Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/K4TF-2naaqTqHO8RFvCm6hVbhLc.roa
File: K4TF-2naaqTqHO8RFvCm6hVbhLc.roa (raw, json)
Hash identifier: hEc3g1+aVhRojSkdfdsGAnhNlpWLspZqvbZyrGIfOK4=
Subject key identifier: 2B:84:C5:FB:69:DA:6A:A4:EA:1C:EF:11:16:F0:A6:EA:15:5B:84:B7
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FD8DBB22EFD4E64A62F8628C02F1CA75C
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/K4TF-2naaqTqHO8RFvCm6hVbhLc.roa
Signing time: Sun 02 Jun 2024 12:10:27 +0000
ROA not before: Sun 02 Jun 2024 12:10:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 02 Jun 2024 13:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d8:db:b2:2e:fd:4e:64:a6:2f:86:28:c0:2f:1c:a7:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 2 12:10:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b84c5fb69da6aa4ea1cef1116f0a6ea155b84b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:65:d9:b7:70:c5:54:5e:ff:2f:09:bb:4f:4a:
a7:73:db:1b:3b:6f:af:55:83:4a:b2:80:e6:89:fb:
c3:d8:83:6e:de:3c:e4:90:2d:3c:10:15:8f:74:ac:
3a:d2:ba:db:dd:10:8a:bc:9f:c6:fc:4b:ed:93:bb:
cb:db:42:60:57:12:c1:e4:f4:0d:37:7f:2d:b4:f0:
d5:59:3d:89:3f:42:ff:5c:15:9c:7c:c1:f2:2f:7a:
e6:29:10:1f:8c:da:7e:91:0b:07:b8:01:e3:c3:73:
cf:a7:10:92:1e:22:c6:19:7c:dc:fa:85:f8:1c:d0:
d5:2a:64:34:f5:68:53:a9:04:b8:e1:ed:bd:ed:04:
07:a2:4d:7b:bf:e4:6f:d9:dd:96:a5:95:c1:0e:1e:
e5:65:83:4d:da:84:58:20:b1:9b:2a:59:4c:35:fc:
17:f2:d0:62:1b:4e:b7:f0:97:00:a6:11:a6:69:e9:
58:29:4d:fe:df:26:80:b6:b5:f6:be:5e:1f:1a:ac:
ae:b8:36:3f:a1:f7:ad:2e:68:c1:ff:19:c4:34:77:
85:3d:a4:3f:39:c3:6a:87:ad:de:95:26:05:ad:ae:
79:01:9d:fc:21:f1:96:b5:a1:a5:74:c1:80:6d:cd:
7c:28:3b:7d:2d:3b:77:0e:db:0b:8a:f8:4b:7a:82:
76:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:84:C5:FB:69:DA:6A:A4:EA:1C:EF:11:16:F0:A6:EA:15:5B:84:B7
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/K4TF-2naaqTqHO8RFvCm6hVbhLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:34:c9:a7:c9:65:9d:da:bf:86:8b:0f:71:a8:2d:e0:ed:8d:
87:6e:48:ba:7b:87:7a:01:ef:43:d4:88:ea:2f:1c:ab:35:73:
1a:15:9b:1b:70:d3:71:ff:9f:f1:72:97:c3:dd:05:74:1f:d5:
e7:7c:c2:61:d7:67:75:a9:d7:e1:c3:25:f8:e3:8c:7b:f8:83:
68:dc:a1:ed:31:e9:36:57:08:58:08:33:08:de:97:88:a7:0b:
ed:04:1e:0f:df:f8:28:b1:e0:5f:9d:b3:dc:54:c0:e7:b1:82:
a7:78:06:96:49:7b:3e:47:8f:7b:98:88:69:04:da:34:40:14:
e1:41:9f:de:a2:21:12:11:b3:ac:8c:0f:82:8e:ea:45:23:a6:
d4:cb:e0:f0:ea:c0:9b:81:2a:07:9a:c2:ce:c0:9f:89:72:c3:
04:99:23:99:e9:82:a1:5e:ee:39:5c:3b:3f:bc:c9:1a:4d:77:
49:34:85:ba:28:a4:4a:84:7c:fe:3e:8b:c5:69:0b:ed:2d:c9:
fb:fd:a1:a1:c0:19:a9:dc:48:98:a6:f9:7f:d8:21:ed:ae:33:
d6:c4:11:7b:9c:f4:c1:83:76:41:b7:fe:44:b6:39:9a:d6:60:
b7:69:e7:87:ab:9e:43:4c:9b:3e:b8:45:2b:28:61:fc:b9:ff:
42:b6:02:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/Y27Iu/U5kpi+GKMAvHKdcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAyMTIxMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjg0YzVmYjY5ZGE2YWE0ZWExY2VmMTExNmYwYTZlYTE1NWI4NGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmXZt3DFVF7/Lwm7T0qnc9sbO2+v
VYNKsoDmifvD2INu3jzkkC08EBWPdKw60rrb3RCKvJ/G/Evtk7vL20JgVxLB5PQN
N38ttPDVWT2JP0L/XBWcfMHyL3rmKRAfjNp+kQsHuAHjw3PPpxCSHiLGGXzc+oX4
HNDVKmQ09WhTqQS44e297QQHok17v+Rv2d2WpZXBDh7lZYNN2oRYILGbKllMNfwX
8tBiG0638JcAphGmaelYKU3+3yaAtrX2vl4fGqyuuDY/ofetLmjB/xnENHeFPaQ/
OcNqh63elSYFra55AZ38IfGWtaGldMGAbc18KDt9LTt3DtsLivhLeoJ2nQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCuExftp2mqk6hzvERbwpuoVW4S3MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSzRURi0ybmFhcVRxSE84UkZ2Q202aFZiaExjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACw0yafJZZ3av4aLD3Go
LeDtjYduSLp7h3oB70PUiOovHKs1cxoVmxtw03H/n/Fyl8PdBXQf1ed8wmHXZ3Wp
1+HDJfjjjHv4g2jcoe0x6TZXCFgIMwjel4inC+0EHg/f+Cix4F+ds9xUwOexgqd4
BpZJez5Hj3uYiGkE2jRAFOFBn96iIRIRs6yMD4KO6kUjptTL4PDqwJuBKgeaws7A
n4lywwSZI5npgqFe7jlcOz+8yRpNd0k0hboopEqEfP4+i8VpC+0tyfv9oaHAGanc
SJim+X/YIe2uM9bEEXuc9MGDdkG3/kS2OZrWYLdp54ernkNMmz64RSsoYfy5/0K2
Atc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:51 2024 by rpki-client on console-fra.rpki-client.org