Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OhR3yX6VYJ1rwZPzvklD0ymQWgM.roa
File: OhR3yX6VYJ1rwZPzvklD0ymQWgM.roa (raw, json)
Hash identifier: 6FkEZ1MRHgFV16rSVU+Sz7JXuSa+26x+Mx+EVlT2Iwc=
Subject key identifier: 3A:14:77:C9:7E:95:60:9D:6B:C1:93:F3:BE:49:43:D3:29:90:5A:03
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190889A6702469ECC93C6FBDF7AB0064901
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OhR3yX6VYJ1rwZPzvklD0ymQWgM.roa
Signing time: Sat 06 Jul 2024 15:12:18 +0000
ROA not before: Sat 06 Jul 2024 15:12:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 06 Jul 2024 16:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:88:9a:67:02:46:9e:cc:93:c6:fb:df:7a:b0:06:49:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 6 15:12:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a1477c97e95609d6bc193f3be4943d329905a03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:08:51:d8:d6:e8:78:c0:8e:9d:5b:57:27:d9:
c1:32:cb:50:ef:40:61:64:5d:fe:49:81:8d:b0:91:
5c:2b:b2:fd:2f:82:87:6f:60:41:ef:c3:06:16:41:
9a:dc:72:0f:b5:6e:56:4b:c6:72:55:11:9b:2f:70:
68:bc:33:7b:dc:76:c7:78:b4:d8:1e:1e:46:4a:b4:
1c:19:39:d8:91:2a:57:40:90:14:37:61:f6:b6:48:
4f:ea:48:7f:b6:2c:f7:25:3b:c6:88:c0:56:cf:45:
c4:9e:1f:79:ab:e1:02:77:2b:9b:11:18:42:a2:af:
ad:16:a3:09:fd:16:be:06:b2:d7:04:44:93:ca:59:
01:c5:9d:a0:cc:e7:02:f2:a8:8b:01:59:7c:61:9e:
6d:0a:a3:50:10:ea:58:a5:74:2d:31:10:5f:17:4e:
d7:9c:d8:3b:1d:02:27:5c:64:bb:e2:8b:83:ed:2a:
24:1b:3f:d2:5e:b0:3c:b2:94:9c:b9:58:ab:b1:d8:
6a:02:38:f0:ad:07:61:45:2a:7a:90:c2:75:29:d0:
81:2a:82:82:6a:6a:d2:8d:b2:fb:e6:34:fa:6b:ef:
11:f5:9a:dc:e1:a3:66:e0:84:d7:3b:35:fc:0b:f9:
67:18:b6:3d:c2:4d:f3:cb:cf:7a:b6:0b:2d:31:01:
3c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:14:77:C9:7E:95:60:9D:6B:C1:93:F3:BE:49:43:D3:29:90:5A:03
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OhR3yX6VYJ1rwZPzvklD0ymQWgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
62:40:6b:2a:cf:45:fd:62:20:53:92:53:40:66:57:58:da:11:
3d:8c:dc:0e:a7:e6:4e:e1:9e:2a:d9:df:42:84:b7:f1:ae:a9:
b8:1a:5c:74:bf:e1:68:e3:e9:2f:a8:fb:fb:16:3c:2e:e1:87:
d1:ef:75:00:d9:d4:68:73:eb:7c:8b:76:7a:32:3c:83:2a:8f:
06:d4:5d:99:cc:91:50:28:5c:ba:c2:c2:87:70:00:b3:06:ab:
b2:33:91:c6:0d:13:0b:9a:3c:53:e3:db:5f:63:1b:81:1e:8a:
6e:4f:f8:bd:b7:d8:9f:6c:ac:75:66:60:0d:4f:99:38:ec:bd:
e3:01:6d:f4:3b:d2:ca:bd:e5:b6:56:2a:e9:0b:e4:f0:8b:6f:
55:10:d5:5e:66:64:48:1a:30:5e:49:ae:29:2b:4c:ac:eb:a3:
ad:45:a4:af:2f:37:11:0e:d2:58:9d:59:e4:ec:ec:7d:2d:e7:
f8:d2:cb:ab:f5:75:54:0c:1f:08:cc:a7:81:c3:db:06:d2:48:
ac:d9:58:73:18:14:8e:7e:17:e4:30:27:3a:8e:41:96:57:48:
19:77:f4:a3:e8:79:9f:81:74:70:c5:2b:9a:13:ef:7a:ba:c6:
d4:75:11:11:81:ca:63:ef:f3:1a:31:c0:1b:ff:fa:06:dd:bd:
df:7e:ba:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCImmcCRp7Mk8b733qwBkkBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA2MTUxMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTE0NzdjOTdlOTU2MDlkNmJjMTkzZjNiZTQ5NDNkMzI5OTA1YTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3AhR2NboeMCOnVtXJ9nBMstQ70Bh
ZF3+SYGNsJFcK7L9L4KHb2BB78MGFkGa3HIPtW5WS8ZyVRGbL3BovDN73HbHeLTY
Hh5GSrQcGTnYkSpXQJAUN2H2tkhP6kh/tiz3JTvGiMBWz0XEnh95q+ECdyubERhC
oq+tFqMJ/Ra+BrLXBESTylkBxZ2gzOcC8qiLAVl8YZ5tCqNQEOpYpXQtMRBfF07X
nNg7HQInXGS74ouD7SokGz/SXrA8spScuVirsdhqAjjwrQdhRSp6kMJ1KdCBKoKC
amrSjbL75jT6a+8R9Zrc4aNm4ITXOzX8C/lnGLY9wk3zy896tgstMQE87wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDoUd8l+lWCda8GT875JQ9MpkFoDMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvT2hSM3lYNlZZSjFyd1pQenZrbEQweW1RV2dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGJAayrPRf1iIFOSU0Bm
V1jaET2M3A6n5k7hnirZ30KEt/GuqbgaXHS/4Wjj6S+o+/sWPC7hh9HvdQDZ1Ghz
63yLdnoyPIMqjwbUXZnMkVAoXLrCwodwALMGq7IzkcYNEwuaPFPj219jG4Eeim5P
+L232J9srHVmYA1PmTjsveMBbfQ70sq95bZWKukL5PCLb1UQ1V5mZEgaMF5Jrikr
TKzro61FpK8vNxEO0lidWeTs7H0t5/jSy6v1dVQMHwjMp4HD2wbSSKzZWHMYFI5+
F+QwJzqOQZZXSBl39KPoeZ+BdHDFK5oT73q6xtR1ERGBymPv8xoxwBv/+gbdvd9+
uhQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:41 2025 by rpki-client