Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Nncvk2hkEy6c_2NzlbphXM1immE.roa
File: Nncvk2hkEy6c_2NzlbphXM1immE.roa (raw, json)
Hash identifier: Zyt2PGPIn6Qy4LpvcTW4+8zpk3QSSrxjZxR/gQSqJPc=
Subject key identifier: 36:77:2F:93:68:64:13:2E:9C:FF:63:73:95:BA:61:5C:CD:62:9A:61
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01902A66BC99DECC9B10F2B14A110BDAD216
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Nncvk2hkEy6c_2NzlbphXM1immE.roa
Signing time: Tue 18 Jun 2024 08:11:34 +0000
ROA not before: Tue 18 Jun 2024 08:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 18 Jun 2024 09:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2a:66:bc:99:de:cc:9b:10:f2:b1:4a:11:0b:da:d2:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 18 08:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36772f936864132e9cff637395ba615ccd629a61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:83:7c:2b:cd:77:6b:78:75:b5:01:9c:86:bc:
fd:64:6b:fa:b0:46:ea:7b:dc:70:91:0f:e7:1f:84:
a8:4b:58:7a:3e:de:7a:7b:34:11:40:9f:fc:89:0c:
1f:c9:e1:3f:e0:d9:39:4a:9d:27:20:bf:1f:9b:e3:
88:27:6d:c6:63:e4:b2:e1:17:cb:c2:11:8c:d8:1d:
f8:a3:80:d2:17:30:0c:5f:af:4e:be:cb:ef:56:e2:
41:a6:9b:c3:48:14:39:2e:a3:c9:35:18:af:12:de:
3c:3c:2b:e3:a2:bd:bd:fd:67:8b:f4:ab:1a:46:72:
7d:70:fa:ab:e5:03:c2:a0:ec:ce:26:56:8c:90:7e:
f7:07:1a:91:f5:12:ad:d5:e8:e5:f0:16:42:06:dc:
ad:d3:73:8e:fe:6b:1b:c6:0d:74:b5:25:3a:59:c4:
26:f1:29:22:07:94:2c:8d:73:84:be:68:cb:78:88:
56:bf:95:f6:e7:5e:ee:22:2f:73:a9:c4:5c:86:e4:
80:5f:b7:a0:ae:cc:08:b0:cd:59:76:b1:43:ab:d0:
8f:00:8c:9e:e5:4e:f4:01:6c:25:b4:fd:07:e7:84:
9f:62:ae:63:74:a1:34:2c:c1:c1:5e:9b:3d:4d:e4:
c2:de:05:61:c3:81:91:21:a9:5f:da:2e:3c:e3:a1:
42:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:77:2F:93:68:64:13:2E:9C:FF:63:73:95:BA:61:5C:CD:62:9A:61
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Nncvk2hkEy6c_2NzlbphXM1immE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
06:1d:80:26:57:9d:c6:49:b3:11:e5:78:ca:ae:22:ae:a3:32:
1d:ad:c8:20:c4:12:a6:87:64:25:66:38:f1:0e:9e:0c:80:6a:
19:08:1b:64:85:5f:47:f5:d3:0e:3f:b1:fd:44:ea:06:53:bc:
f0:04:74:64:4f:6f:83:5b:0a:8e:dc:59:59:6f:fc:5e:55:b9:
fa:13:b1:02:52:82:e8:36:f6:69:6a:e5:38:48:4b:e2:f0:41:
bb:3f:01:08:02:39:78:57:66:a9:de:70:70:ad:0a:ed:98:8b:
54:f9:35:6d:1c:23:0a:46:5c:22:69:f5:5c:bf:85:18:ff:9f:
59:19:b8:b1:f7:1a:85:ad:72:21:5b:59:e1:e1:d7:e1:ab:7d:
b4:e8:a2:d3:22:bc:9a:9d:82:56:91:71:06:a9:52:78:08:fd:
f3:0e:d7:48:68:b5:84:3f:86:7b:8b:80:82:c5:d3:4c:4c:52:
50:eb:82:71:1a:51:5a:6c:fd:eb:a5:48:0c:2c:ae:bc:42:28:
f4:69:67:bf:1b:20:0c:0b:4e:34:ef:4c:2c:68:17:95:e6:92:
9b:b4:3f:78:3f:8e:69:b1:d4:42:ba:6d:60:5d:28:dd:d7:00:
75:10:1b:a9:47:8a:b0:09:00:fe:7e:e6:50:28:86:38:af:86:
12:5e:66:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAqZryZ3sybEPKxShEL2tIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE4MDgxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjc3MmY5MzY4NjQxMzJlOWNmZjYzNzM5NWJhNjE1Y2NkNjI5YTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4N8K813a3h1tQGchrz9ZGv6sEbq
e9xwkQ/nH4SoS1h6Pt56ezQRQJ/8iQwfyeE/4Nk5Sp0nIL8fm+OIJ23GY+Sy4RfL
whGM2B34o4DSFzAMX69OvsvvVuJBppvDSBQ5LqPJNRivEt48PCvjor29/WeL9Ksa
RnJ9cPqr5QPCoOzOJlaMkH73BxqR9RKt1ejl8BZCBtyt03OO/msbxg10tSU6WcQm
8SkiB5QsjXOEvmjLeIhWv5X2517uIi9zqcRchuSAX7egrswIsM1ZdrFDq9CPAIye
5U70AWwltP0H54SfYq5jdKE0LMHBXps9TeTC3gVhw4GRIalf2i4846FCrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDZ3L5NoZBMunP9jc5W6YVzNYpphMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTm5jdmsyaGtFeTZjXzJOemxicGhYTTFpbW1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAYdgCZXncZJsxHleMqu
Iq6jMh2tyCDEEqaHZCVmOPEOngyAahkIG2SFX0f10w4/sf1E6gZTvPAEdGRPb4Nb
Co7cWVlv/F5VufoTsQJSgug29mlq5ThIS+LwQbs/AQgCOXhXZqnecHCtCu2Yi1T5
NW0cIwpGXCJp9Vy/hRj/n1kZuLH3GoWtciFbWeHh1+GrfbTootMivJqdglaRcQap
UngI/fMO10hotYQ/hnuLgILF00xMUlDrgnEaUVps/eulSAwsrrxCKPRpZ78bIAwL
TjTvTCxoF5Xmkpu0P3g/jmmx1EK6bWBdKN3XAHUQG6lHirAJAP5+5lAohjivhhJe
Zp0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:42 2025 by rpki-client