9:9d:2d:be:
76:f4:e4:4c:81:e9:4e:b0:cb:d7:52:1f:24:4b:4a:
69:cf:b2:89:72:70:52:93:27:3e:c2:64:09:df:87:
83:3d:5a:9a:03:9e:3e:a4:c2:f3:75:3b:6c:a5:da:
b8:f3:99:89:2e:2b:32:12:48:df:e6:fa:af:bc:fc:
a3:82:16:71:9d:f2:63:13:aa:4b:e5:73:75:ed:a7:
9d:08:e7:79:28:8a:2a:f3:f2:78:d5:ea:0e:c9:3d:
ac:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:3F:F9:B7:7D:EA:40:CD:F9:71:FB:18:21:DB:D4:4D:39:A6:55:B0
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IT_5t33qQM35cfsYIdvUTTmmVbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:7a:4b:09:79:43:fe:66:1d:b6:fe:c2:cb:35:bc:57:1a:94:
b0:4f:31:f4:b5:b6:e2:0a:85:23:58:e9:48:66:dc:19:05:21:
1f:48:f8:e2:24:dc:f5:09:b1:de:1c:b5:63:41:8b:02:34:a3:
96:61:be:94:3b:ac:90:98:7c:2e:b4:d6:6f:fb:11:ad:11:6a:
87:7b:b9:a3:62:a1:46:e7:70:87:85:39:29:0b:24:93:c8:cd:
3e:02:11:ac:e5:45:b2:49:e2:98:3a:e0:68:60:dd:1a:b3:1f:
ee:c6:0e:7f:3e:07:b4:7b:4f:e9:ed:05:fc:a2:f2:35:03:cd:
f6:d3:c2:12:99:88:e0:67:60:27:50:07:09:f7:a9:98:97:89:
ca:3a:2a:18:ac:2e:60:37:66:08:6c:52:ad:e6:eb:b0:a7:51:
98:c3:48:9d:09:63:73:23:98:f6:df:5f:ac:cc:e0:49:d0:4c:
5c:08:f1:a5:f4:0a:15:22:08:72:fa:f8:4d:8c:9d:e2:cd:b1:
cf:47:89:ea:c4:b1:ea:71:22:e8:91:da:cd:16:60:d6:d7:9b:
e6:0e:cb:0a:f8:0f:92:04:df:af:dc:24:f7:75:9c:6d:0a:fd:
b4:88:be:9f:b6:a5:5b:80:a8:c1:24:6c:36:48:ee:b5:35:f4:
d6:96:b9:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCZVmXC6q5FKhnzL+z8rhwGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA5MjExMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTNmZjliNzdkZWE0MGNkZjk3MWZiMTgyMWRiZDQ0ZDM5YTY1NWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZkq/H9Mf1h0aHQ6LkK4qn8maD+L
eXzfPqJWKQWKBD0yw0+zwDGND1zXUIpcvn+JeTqULNCP7Cz0ZYEPidOINIwVrTcK
aVT/7cyF6QIhXGKxqFilh1djuKd6zPniFW1hE1tkUhDDX1aQ/0n462O45bLGwjO9
f4Cojkk+Y5n7O0j9mib68AwLrMa4uTpZkHxTVOpDTmWSJf1Lh4U+quW4LqmdLb52
9ORMgelOsMvXUh8kS0ppz7KJcnBSkyc+wmQJ34eDPVqaA54+pMLzdTtspdq485mJ
LisyEkjf5vqvvPyjghZxnfJjE6pL5XN17aedCOd5KIoq8/J41eoOyT2sEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCE/+bd96kDN+XH7GCHb1E05plWwMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSVRfNXQzM3FRTTM1Y2ZzWUlkdlVUVG1tVmJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFJ6Swl5Q/5mHbb+wss1
vFcalLBPMfS1tuIKhSNY6Uhm3BkFIR9I+OIk3PUJsd4ctWNBiwI0o5ZhvpQ7rJCY
fC601m/7Ea0Raod7uaNioUbncIeFOSkLJJPIzT4CEazlRbJJ4pg64Ghg3RqzH+7G
Dn8+B7R7T+ntBfyi8jUDzfbTwhKZiOBnYCdQBwn3qZiXico6KhisLmA3ZghsUq3m
67CnUZjDSJ0JY3MjmPbfX6zM4EnQTFwI8aX0ChUiCHL6+E2MneLNsc9HierEsepx
IuiR2s0WYNbXm+YOywr4D5IE36/cJPd1nG0K/bSIvp+2pVuAqMEkbDZI7rU19NaW
ueE=
Generated at Tue Jul 9 23:11:36 2024 by rpki-client on console-fra.rpki-client.org