Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ojix768lN2XTu8oKerUsMhfIYHY.roa
File: Ojix768lN2XTu8oKerUsMhfIYHY.roa (raw, json)
Hash identifier: VxGAvrFcmCSl45n7r3ce5X4sNn0QyOtU7xvIH9yc9G4=
Subject key identifier: 3A:38:B1:EF:AF:25:37:65:D3:BB:CA:0A:7A:B5:2C:32:17:C8:60:76
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190B04B2AA0882E98A4D150611D2E3E26F2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ojix768lN2XTu8oKerUsMhfIYHY.roa
Signing time: Sun 14 Jul 2024 08:10:34 +0000
ROA not before: Sun 14 Jul 2024 08:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 14 Jul 2024 09:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b0:4b:2a:a0:88:2e:98:a4:d1:50:61:1d:2e:3e:26:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 14 08:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a38b1efaf253765d3bbca0a7ab52c3217c86076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:70:e1:dc:19:c6:79:f3:2d:3f:be:af:51:63:
ac:88:85:fa:2e:6c:0e:06:60:34:6c:4c:7d:45:2e:
ec:57:91:cd:9f:47:f4:f9:c0:93:52:cb:3d:c8:28:
68:cc:7f:80:b3:4e:5a:5c:c7:44:fd:3c:99:d7:76:
7a:bb:a7:c5:55:bb:4a:69:18:c7:ba:98:36:52:5d:
80:bd:cc:82:36:4b:78:d7:91:5b:6b:de:ce:8b:d8:
b2:ce:3a:6e:5f:bc:d5:75:33:ee:fb:e0:14:db:d9:
d6:11:0c:b5:81:1e:d5:f5:72:8b:cc:fb:8a:c0:13:
ad:9f:b9:ef:51:73:eb:ef:5c:f8:df:8c:9b:90:cb:
95:73:c7:23:ba:65:f3:a8:84:89:fe:14:1e:49:5b:
d0:fb:a3:76:77:54:b1:5d:cb:29:ba:1a:08:c2:34:
21:a4:91:7f:f0:2a:d4:a1:c4:a1:dc:65:d2:9d:03:
b1:d5:92:84:a3:64:61:93:ec:de:98:40:55:7e:92:
d5:31:e4:86:f3:fb:38:8e:84:86:84:50:8d:13:d6:
5c:92:70:8c:c1:61:ce:14:e1:e6:2e:20:3f:64:ea:
4d:ee:81:1d:1c:16:34:35:56:e9:47:87:b7:79:e0:
21:00:8e:e0:ba:82:63:95:2c:3f:e5:00:bd:ce:38:
97:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:38:B1:EF:AF:25:37:65:D3:BB:CA:0A:7A:B5:2C:32:17:C8:60:76
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ojix768lN2XTu8oKerUsMhfIYHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:98:47:0c:10:8b:f3:0c:13:a2:f6:5f:36:55:76:b8:3b:d7:
ce:71:6d:4a:86:f8:1f:2d:50:24:f2:e1:77:45:c4:ac:ca:b5:
61:ce:58:2d:c6:fb:23:03:0d:e5:4d:6e:37:11:88:c0:47:82:
06:78:03:71:e1:e4:45:92:7e:59:f0:a2:36:74:41:81:87:cb:
ea:94:ee:e9:d9:0d:90:1d:4d:0b:aa:28:ce:1e:a3:77:42:ed:
93:41:b2:bc:bf:88:b3:cc:db:5d:b7:9b:70:8e:3f:cf:a4:21:
19:30:fd:ad:8b:9e:47:c1:16:f3:b4:a9:80:3a:3a:d9:73:b9:
b8:7d:45:5f:db:e3:3d:b3:c0:93:f7:1c:a9:9b:4c:31:81:16:
13:78:d0:03:03:40:26:70:b4:06:11:89:57:df:3e:00:fe:e9:
23:72:56:cf:85:ff:6f:a3:a7:88:10:9f:26:84:22:7e:60:d3:
8d:03:0e:d2:b4:63:ea:54:a4:18:65:52:70:ad:26:a0:23:73:
b0:84:23:77:e0:23:51:10:2e:76:d2:b8:62:0c:17:c3:cf:3a:
78:0b:25:42:bf:15:ca:1a:83:da:f1:e1:3a:6b:e1:a8:03:cd:
7e:f4:56:b2:f4:07:21:e1:05:0c:b4:ed:6e:f3:c1:ac:e9:7c:
bf:a4:19:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCwSyqgiC6YpNFQYR0uPibyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzE0MDgxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTM4YjFlZmFmMjUzNzY1ZDNiYmNhMGE3YWI1MmMzMjE3Yzg2MDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnDh3BnGefMtP76vUWOsiIX6LmwO
BmA0bEx9RS7sV5HNn0f0+cCTUss9yChozH+As05aXMdE/TyZ13Z6u6fFVbtKaRjH
upg2Ul2AvcyCNkt415Fba97Oi9iyzjpuX7zVdTPu++AU29nWEQy1gR7V9XKLzPuK
wBOtn7nvUXPr71z434ybkMuVc8cjumXzqISJ/hQeSVvQ+6N2d1SxXcspuhoIwjQh
pJF/8CrUocSh3GXSnQOx1ZKEo2Rhk+zemEBVfpLVMeSG8/s4joSGhFCNE9ZcknCM
wWHOFOHmLiA/ZOpN7oEdHBY0NVbpR4e3eeAhAI7guoJjlSw/5QC9zjiXPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDo4se+vJTdl07vKCnq1LDIXyGB2MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvT2ppeDc2OGxOMlhUdThvS2VyVXNNaGZJWUhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFGYRwwQi/MME6L2XzZV
drg7185xbUqG+B8tUCTy4XdFxKzKtWHOWC3G+yMDDeVNbjcRiMBHggZ4A3Hh5EWS
flnwojZ0QYGHy+qU7unZDZAdTQuqKM4eo3dC7ZNBsry/iLPM2123m3COP8+kIRkw
/a2LnkfBFvO0qYA6Otlzubh9RV/b4z2zwJP3HKmbTDGBFhN40AMDQCZwtAYRiVff
PgD+6SNyVs+F/2+jp4gQnyaEIn5g040DDtK0Y+pUpBhlUnCtJqAjc7CEI3fgI1EQ
LnbSuGIMF8PPOngLJUK/Fcoag9rx4Tpr4agDzX70VrL0ByHhBQy07W7zwazpfL+k
GQA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:39 2025 by rpki-client