Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MvQsTGaoA1N4aBUneK-5QjG3BSo.roa
File: MvQsTGaoA1N4aBUneK-5QjG3BSo.roa (raw, json)
Hash identifier: 1xDW1+uKe3TOGo2D3DDVxkGDjUfqL8MakjzJHrk8pJE=
Subject key identifier: 32:F4:2C:4C:66:A8:03:53:78:68:15:27:78:AF:B9:42:31:B7:05:2A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019086742B6C8923062CE9B60A173F4E9AFD
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MvQsTGaoA1N4aBUneK-5QjG3BSo.roa
Signing time: Sat 06 Jul 2024 05:11:18 +0000
ROA not before: Sat 06 Jul 2024 05:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 06 Jul 2024 06:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:86:74:2b:6c:89:23:06:2c:e9:b6:0a:17:3f:4e:9a:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 6 05:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32f42c4c66a803537868152778afb94231b7052a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7a:8c:2e:01:9b:6e:c8:79:e4:3e:c6:ea:a1:
cd:e0:79:82:c3:f8:11:af:e1:ff:f4:4a:07:15:ae:
7c:9d:5c:56:b7:b4:92:ef:63:25:47:0a:e5:30:aa:
0a:fe:17:92:87:22:3e:64:d5:c2:6a:6e:d3:3a:6d:
86:11:89:cb:05:44:dd:ae:d4:7b:ef:db:e0:1a:72:
20:7c:d8:19:d7:c9:ff:f9:07:0c:e7:de:b7:17:80:
86:a4:5a:41:1e:cb:48:85:d0:24:3b:9c:f4:c7:69:
78:e4:67:9f:dc:73:fe:ba:3e:30:ee:cc:f4:f3:ed:
cc:62:0c:90:c8:44:1e:89:a9:ff:60:d8:3e:68:dc:
c9:05:98:2b:e8:b2:3e:39:66:ae:c7:b0:12:37:7d:
bf:c9:33:3e:14:15:99:95:f2:2f:a0:d9:05:8a:10:
d0:82:12:11:4e:0d:d7:65:85:41:9a:cd:9f:f2:ff:
40:ae:31:0e:9f:bf:3c:b4:64:1d:90:5b:80:84:b1:
e9:8a:9e:a5:7c:9b:ef:1c:85:56:8a:80:cd:78:58:
ef:1b:af:6d:1f:81:e6:70:5d:31:37:01:46:8c:39:
e7:95:59:ad:a1:28:f2:8f:0a:90:b6:bd:9c:9f:8e:
93:7e:98:87:3a:5a:5b:fb:8e:63:44:de:6f:67:91:
35:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:F4:2C:4C:66:A8:03:53:78:68:15:27:78:AF:B9:42:31:B7:05:2A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MvQsTGaoA1N4aBUneK-5QjG3BSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
91:e4:91:bb:78:f1:ac:9d:d4:95:03:16:46:7c:31:ac:8b:7c:
52:cd:e1:c0:17:a5:75:36:cb:cb:da:57:0d:8d:4c:b7:75:9e:
14:84:59:09:8f:f0:78:18:ef:a0:e3:5a:38:c1:43:82:7f:0a:
f3:6a:46:67:ff:60:ea:c8:e8:bf:a2:ad:13:b1:39:ec:db:11:
bd:6d:98:0d:4d:2e:5c:97:c1:1f:6d:a9:a6:e1:e9:b8:6a:de:
05:2f:9a:3d:b9:43:46:9e:d9:0a:9b:25:76:1a:0c:8c:f2:1d:
c1:e3:2b:c9:26:5d:36:ee:02:7d:ab:15:c4:e3:3d:59:ea:63:
d4:9c:07:b5:4c:d7:94:b9:1f:26:17:fd:ae:ec:6f:4b:e5:80:
12:3c:73:13:01:6f:ff:e9:52:70:47:70:f0:fb:ae:9c:bf:7b:
a7:eb:75:20:5b:9e:9b:12:90:06:56:5e:d8:18:27:f4:bc:99:
33:d7:78:4b:ff:1a:98:1e:6c:6f:52:74:bf:61:fe:8e:d3:90:
d9:d8:56:99:01:2a:7b:42:1b:d9:3c:82:a4:51:ea:38:bc:59:
02:f7:ed:f1:aa:fa:36:25:94:bd:b3:31:c4:11:47:f7:02:1f:
db:46:7d:82:6a:99:c7:b1:6e:49:65:7e:47:27:9a:47:83:47:
0e:95:2c:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCGdCtsiSMGLOm2Chc/Tpr9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA2MDUxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmY0MmM0YzY2YTgwMzUzNzg2ODE1Mjc3OGFmYjk0MjMxYjcwNTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXqMLgGbbsh55D7G6qHN4HmCw/gR
r+H/9EoHFa58nVxWt7SS72MlRwrlMKoK/heShyI+ZNXCam7TOm2GEYnLBUTdrtR7
79vgGnIgfNgZ18n/+QcM5963F4CGpFpBHstIhdAkO5z0x2l45Gef3HP+uj4w7sz0
8+3MYgyQyEQeian/YNg+aNzJBZgr6LI+OWaux7ASN32/yTM+FBWZlfIvoNkFihDQ
ghIRTg3XZYVBms2f8v9ArjEOn788tGQdkFuAhLHpip6lfJvvHIVWioDNeFjvG69t
H4HmcF0xNwFGjDnnlVmtoSjyjwqQtr2cn46TfpiHOlpb+45jRN5vZ5E1RwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDL0LExmqANTeGgVJ3ivuUIxtwUqMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTXZRc1RHYW9BMU40YUJVbmVLLTVRakczQlNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJHkkbt48ayd1JUDFkZ8
MayLfFLN4cAXpXU2y8vaVw2NTLd1nhSEWQmP8HgY76DjWjjBQ4J/CvNqRmf/YOrI
6L+irROxOezbEb1tmA1NLlyXwR9tqabh6bhq3gUvmj25Q0ae2QqbJXYaDIzyHcHj
K8kmXTbuAn2rFcTjPVnqY9ScB7VM15S5HyYX/a7sb0vlgBI8cxMBb//pUnBHcPD7
rpy/e6frdSBbnpsSkAZWXtgYJ/S8mTPXeEv/GpgebG9SdL9h/o7TkNnYVpkBKntC
G9k8gqRR6ji8WQL37fGq+jYllL2zMcQRR/cCH9tGfYJqmcexbkllfkcnmkeDRw6V
LLQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:43:26 2025 by rpki-client