Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ockwis2SQTmOJIygESwlSJv5wsk.roa
File: Ockwis2SQTmOJIygESwlSJv5wsk.roa (raw, json)
Hash identifier: cULf6BTAO1bU8KPEGdqsMyPzCJHrw9lBZGUI/53sF9w=
Subject key identifier: 39:C9:30:8A:CD:92:41:39:8E:24:8C:A0:11:2C:25:48:9B:F9:C2:C9
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019022069212D1C98CA0771E9D7D1683D559
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ockwis2SQTmOJIygESwlSJv5wsk.roa
Signing time: Sun 16 Jun 2024 17:09:34 +0000
ROA not before: Sun 16 Jun 2024 17:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 16 Jun 2024 18:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:22:06:92:12:d1:c9:8c:a0:77:1e:9d:7d:16:83:d5:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 16 17:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39c9308acd9241398e248ca0112c25489bf9c2c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:19:fe:21:6a:78:a0:8e:86:8a:38:7f:6c:92:
4e:f6:ef:b3:85:55:dc:ec:5b:26:0b:cd:63:81:b5:
ca:29:23:d8:17:67:2a:77:9a:0b:f4:f4:51:3c:50:
0f:5b:eb:b8:15:9f:7c:6e:7e:3a:ed:18:b9:9f:8c:
83:31:c1:93:2f:49:db:bd:93:5b:60:f0:72:b9:fb:
0d:2d:22:83:1c:96:c1:ad:b6:8c:96:51:41:c1:4f:
f7:da:dd:66:40:48:c9:46:06:36:a8:e0:c7:60:07:
2e:f1:36:be:28:fd:37:31:45:53:7c:d4:0a:36:3b:
5e:1c:35:68:0e:7b:66:8e:1b:64:17:4d:dc:b4:f2:
63:9a:a7:c2:fa:2b:a2:13:ec:87:57:72:d8:45:cf:
1e:6e:39:e9:94:d6:d4:70:4f:ca:25:97:cb:f4:5a:
fb:62:84:bf:46:9f:68:14:6c:96:37:85:b0:83:b9:
f7:6f:49:22:52:2f:2f:d6:ea:15:ba:9d:71:a3:82:
a4:38:45:75:d8:ff:ff:a4:21:eb:4c:3b:67:0b:ce:
71:e4:55:68:82:50:fb:07:25:29:df:b9:8c:15:a9:
5c:f9:7a:ac:af:14:cf:43:e7:f5:28:2c:c1:87:77:
7f:03:f4:90:33:71:c7:f0:78:07:f4:c7:14:9f:6d:
63:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C9:30:8A:CD:92:41:39:8E:24:8C:A0:11:2C:25:48:9B:F9:C2:C9
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ockwis2SQTmOJIygESwlSJv5wsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:90:c6:5e:42:02:48:25:70:fe:92:7f:60:cc:4c:84:1b:7b:
c5:20:5b:eb:85:e4:d2:05:b6:b0:e3:d6:63:53:6b:f6:f7:a3:
62:d7:c6:d8:3f:cb:d9:23:e2:e0:bc:5b:fe:81:87:3e:e5:6b:
c0:61:41:d7:75:90:60:c7:a8:84:2b:9e:2e:df:b5:03:ce:53:
8d:2e:a3:a7:74:2f:35:fa:1f:6c:de:4f:e3:48:73:43:58:f6:
ce:67:6a:cb:4c:4f:57:50:d8:48:eb:14:ad:ff:67:9c:25:bf:
62:39:9d:37:35:77:a0:b9:46:fa:95:8a:97:58:f9:14:33:c4:
17:9c:ac:46:b0:47:aa:9f:57:af:81:f1:8c:37:0a:4d:66:80:
7b:64:41:a9:b9:cd:9d:21:20:bd:03:74:81:22:10:d2:8a:79:
8c:8e:cc:95:92:cf:c6:db:d9:7e:0e:7b:ab:5d:7a:4c:34:f5:
00:bf:d3:f3:ad:0c:ba:24:26:a0:26:d9:a8:88:92:2e:c2:a3:
b7:3a:72:11:41:46:c4:08:6f:d0:78:46:85:0a:d1:03:43:93:
54:88:d8:8c:3b:7f:e2:d6:39:4a:41:69:60:39:66:24:06:af:
3a:22:d8:77:11:85:85:80:63:f1:19:94:8c:4e:f6:8c:1e:62:
d5:63:07:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAiBpIS0cmMoHcenX0Wg9VZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE2MTcwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWM5MzA4YWNkOTI0MTM5OGUyNDhjYTAxMTJjMjU0ODliZjljMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRn+IWp4oI6Gijh/bJJO9u+zhVXc
7FsmC81jgbXKKSPYF2cqd5oL9PRRPFAPW+u4FZ98bn467Ri5n4yDMcGTL0nbvZNb
YPByufsNLSKDHJbBrbaMllFBwU/32t1mQEjJRgY2qODHYAcu8Ta+KP03MUVTfNQK
NjteHDVoDntmjhtkF03ctPJjmqfC+iuiE+yHV3LYRc8ebjnplNbUcE/KJZfL9Fr7
YoS/Rp9oFGyWN4Wwg7n3b0kiUi8v1uoVup1xo4KkOEV12P//pCHrTDtnC85x5FVo
glD7ByUp37mMFalc+XqsrxTPQ+f1KCzBh3d/A/SQM3HH8HgH9McUn21jxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDnJMIrNkkE5jiSMoBEsJUib+cLJMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvT2Nrd2lzMlNRVG1PSkl5Z0VTd2xTSnY1d3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFiQxl5CAkglcP6Sf2DM
TIQbe8UgW+uF5NIFtrDj1mNTa/b3o2LXxtg/y9kj4uC8W/6Bhz7la8BhQdd1kGDH
qIQrni7ftQPOU40uo6d0LzX6H2zeT+NIc0NY9s5nastMT1dQ2EjrFK3/Z5wlv2I5
nTc1d6C5RvqVipdY+RQzxBecrEawR6qfV6+B8Yw3Ck1mgHtkQam5zZ0hIL0DdIEi
ENKKeYyOzJWSz8bb2X4Oe6tdekw09QC/0/OtDLokJqAm2aiIki7Co7c6chFBRsQI
b9B4RoUK0QNDk1SI2Iw7f+LWOUpBaWA5ZiQGrzoi2HcRhYWAY/EZlIxO9oweYtVj
B/Q=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:11 2025 by rpki-client