Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/J4QCZYdNKkVTFNZmX8aq5daC-Q0.roa
File: J4QCZYdNKkVTFNZmX8aq5daC-Q0.roa (raw, json)
Hash identifier: dTAbS/jdyrgjRUPivzdNI9GQlXz8HdCSQ9fW9PxSOFw=
Subject key identifier: 27:84:02:65:87:4D:2A:45:53:14:D6:66:5F:C6:AA:E5:D6:82:F9:0D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FC630DEAC814DD00639885B2A2F7B7D7E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/J4QCZYdNKkVTFNZmX8aq5daC-Q0.roa
Signing time: Wed 29 May 2024 21:10:42 +0000
ROA not before: Wed 29 May 2024 21:10:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 May 2024 22:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c6:30:de:ac:81:4d:d0:06:39:88:5b:2a:2f:7b:7d:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 29 21:10:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27840265874d2a455314d6665fc6aae5d682f90d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a4:fa:39:2c:dd:91:d5:a6:29:d4:4c:1b:2f:
69:aa:16:aa:15:26:07:cb:d5:27:df:a9:78:32:3e:
0b:5f:68:cc:44:45:f1:56:61:33:ec:bc:cb:28:dc:
a9:e8:36:bc:44:96:83:18:69:99:6a:75:59:c7:9c:
a6:fd:31:de:21:b0:04:05:8d:91:4b:21:fa:34:53:
bb:c3:8f:28:57:a0:60:63:17:1d:2c:28:66:1e:06:
f4:59:48:4f:19:e3:c7:72:11:48:55:67:35:e5:cf:
53:ca:0b:c9:36:28:02:26:92:b7:40:4f:89:8d:c0:
09:dd:bf:69:3b:ff:02:07:cc:65:bf:26:05:f0:69:
0e:d1:22:1d:00:62:1b:75:d1:d0:db:61:77:57:5e:
25:69:bf:31:22:df:fa:f4:ce:92:e0:ef:d3:a2:c1:
c7:88:05:7e:96:e6:de:2f:d7:58:55:d3:49:e0:b7:
8c:95:87:2d:62:e8:a5:a3:b2:64:84:fc:e5:88:69:
c1:76:ec:9e:0f:40:c5:a0:39:32:52:6c:60:e9:0f:
fd:ba:22:21:51:43:85:9d:bd:cb:2f:35:3d:a0:f8:
24:56:3b:c1:3f:73:3b:10:e2:60:fc:81:30:c4:82:
00:56:33:1a:64:65:2c:5f:3a:0b:6c:5a:fb:fa:f3:
06:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:84:02:65:87:4D:2A:45:53:14:D6:66:5F:C6:AA:E5:D6:82:F9:0D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/J4QCZYdNKkVTFNZmX8aq5daC-Q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:e1:cf:4e:05:f3:31:24:1f:94:14:be:31:23:75:29:d9:c2:
02:f2:33:ed:80:1e:ff:02:eb:8e:47:07:3e:92:a1:15:07:f6:
10:9e:83:69:c9:e4:3c:ec:1c:07:1f:c7:49:5f:10:78:6b:30:
13:fc:c7:b4:78:4e:91:9b:26:00:42:28:6e:70:66:93:d0:03:
cf:e2:88:b1:6a:91:de:b9:78:80:df:54:9f:56:3e:92:a7:1f:
7d:a9:44:60:c6:b4:33:66:68:95:22:36:1e:88:ab:e5:23:cc:
8f:1a:94:97:19:f2:24:db:f8:91:ac:ac:2d:46:62:30:1c:00:
7f:9e:ee:ef:ca:ac:5d:68:d0:21:5c:e8:f8:95:ca:22:e9:bb:
e3:17:06:62:56:ce:e9:b8:3d:ff:fc:0d:b3:e7:c0:d2:ee:fd:
0e:ae:fb:b7:b1:08:c6:0f:32:1c:a6:65:0f:bc:02:d8:c4:9c:
1a:1b:5f:93:5f:46:7b:84:99:c2:fb:73:5c:19:bc:77:b2:cd:
2f:e5:fd:da:39:8e:2c:1e:5e:15:7a:ef:39:b0:dd:f9:4d:9d:
72:46:82:b9:12:a1:5d:99:8a:f4:48:23:8d:8e:09:4a:27:27:
31:4a:66:4e:b2:3e:6a:6a:f8:03:08:63:ab:11:99:fa:b6:81:
69:1e:0e:18
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/GMN6sgU3QBjmIWyove31+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI5MjExMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzg0MDI2NTg3NGQyYTQ1NTMxNGQ2NjY1ZmM2YWFlNWQ2ODJmOTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqT6OSzdkdWmKdRMGy9pqhaqFSYH
y9Un36l4Mj4LX2jMREXxVmEz7LzLKNyp6Da8RJaDGGmZanVZx5ym/THeIbAEBY2R
SyH6NFO7w48oV6BgYxcdLChmHgb0WUhPGePHchFIVWc15c9TygvJNigCJpK3QE+J
jcAJ3b9pO/8CB8xlvyYF8GkO0SIdAGIbddHQ22F3V14lab8xIt/69M6S4O/TosHH
iAV+lubeL9dYVdNJ4LeMlYctYuilo7JkhPzliGnBduyeD0DFoDkyUmxg6Q/9uiIh
UUOFnb3LLzU9oPgkVjvBP3M7EOJg/IEwxIIAVjMaZGUsXzoLbFr7+vMGmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCeEAmWHTSpFUxTWZl/GquXWgvkNMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSjRRQ1pZZE5La1ZURk5abVg4YXE1ZGFDLVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD3hz04F8zEkH5QUvjEj
dSnZwgLyM+2AHv8C645HBz6SoRUH9hCeg2nJ5DzsHAcfx0lfEHhrMBP8x7R4TpGb
JgBCKG5wZpPQA8/iiLFqkd65eIDfVJ9WPpKnH32pRGDGtDNmaJUiNh6Iq+UjzI8a
lJcZ8iTb+JGsrC1GYjAcAH+e7u/KrF1o0CFc6PiVyiLpu+MXBmJWzum4Pf/8DbPn
wNLu/Q6u+7exCMYPMhymZQ+8AtjEnBobX5NfRnuEmcL7c1wZvHeyzS/l/do5jiwe
XhV67zmw3flNnXJGgrkSoV2ZivRII42OCUonJzFKZk6yPmpq+AMIY6sRmfq2gWke
Dhg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:01 2025 by rpki-client