Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OhkHUQJcaTplUwsCi5_AIlQw0bo.roa
File: OhkHUQJcaTplUwsCi5_AIlQw0bo.roa (raw, json)
Hash identifier: 1acoGAQvN71Kmu22FcnS1fJ9TndFdMYeI0DvGymnVOU=
Subject key identifier: 3A:19:07:51:02:5C:69:3A:65:53:0B:02:8B:9F:C0:22:54:30:D1:BA
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190991DA199D39B0837FCBE68C0B715643B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OhkHUQJcaTplUwsCi5_AIlQw0bo.roa
Signing time: Tue 09 Jul 2024 20:09:34 +0000
ROA not before: Tue 09 Jul 2024 20:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Jul 2024 21:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:99:1d:a1:99:d3:9b:08:37:fc:be:68:c0:b7:15:64:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 9 20:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a190751025c693a65530b028b9fc0225430d1ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:93:5f:78:d7:3b:53:4e:4c:ef:67:b1:df:12:
ca:a4:83:1c:93:60:42:d1:ab:46:9e:15:d4:3a:e5:
06:68:08:34:bc:c5:d0:bb:5d:aa:04:1d:6f:b9:57:
76:be:5c:41:8f:a9:52:ad:f1:53:d8:ee:ea:49:26:
45:33:ad:b4:2c:14:6c:c5:63:05:ab:c1:05:d2:0a:
d7:5c:2f:f8:63:0a:8a:22:0d:9f:f9:99:ed:a1:e4:
54:07:a8:3d:59:4c:c9:0d:ad:ae:61:31:54:ca:88:
9d:86:bb:58:d5:74:f6:7c:38:18:76:00:56:13:77:
c9:35:e3:3a:c8:1f:65:8f:87:b0:a2:cf:87:ef:34:
b1:85:43:83:68:7d:f4:83:ff:9d:c3:e1:a7:f1:25:
92:59:b4:64:fa:42:08:ad:82:a2:c0:8a:ea:1f:d5:
25:b9:6e:eb:dc:09:ca:aa:ed:d5:ab:65:74:86:18:
e5:c9:53:4d:53:ea:74:29:c4:22:0e:72:ad:d2:0c:
ed:07:d2:d4:1d:f9:0c:00:24:ec:12:0a:ff:32:03:
78:c5:29:25:37:35:3f:80:fe:8c:08:40:3e:71:25:
05:23:ca:66:3a:a3:b9:95:10:e5:86:1a:23:f3:9d:
3b:1f:f7:f2:51:3f:dd:33:61:e1:fe:58:90:00:7f:
a4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:19:07:51:02:5C:69:3A:65:53:0B:02:8B:9F:C0:22:54:30:D1:BA
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OhkHUQJcaTplUwsCi5_AIlQw0bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:03:61:5c:2b:e5:f7:61:82:f4:7e:91:6f:0b:1b:e5:86:3c:
96:34:18:4f:2f:ad:4d:cf:3e:d5:b2:ac:6c:45:d7:82:bf:b3:
c0:ed:41:01:70:54:ed:b1:31:25:a4:11:d1:6b:e3:c0:ab:80:
66:dc:58:ea:a4:36:b1:a7:ba:6d:7a:21:3d:1a:1f:74:ed:94:
ca:f5:15:0c:6a:e6:8a:f5:9d:de:cb:66:bd:2b:bd:93:1d:80:
26:b9:18:32:5a:59:fc:bb:53:6f:e7:3f:94:cb:f5:88:a2:c7:
79:fb:fa:13:a0:7a:87:6d:25:91:72:a0:36:1b:0a:74:5f:ed:
c2:31:cf:d0:54:e8:a5:47:ff:02:f6:d4:d8:56:45:de:07:20:
af:48:7f:23:eb:c7:a7:14:61:bd:3f:74:ee:5d:ea:18:49:ab:
5d:72:1d:3c:03:b0:fb:4a:19:2e:00:75:94:f2:47:c2:cc:ba:
4f:76:aa:7c:b0:69:b1:8a:79:56:b1:21:d4:a9:ca:82:97:93:
e4:e1:ee:84:33:d8:6e:51:07:17:b7:10:16:68:8a:84:d8:3d:
46:cc:a2:ec:ba:59:47:d6:04:13:13:14:91:8a:62:29:f0:11:
35:b4:63:9f:f4:c7:ec:1c:40:b0:40:7c:fd:bc:54:6b:67:35:
fb:e1:ce:b7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCZHaGZ05sIN/y+aMC3FWQ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA5MjAwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTE5MDc1MTAyNWM2OTNhNjU1MzBiMDI4YjlmYzAyMjU0MzBkMWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZNfeNc7U05M72ex3xLKpIMck2BC
0atGnhXUOuUGaAg0vMXQu12qBB1vuVd2vlxBj6lSrfFT2O7qSSZFM620LBRsxWMF
q8EF0grXXC/4YwqKIg2f+ZntoeRUB6g9WUzJDa2uYTFUyoidhrtY1XT2fDgYdgBW
E3fJNeM6yB9lj4ewos+H7zSxhUODaH30g/+dw+Gn8SWSWbRk+kIIrYKiwIrqH9Ul
uW7r3AnKqu3Vq2V0hhjlyVNNU+p0KcQiDnKt0gztB9LUHfkMACTsEgr/MgN4xSkl
NzU/gP6MCEA+cSUFI8pmOqO5lRDlhhoj8507H/fyUT/dM2Hh/liQAH+kfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDoZB1ECXGk6ZVMLAoufwCJUMNG6MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvT2hrSFVRSmNhVHBsVXdzQ2k1X0FJbFF3MGJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFMDYVwr5fdhgvR+kW8L
G+WGPJY0GE8vrU3PPtWyrGxF14K/s8DtQQFwVO2xMSWkEdFr48CrgGbcWOqkNrGn
um16IT0aH3TtlMr1FQxq5or1nd7LZr0rvZMdgCa5GDJaWfy7U2/nP5TL9Yiix3n7
+hOgeodtJZFyoDYbCnRf7cIxz9BU6KVH/wL21NhWRd4HIK9IfyPrx6cUYb0/dO5d
6hhJq11yHTwDsPtKGS4AdZTyR8LMuk92qnywabGKeVaxIdSpyoKXk+Th7oQz2G5R
Bxe3EBZoioTYPUbMouy6WUfWBBMTFJGKYinwETW0Y5/0x+wcQLBAfP28VGtnNfvh
zrc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:39 2025 by rpki-client