Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/NRqbWDGYgu8tQN0lB2AktCsQaF4.roa
File: NRqbWDGYgu8tQN0lB2AktCsQaF4.roa (raw, json)
Hash identifier: SDCHKWUNJWEZnHaZqsLl69afyyz4ODVjRRqIOI6oob0=
Subject key identifier: 35:1A:9B:58:31:98:82:EF:2D:40:DD:25:07:60:24:B4:2B:10:68:5E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019004D9B389F771BE92A9917602C6AF1EF5
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/NRqbWDGYgu8tQN0lB2AktCsQaF4.roa
Signing time: Tue 11 Jun 2024 01:11:34 +0000
ROA not before: Tue 11 Jun 2024 01:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 11 Jun 2024 02:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:04:d9:b3:89:f7:71:be:92:a9:91:76:02:c6:af:1e:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 11 01:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=351a9b58319882ef2d40dd25076024b42b10685e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:17:98:9f:e7:85:fd:65:8a:c6:23:7f:92:91:
76:0e:12:7e:fc:6b:be:a9:29:34:c5:74:3a:14:f3:
00:68:53:22:ae:2e:87:87:60:62:dd:7a:11:02:f3:
d8:ba:9e:c1:6e:62:48:f1:e3:7e:21:65:fb:7c:ad:
2c:5c:15:ab:c4:04:47:e4:f3:2a:6c:ba:01:e3:d9:
7c:2f:3c:1e:76:42:1f:84:8a:12:63:aa:1f:82:8c:
f7:9d:e1:8c:0d:de:3c:a4:c4:cb:39:1d:a9:a4:6b:
05:24:22:c8:c5:fe:00:9a:b1:a9:d3:cf:74:27:ab:
00:22:8a:49:4e:0c:5f:ee:19:0c:d9:19:6a:ee:fd:
b1:1a:33:1f:33:b8:94:22:8b:67:3b:8b:29:bc:fa:
ba:a2:18:ea:90:ef:c1:f9:09:ce:cb:e5:85:6a:4b:
63:0a:fb:01:a2:ec:4b:44:bb:13:31:cc:93:71:cc:
bc:e5:b7:5e:32:71:39:78:69:b4:5e:d4:f2:1d:13:
63:9f:13:fb:b5:53:bb:dc:7b:1f:17:35:aa:b4:65:
ae:d0:29:4a:17:2a:05:36:4f:f2:6d:58:2e:af:60:
c9:4c:28:bc:01:e8:02:c5:0b:ee:47:af:1f:0c:4e:
4e:2f:bc:9c:97:d1:f0:a4:e5:99:6f:65:ed:68:e1:
05:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:1A:9B:58:31:98:82:EF:2D:40:DD:25:07:60:24:B4:2B:10:68:5E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/NRqbWDGYgu8tQN0lB2AktCsQaF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:a3:93:28:5b:df:b6:1e:84:2c:09:59:b6:97:93:a5:42:a2:
5a:a5:ae:34:cf:f1:d9:ad:6e:f4:e3:87:63:f9:9d:27:25:d7:
58:aa:57:34:d2:03:83:24:cf:ed:f6:22:5c:f2:e9:c2:c2:99:
f2:18:ca:b0:c5:92:8a:53:b0:c1:9c:10:87:13:76:09:12:8e:
74:dc:a4:b6:e7:18:0c:f8:4f:bc:fc:75:4b:a5:34:a1:5b:8b:
61:fa:65:65:ef:44:5e:63:7f:12:0c:71:49:2e:56:10:ac:20:
1e:78:74:5f:6e:7a:15:33:b4:e2:1a:72:09:57:32:fa:f1:5a:
b1:b9:79:6d:31:da:66:da:ce:33:0f:ba:e3:9f:97:5e:84:e2:
e2:5a:0b:f6:45:87:6f:a3:5c:fd:6a:18:b2:15:1b:bd:55:4c:
74:eb:18:41:e1:d2:2b:f9:6a:72:66:3e:d1:1f:01:3d:d0:11:
31:9b:6f:ff:ff:9f:43:88:3e:23:21:d6:95:0d:e6:53:b5:b2:
3b:86:16:fe:dd:5d:6c:8a:5d:f2:c9:1e:45:a4:1e:d6:20:2c:
09:78:c6:54:1a:56:cc:3c:b6:09:87:8e:95:d7:46:58:db:74:
19:a7:82:e5:72:c9:c6:9a:3d:26:09:17:d2:ee:1a:e8:c4:43:
68:6a:99:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAE2bOJ93G+kqmRdgLGrx71MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjExMDExMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTFhOWI1ODMxOTg4MmVmMmQ0MGRkMjUwNzYwMjRiNDJiMTA2ODVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnheYn+eF/WWKxiN/kpF2DhJ+/Gu+
qSk0xXQ6FPMAaFMiri6Hh2Bi3XoRAvPYup7BbmJI8eN+IWX7fK0sXBWrxARH5PMq
bLoB49l8LzwedkIfhIoSY6ofgoz3neGMDd48pMTLOR2ppGsFJCLIxf4AmrGp0890
J6sAIopJTgxf7hkM2Rlq7v2xGjMfM7iUIotnO4spvPq6ohjqkO/B+QnOy+WFaktj
CvsBouxLRLsTMcyTccy85bdeMnE5eGm0XtTyHRNjnxP7tVO73HsfFzWqtGWu0ClK
FyoFNk/ybVgur2DJTCi8AegCxQvuR68fDE5OL7ycl9HwpOWZb2XtaOEFywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDUam1gxmILvLUDdJQdgJLQrEGheMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTlJxYldER1lndTh0UU4wbEIyQWt0Q3NRYUY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADqjkyhb37YehCwJWbaX
k6VColqlrjTP8dmtbvTjh2P5nScl11iqVzTSA4Mkz+32Ilzy6cLCmfIYyrDFkopT
sMGcEIcTdgkSjnTcpLbnGAz4T7z8dUulNKFbi2H6ZWXvRF5jfxIMcUkuVhCsIB54
dF9uehUztOIacglXMvrxWrG5eW0x2mbazjMPuuOfl16E4uJaC/ZFh2+jXP1qGLIV
G71VTHTrGEHh0iv5anJmPtEfAT3QETGbb///n0OIPiMh1pUN5lO1sjuGFv7dXWyK
XfLJHkWkHtYgLAl4xlQaVsw8tgmHjpXXRljbdBmnguVyycaaPSYJF9LuGujEQ2hq
mX8=
-----END CERTIFICATE-----
Generated at Tue Jun 11 06:21:28 2024 by rpki-client on console-ams.rpki-client.org