Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KT8MPP3sj2ojZNp02v10gdSaPJc.roa
File: KT8MPP3sj2ojZNp02v10gdSaPJc.roa (raw, json)
Hash identifier: cn7C41Z3mf9MDE1NBIn4XEStEAlX0wL62qeDbSTvzj8=
Subject key identifier: 29:3F:0C:3C:FD:EC:8F:6A:23:64:DA:74:DA:FD:74:81:D4:9A:3C:97
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190826161D00D06CEB2930547C36B91979C
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KT8MPP3sj2ojZNp02v10gdSaPJc.roa
Signing time: Fri 05 Jul 2024 10:12:18 +0000
ROA not before: Fri 05 Jul 2024 10:12:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 05 Jul 2024 11:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:82:61:61:d0:0d:06:ce:b2:93:05:47:c3:6b:91:97:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 5 10:12:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=293f0c3cfdec8f6a2364da74dafd7481d49a3c97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ae:e6:0f:bf:b3:a4:28:31:e7:98:7d:07:08:
82:50:36:88:99:d3:c8:c3:ab:25:ec:8d:f8:82:cb:
12:c9:04:94:01:fa:1d:03:25:45:3e:87:cf:9c:1f:
da:f2:36:9a:ee:4b:5a:bf:a8:b9:74:83:1c:4d:89:
45:54:41:7a:ef:9a:38:38:81:9e:20:16:91:90:39:
49:01:53:37:87:63:5a:ee:3c:df:81:79:2b:81:44:
b5:88:6f:56:ee:d7:cb:9c:6f:79:29:56:6e:6b:18:
b5:85:81:bd:fd:6b:bf:22:50:1a:c2:21:f1:c4:94:
81:84:63:db:bc:49:3a:f0:b9:91:88:20:d4:67:d6:
d6:cf:61:c5:17:e5:29:c9:f1:81:14:ff:d6:e2:af:
a3:93:b6:46:9b:3e:59:c4:61:8e:ec:c9:2f:1c:e1:
96:2f:bc:06:46:15:f7:d5:ce:78:6c:b7:40:6b:5b:
c9:b8:be:5d:f5:f3:4d:fb:37:fa:88:74:18:ac:22:
08:05:05:ee:d0:29:c3:ca:49:d5:69:f7:e1:76:59:
a4:4d:f3:dc:ff:40:ef:cd:a7:70:ab:64:3d:0a:32:
a3:7e:d2:9b:49:96:ff:d0:20:87:e0:f9:53:e9:ca:
aa:4a:a5:d1:9e:a6:fc:a1:76:12:a1:a9:f4:db:04:
52:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:3F:0C:3C:FD:EC:8F:6A:23:64:DA:74:DA:FD:74:81:D4:9A:3C:97
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KT8MPP3sj2ojZNp02v10gdSaPJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
23:d2:e0:e4:2b:05:d1:44:97:8b:a0:9c:63:6e:f0:ca:f3:40:
a5:d7:85:d5:02:4b:1f:0a:9e:93:44:b4:b4:55:86:e6:f6:82:
4d:e7:12:bb:c5:7e:07:dd:be:d6:80:01:89:ba:89:aa:6b:62:
b7:7f:1e:9e:55:d6:db:ab:42:0d:40:b5:bd:58:5d:84:a6:da:
f8:25:7d:39:99:12:e4:0d:a5:a7:59:3d:90:ab:4a:3f:ce:56:
96:58:61:85:ae:16:28:1c:36:3b:c4:87:64:bc:7e:79:af:23:
7f:72:ee:99:2c:95:8d:4a:d2:35:b4:7c:18:f1:d4:4c:9d:01:
58:be:49:a1:1c:a9:b7:be:46:76:2c:e4:d3:a6:ed:c6:2d:bf:
94:2d:ee:32:c0:fb:e9:09:97:31:2b:13:90:1b:d8:5d:fb:9a:
f0:6d:57:37:00:ca:18:b3:32:6a:62:d7:3e:bc:0d:bc:49:39:
cf:c9:c5:2a:6e:59:3c:18:38:51:fc:89:82:f5:df:4d:46:c8:
e5:37:e1:14:b3:62:98:d6:ab:a9:63:05:54:fc:a8:f1:6b:24:
a8:25:07:82:52:f2:15:76:34:7b:37:9c:4d:b7:dd:73:4f:fd:
2b:5e:46:db:eb:ed:cc:fa:65:8a:de:4d:e1:27:5d:75:33:23:
2a:93:29:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCCYWHQDQbOspMFR8NrkZecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA1MTAxMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTNmMGMzY2ZkZWM4ZjZhMjM2NGRhNzRkYWZkNzQ4MWQ0OWEzYzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAya7mD7+zpCgx55h9BwiCUDaImdPI
w6sl7I34gssSyQSUAfodAyVFPofPnB/a8jaa7ktav6i5dIMcTYlFVEF675o4OIGe
IBaRkDlJAVM3h2Na7jzfgXkrgUS1iG9W7tfLnG95KVZuaxi1hYG9/Wu/IlAawiHx
xJSBhGPbvEk68LmRiCDUZ9bWz2HFF+UpyfGBFP/W4q+jk7ZGmz5ZxGGO7MkvHOGW
L7wGRhX31c54bLdAa1vJuL5d9fNN+zf6iHQYrCIIBQXu0CnDyknVaffhdlmkTfPc
/0Dvzadwq2Q9CjKjftKbSZb/0CCH4PlT6cqqSqXRnqb8oXYSoan02wRS1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCk/DDz97I9qI2TadNr9dIHUmjyXMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvS1Q4TVBQM3NqMm9qWk5wMDJ2MTBnZFNhUEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACPS4OQrBdFEl4ugnGNu
8MrzQKXXhdUCSx8KnpNEtLRVhub2gk3nErvFfgfdvtaAAYm6iaprYrd/Hp5V1tur
Qg1Atb1YXYSm2vglfTmZEuQNpadZPZCrSj/OVpZYYYWuFigcNjvEh2S8fnmvI39y
7pkslY1K0jW0fBjx1EydAVi+SaEcqbe+RnYs5NOm7cYtv5Qt7jLA++kJlzErE5Ab
2F37mvBtVzcAyhizMmpi1z68DbxJOc/JxSpuWTwYOFH8iYL1301GyOU34RSzYpjW
q6ljBVT8qPFrJKglB4JS8hV2NHs3nE233XNP/SteRtvr7cz6ZYreTeEnXXUzIyqT
Kf4=
-----END CERTIFICATE-----
Generated at Fri Jul 5 13:49:19 2024 by rpki-client on console-ams.rpki-client.org