Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/NWDV4pjilmncDrz9RlyrXkqlnis.roa
File: NWDV4pjilmncDrz9RlyrXkqlnis.roa (raw, json)
Hash identifier: Xi0BDIO88dJK7Udi361GgDUG9PMR8ZZ1l/JlQs1jq0c=
Subject key identifier: 35:60:D5:E2:98:E2:96:69:DC:0E:BC:FD:46:5C:AB:5E:4A:A5:9E:2B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FFDC306185F6D15BA054E4CE85E3A0C64
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/NWDV4pjilmncDrz9RlyrXkqlnis.roa
Signing time: Sun 09 Jun 2024 16:09:27 +0000
ROA not before: Sun 09 Jun 2024 16:09:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 09 Jun 2024 17:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:fd:c3:06:18:5f:6d:15:ba:05:4e:4c:e8:5e:3a:0c:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 9 16:09:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3560d5e298e29669dc0ebcfd465cab5e4aa59e2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e8:54:19:ce:d5:85:54:6c:ed:1e:11:c5:be:
e9:14:4b:51:c9:e8:4c:b0:2c:1b:86:f5:9a:0c:bf:
50:84:30:fd:49:8d:57:c4:d6:99:75:49:0d:f7:1a:
76:bc:5b:12:85:85:2a:01:a8:31:62:79:37:b7:83:
55:5a:b2:ad:b9:00:92:df:ac:58:95:e0:19:a5:a8:
ab:a1:03:f4:1d:e0:32:32:1d:99:05:24:69:27:63:
44:36:68:48:1e:b8:0c:c2:d8:f5:28:f5:e3:27:d0:
1d:3e:53:33:30:3b:54:84:db:b5:27:ba:85:c1:77:
24:17:bd:f3:e4:3e:b3:9c:b6:cd:d6:f8:f2:c7:c4:
58:64:15:8e:a8:63:6d:44:db:7f:ea:64:b0:5a:55:
d1:23:49:87:1f:17:f1:67:2f:a0:bd:fe:e9:8d:90:
14:b2:cc:0c:7e:17:38:bb:81:7e:1b:87:64:f7:3f:
7f:fc:58:88:cd:be:6f:79:b7:76:56:0d:f5:a9:0d:
25:5d:8f:d8:9a:7b:ea:f1:10:73:92:64:e6:9d:a0:
04:0d:08:2f:58:76:fa:05:50:fc:e9:ca:a5:3f:48:
3b:22:fa:53:b6:fb:1f:88:fe:ca:24:c1:d3:62:af:
62:a5:f0:20:db:03:5e:98:ef:25:9a:a8:d9:ac:e9:
a6:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:60:D5:E2:98:E2:96:69:DC:0E:BC:FD:46:5C:AB:5E:4A:A5:9E:2B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/NWDV4pjilmncDrz9RlyrXkqlnis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:33:18:1c:26:6a:69:cc:47:e6:ea:e9:48:62:38:75:be:3e:
e2:de:3a:e1:a3:7f:4a:b2:5b:11:eb:49:f9:9d:93:b4:c7:41:
9b:6b:4a:13:bc:e5:60:d6:9e:70:2b:19:fc:2c:1c:de:33:38:
26:ce:c9:13:5a:27:57:c1:c1:a2:e3:4e:d6:c2:9b:c9:9d:e6:
98:49:7f:b3:18:08:73:79:35:e7:da:08:1e:07:98:c6:57:e4:
39:11:99:58:a3:8e:33:56:a7:4a:98:33:0b:28:92:c0:f4:69:
1f:e8:b6:50:37:66:c5:5b:93:0d:e7:80:46:7a:43:f0:b6:c5:
a6:c1:0d:03:25:7b:cd:1a:5d:7a:3c:1a:d1:d2:4f:51:b9:66:
e8:8b:91:83:d6:91:be:54:d3:9c:b4:da:c7:ec:6b:fe:9f:b4:
f4:c7:ca:28:4a:9e:e5:56:70:71:39:62:47:d4:4d:e9:1c:ba:
dd:41:57:c6:ee:cf:24:d2:f1:7f:bd:31:ff:f2:40:f3:7b:15:
2c:31:58:a9:54:c4:ef:92:f8:55:7d:9e:9b:88:08:bc:4e:35:
c8:74:c9:9f:c5:09:fe:ec:7a:9b:11:85:bb:be:39:f1:27:11:
b4:67:91:7d:6b:20:c9:ea:eb:16:31:72:1a:06:1a:7c:c0:21:
c9:0d:3c:95
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/9wwYYX20VugVOTOheOgxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA5MTYwOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTYwZDVlMjk4ZTI5NjY5ZGMwZWJjZmQ0NjVjYWI1ZTRhYTU5ZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ehUGc7VhVRs7R4Rxb7pFEtRyehM
sCwbhvWaDL9QhDD9SY1XxNaZdUkN9xp2vFsShYUqAagxYnk3t4NVWrKtuQCS36xY
leAZpairoQP0HeAyMh2ZBSRpJ2NENmhIHrgMwtj1KPXjJ9AdPlMzMDtUhNu1J7qF
wXckF73z5D6znLbN1vjyx8RYZBWOqGNtRNt/6mSwWlXRI0mHHxfxZy+gvf7pjZAU
sswMfhc4u4F+G4dk9z9//FiIzb5vebd2Vg31qQ0lXY/Ymnvq8RBzkmTmnaAEDQgv
WHb6BVD86cqlP0g7IvpTtvsfiP7KJMHTYq9ipfAg2wNemO8lmqjZrOmm8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDVg1eKY4pZp3A68/UZcq15KpZ4rMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTldEVjRwamlsbW5jRHJ6OVJseXJYa3FsbmlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABozGBwmamnMR+bq6Uhi
OHW+PuLeOuGjf0qyWxHrSfmdk7THQZtrShO85WDWnnArGfwsHN4zOCbOyRNaJ1fB
waLjTtbCm8md5phJf7MYCHN5NefaCB4HmMZX5DkRmVijjjNWp0qYMwsoksD0aR/o
tlA3ZsVbkw3ngEZ6Q/C2xabBDQMle80aXXo8GtHST1G5ZuiLkYPWkb5U05y02sfs
a/6ftPTHyihKnuVWcHE5YkfUTekcut1BV8buzyTS8X+9Mf/yQPN7FSwxWKlUxO+S
+FV9npuICLxONch0yZ/FCf7sepsRhbu+OfEnEbRnkX1rIMnq6xYxchoGGnzAIckN
PJU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:14 2025 by rpki-client