Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MGWwP12rC4ETWf5n3lKYuO7C1yA.roa
File: MGWwP12rC4ETWf5n3lKYuO7C1yA.roa (raw, json)
Hash identifier: ClCFPD4OYFCDbWiwZ0fUuqlRHsh2YpvQkeF6wZJyLJk=
Subject key identifier: 30:65:B0:3F:5D:AB:0B:81:13:59:FE:67:DE:52:98:B8:EE:C2:D7:20
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FB83E51307B40DC1D6872602F4820CA15
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MGWwP12rC4ETWf5n3lKYuO7C1yA.roa
Signing time: Mon 27 May 2024 04:10:42 +0000
ROA not before: Mon 27 May 2024 04:10:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 27 May 2024 05:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b8:3e:51:30:7b:40:dc:1d:68:72:60:2f:48:20:ca:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 27 04:10:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3065b03f5dab0b811359fe67de5298b8eec2d720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:10:bb:f0:ff:50:5d:25:8b:9d:ba:63:5f:92:
ed:e7:3f:58:26:dd:6f:54:7d:35:68:cc:d3:50:91:
43:89:af:25:95:fd:ee:69:9c:1c:a4:d0:63:17:e3:
21:75:ad:84:9a:3d:fd:d6:79:ba:7d:bb:cd:58:93:
48:68:09:7f:fc:4a:79:2e:41:57:00:a5:73:55:b8:
b7:5f:41:d2:96:d6:e7:ae:6d:49:ab:ec:2d:a0:2f:
ef:96:2a:fb:66:7d:a1:57:4e:1c:da:8f:a3:2d:93:
05:64:e9:8e:32:fc:fb:fe:bc:7b:ff:9d:d3:19:1d:
73:e5:e0:6d:55:df:7c:6f:70:49:16:0e:82:74:79:
7d:34:08:79:f0:50:d3:43:f0:c5:4c:b7:0e:d2:51:
b2:79:67:66:44:ae:11:c9:a5:c4:05:aa:29:aa:69:
b6:aa:94:78:d5:49:2d:83:d6:68:fb:45:3a:f2:53:
ad:b5:d8:c2:9c:58:14:2c:1b:17:27:8b:f1:d4:d9:
ba:ee:55:14:46:d3:07:21:88:15:ab:8c:f9:83:e9:
d3:9b:6c:93:24:a4:b1:3e:d7:a3:d3:97:f0:eb:bd:
0d:d4:7b:db:b5:fc:6b:bd:c7:16:fc:ea:dc:d5:e4:
60:55:87:91:f4:2d:36:19:9a:d9:5a:eb:60:2e:01:
c0:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:65:B0:3F:5D:AB:0B:81:13:59:FE:67:DE:52:98:B8:EE:C2:D7:20
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MGWwP12rC4ETWf5n3lKYuO7C1yA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:45:e6:d8:84:f0:a8:df:4a:b5:f2:b5:b1:d1:c7:7d:be:3a:
e1:1d:14:f5:ba:35:7e:3d:55:1e:dc:af:f4:4a:8a:ac:1b:8a:
03:5c:c6:d0:ed:34:bb:ed:d9:62:49:1c:cd:c4:52:3f:80:da:
88:7a:8d:5b:5c:52:50:fa:fb:01:4d:ce:3a:0a:ad:07:9c:0f:
94:6e:19:ab:71:ca:69:25:da:4a:62:05:bd:e0:34:46:50:ca:
28:08:e4:3e:6c:b0:bc:dd:94:fe:d6:8d:37:8f:82:1d:14:95:
fb:05:e2:75:cd:cf:96:b8:3e:c1:7d:4a:a8:20:a2:31:b6:21:
bd:45:b4:3b:47:56:db:cb:f8:0a:97:57:4f:fd:4e:ca:49:f7:
c4:3c:bf:68:ee:29:1c:a4:54:48:4c:c2:2b:ab:8c:e9:82:74:
98:3f:21:90:9b:a5:92:f5:cd:19:f8:90:95:4a:c3:ba:db:4a:
ff:ce:25:69:cb:e6:a9:e0:28:8c:02:a3:a7:dd:5a:db:67:a6:
d3:1e:c4:d5:2f:63:f3:90:7a:22:ed:f1:b2:6b:2f:40:53:bc:
fc:fb:6a:35:6a:fc:f4:9c:57:ff:b6:f5:62:47:5d:d0:5d:d4:
37:f4:35:64:bd:df:2b:b8:16:5c:55:2c:46:1c:f6:52:d7:36:
f5:f3:a2:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+4PlEwe0DcHWhyYC9IIMoVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI3MDQxMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDY1YjAzZjVkYWIwYjgxMTM1OWZlNjdkZTUyOThiOGVlYzJkNzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxC78P9QXSWLnbpjX5Lt5z9YJt1v
VH01aMzTUJFDia8llf3uaZwcpNBjF+Mhda2Emj391nm6fbvNWJNIaAl//Ep5LkFX
AKVzVbi3X0HSltbnrm1Jq+wtoC/vlir7Zn2hV04c2o+jLZMFZOmOMvz7/rx7/53T
GR1z5eBtVd98b3BJFg6CdHl9NAh58FDTQ/DFTLcO0lGyeWdmRK4RyaXEBaopqmm2
qpR41Uktg9Zo+0U68lOttdjCnFgULBsXJ4vx1Nm67lUURtMHIYgVq4z5g+nTm2yT
JKSxPtej05fw670N1HvbtfxrvccW/Orc1eRgVYeR9C02GZrZWutgLgHApwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDBlsD9dqwuBE1n+Z95SmLjuwtcgMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTUdXd1AxMnJDNEVUV2Y1bjNsS1l1TzdDMXlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA5F5tiE8KjfSrXytbHR
x32+OuEdFPW6NX49VR7cr/RKiqwbigNcxtDtNLvt2WJJHM3EUj+A2oh6jVtcUlD6
+wFNzjoKrQecD5RuGatxymkl2kpiBb3gNEZQyigI5D5ssLzdlP7WjTePgh0UlfsF
4nXNz5a4PsF9SqggojG2Ib1FtDtHVtvL+AqXV0/9TspJ98Q8v2juKRykVEhMwiur
jOmCdJg/IZCbpZL1zRn4kJVKw7rbSv/OJWnL5qngKIwCo6fdWttnptMexNUvY/OQ
eiLt8bJrL0BTvPz7ajVq/PScV/+29WJHXdBd1Df0NWS93yu4FlxVLEYc9lLXNvXz
ouA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:15 2024 by rpki-client on console-ams.rpki-client.org