Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KRMMlbMWs32q_L87v5AZuSXNHV8.roa
File: KRMMlbMWs32q_L87v5AZuSXNHV8.roa (raw, json)
Hash identifier: CX7EeGowGRB/QUhctZXu8vBIHxpin4xqy3QZVDblH2Q=
Subject key identifier: 29:13:0C:95:B3:16:B3:7D:AA:FC:BF:3B:BF:90:19:B9:25:CD:1D:5F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190234B962CFE73B69FF4F415C8A1F3A475
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KRMMlbMWs32q_L87v5AZuSXNHV8.roa
Signing time: Sun 16 Jun 2024 23:04:34 +0000
ROA not before: Sun 16 Jun 2024 23:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:234b:3eb5/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 16 Jun 2024 23:11:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:23:4b:96:2c:fe:73:b6:9f:f4:f4:15:c8:a1:f3:a4:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 16 23:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29130c95b316b37daafcbf3bbf9019b925cd1d5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c3:b7:3c:77:8a:1a:b2:35:5e:7f:32:ec:d5:
62:a4:c4:8c:ef:77:92:f4:47:00:84:65:5c:72:c5:
4c:d3:71:86:d1:0d:7b:b0:73:ff:d1:2e:67:f7:ab:
ec:ef:92:be:5e:a1:72:08:62:86:c2:59:43:be:b7:
b2:cc:3e:96:64:76:54:11:3f:a6:7c:85:0a:8a:96:
c1:8b:aa:d8:c3:41:e7:0f:63:26:93:72:82:e8:85:
8b:b1:59:f5:a2:42:a5:e7:fa:9a:cc:57:c2:bb:d5:
03:30:c7:10:62:19:87:fd:57:f4:d9:ad:aa:29:7d:
9e:da:bc:92:fd:86:63:a0:32:88:d5:3a:4c:49:93:
10:e0:2f:6d:83:20:ec:73:70:a0:eb:4a:ec:9c:6c:
29:9b:bf:b9:58:68:59:ca:fc:b1:c7:30:51:27:6b:
67:2f:9c:bc:32:a6:a6:ad:bf:76:9c:da:0e:68:04:
9b:1c:d2:cd:66:54:7d:97:b6:91:57:78:df:cc:43:
5a:cb:17:01:0d:e5:4b:67:e3:34:1a:b5:77:c7:cc:
69:f2:a6:c4:94:04:c7:1c:88:69:67:d0:5b:86:f6:
f4:e9:8f:b4:39:5b:b6:e5:94:c3:24:80:fa:2f:3a:
cd:62:06:a6:02:d3:28:89:fd:03:f3:09:a1:77:24:
2c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:13:0C:95:B3:16:B3:7D:AA:FC:BF:3B:BF:90:19:B9:25:CD:1D:5F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KRMMlbMWs32q_L87v5AZuSXNHV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
94:9b:89:94:6c:b6:94:87:b7:d5:ca:4d:4a:0b:f4:b0:f4:89:
3b:56:30:dd:d9:4a:95:9d:b4:92:96:b3:ba:b1:21:f3:fc:59:
30:b4:c8:4e:e8:a6:56:64:15:1d:e9:d6:a6:e0:72:f9:39:cb:
7b:9d:84:9c:b7:ed:b1:5f:54:4d:8f:f7:36:64:f9:86:6c:c1:
36:c7:4c:22:08:54:98:64:9e:00:65:98:b0:42:ec:96:0f:26:
6e:11:43:25:61:36:9a:57:2e:45:9c:94:e8:f3:76:5f:d7:ea:
43:81:d3:7d:65:cf:35:e5:d9:a1:5d:41:f6:94:0f:4f:44:8b:
51:29:3b:e2:f7:13:91:93:ba:c3:f1:81:e2:2a:65:bb:01:b6:
ac:e9:56:9b:12:60:e8:12:06:09:ac:ef:f7:37:22:3b:d8:d5:
39:e2:ea:d8:d4:1b:32:0a:9b:79:af:03:7b:68:f3:aa:1d:c6:
01:e1:ef:09:35:3e:c2:38:ef:38:9a:8c:fd:8e:61:f2:dc:74:
69:a7:4e:9e:dd:de:88:00:65:4a:e4:0e:21:6a:0e:fa:5d:28:
38:05:ba:32:9d:24:59:7e:24:85:20:d3:41:76:1d:56:9c:3a:
a3:bd:1b:d7:fe:bf:aa:3c:cb:0c:57:b2:8a:b2:45:15:b7:53:
a4:8c:2b:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAjS5Ys/nO2n/T0Fcih86R1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE2MjMwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTEzMGM5NWIzMTZiMzdkYWFmY2JmM2JiZjkwMTliOTI1Y2QxZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5cO3PHeKGrI1Xn8y7NVipMSM73eS
9EcAhGVccsVM03GG0Q17sHP/0S5n96vs75K+XqFyCGKGwllDvreyzD6WZHZUET+m
fIUKipbBi6rYw0HnD2Mmk3KC6IWLsVn1okKl5/qazFfCu9UDMMcQYhmH/Vf02a2q
KX2e2ryS/YZjoDKI1TpMSZMQ4C9tgyDsc3Cg60rsnGwpm7+5WGhZyvyxxzBRJ2tn
L5y8Mqamrb92nNoOaASbHNLNZlR9l7aRV3jfzENayxcBDeVLZ+M0GrV3x8xp8qbE
lATHHIhpZ9Bbhvb06Y+0OVu25ZTDJID6LzrNYgamAtMoif0D8wmhdyQskwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCkTDJWzFrN9qvy/O7+QGbklzR1fMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvS1JNTWxiTVdzMzJxX0w4N3Y1QVp1U1hOSFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJSbiZRstpSHt9XKTUoL
9LD0iTtWMN3ZSpWdtJKWs7qxIfP8WTC0yE7oplZkFR3p1qbgcvk5y3udhJy37bFf
VE2P9zZk+YZswTbHTCIIVJhkngBlmLBC7JYPJm4RQyVhNppXLkWclOjzdl/X6kOB
031lzzXl2aFdQfaUD09Ei1EpO+L3E5GTusPxgeIqZbsBtqzpVpsSYOgSBgms7/c3
IjvY1Tni6tjUGzIKm3mvA3to86odxgHh7wk1PsI47ziajP2OYfLcdGmnTp7d3ogA
ZUrkDiFqDvpdKDgFujKdJFl+JIUg00F2HVacOqO9G9f+v6o8ywxXsoqyRRW3U6SM
K5M=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:28 2025 by rpki-client