Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PAcMnSmOasZoJf-Cz0beHZiReEc.roa
File: PAcMnSmOasZoJf-Cz0beHZiReEc.roa (raw, json)
Hash identifier: vB5Im3mg8funa6u51XlLi8hopOXiNyEHn6S8RzqUpc4=
Subject key identifier: 3C:07:0C:9D:29:8E:6A:C6:68:25:FF:82:CF:46:DE:1D:98:91:78:47
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190160610977D5321AE457A54AC7F0899C5
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PAcMnSmOasZoJf-Cz0beHZiReEc.roa
Signing time: Fri 14 Jun 2024 09:13:34 +0000
ROA not before: Fri 14 Jun 2024 09:13:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 14 Jun 2024 10:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:16:06:10:97:7d:53:21:ae:45:7a:54:ac:7f:08:99:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 14 09:13:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c070c9d298e6ac66825ff82cf46de1d98917847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0f:47:4b:20:4e:2a:c4:9b:e9:d7:4f:d9:5f:
e1:4c:d6:e0:45:5c:27:51:cd:c8:64:f3:03:85:15:
2c:29:4d:fe:62:47:8d:e9:78:71:6d:9b:81:20:da:
f7:ad:b9:e9:c3:cf:98:f4:80:e3:7d:15:ef:16:ac:
34:a2:fc:fb:9c:ff:a0:84:7d:db:31:83:ca:28:a0:
f5:a2:ae:91:67:9c:3f:d6:f8:db:99:96:f5:11:59:
d0:df:90:08:54:79:33:9c:0c:af:87:98:1a:60:a5:
a6:1e:56:a9:b4:b1:00:5a:33:dc:90:05:ee:68:23:
e0:72:24:34:d1:1c:49:71:9c:3b:d3:fb:56:93:be:
0d:45:7b:a0:d7:01:c3:a7:14:62:9a:cb:2f:70:c1:
30:0c:d6:ec:c9:c4:f3:56:5b:83:6d:ee:19:dd:4d:
c6:10:8c:a4:d9:1a:ee:44:4a:37:98:56:ec:78:15:
b9:0d:62:88:d7:20:6a:e6:fe:a7:b6:52:3a:51:42:
38:5c:85:36:27:df:28:b4:ac:e2:69:16:5e:cc:85:
a4:dc:71:89:02:0b:25:85:bf:a4:3b:56:a7:a4:a1:
fb:7c:3b:8f:bd:b0:93:d3:28:21:9d:55:59:4a:b4:
33:fe:72:56:6a:f9:3c:96:41:a3:8d:c8:16:16:ef:
72:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:07:0C:9D:29:8E:6A:C6:68:25:FF:82:CF:46:DE:1D:98:91:78:47
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PAcMnSmOasZoJf-Cz0beHZiReEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:2f:b5:8a:25:8c:05:68:6a:e4:11:58:e0:b3:a7:98:f3:32:
df:60:08:ff:9e:b2:49:21:3f:f9:c6:a3:49:09:a0:7d:cd:21:
3f:d9:0d:61:7b:1f:c6:0a:7b:df:fa:9d:41:23:2e:92:e2:eb:
85:26:a1:fe:b9:d9:ce:fd:76:e3:a3:ef:3e:a0:99:a7:90:ec:
42:a9:d5:5f:6f:50:59:cf:e5:1a:29:43:50:1a:e7:90:06:14:
b5:61:2c:a9:eb:88:89:84:c5:b9:39:cb:04:e6:ad:c9:ad:f4:
a9:5b:c9:02:c3:bf:55:01:8c:52:e4:4a:44:2f:90:e3:08:f4:
81:ff:38:86:81:80:77:8a:f3:a7:4d:17:9b:18:4c:c3:70:2d:
30:f9:49:cc:8a:00:18:5b:75:bd:91:19:11:24:25:9d:05:6f:
d3:32:28:53:34:71:b1:bb:5b:96:86:92:32:c8:85:cf:86:5b:
5b:bf:ca:1e:73:88:a7:84:44:10:87:79:08:ce:fe:a7:fd:95:
5d:ec:35:7d:e4:31:3a:18:46:26:cb:15:18:8b:71:12:72:0b:
6f:11:e6:fe:da:1b:42:f7:39:9f:73:b6:6f:2d:57:ec:b1:f3:
7e:1c:b8:a3:5c:a3:e0:38:19:a3:2c:98:d0:dd:f0:c0:55:73:
87:47:2e:5b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAWBhCXfVMhrkV6VKx/CJnFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE0MDkxMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzA3MGM5ZDI5OGU2YWM2NjgyNWZmODJjZjQ2ZGUxZDk4OTE3ODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg9HSyBOKsSb6ddP2V/hTNbgRVwn
Uc3IZPMDhRUsKU3+YkeN6XhxbZuBINr3rbnpw8+Y9IDjfRXvFqw0ovz7nP+ghH3b
MYPKKKD1oq6RZ5w/1vjbmZb1EVnQ35AIVHkznAyvh5gaYKWmHlaptLEAWjPckAXu
aCPgciQ00RxJcZw70/tWk74NRXug1wHDpxRimssvcMEwDNbsycTzVluDbe4Z3U3G
EIyk2RruREo3mFbseBW5DWKI1yBq5v6ntlI6UUI4XIU2J98otKziaRZezIWk3HGJ
Agslhb+kO1anpKH7fDuPvbCT0yghnVVZSrQz/nJWavk8lkGjjcgWFu9ykQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDwHDJ0pjmrGaCX/gs9G3h2YkXhHMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUEFjTW5TbU9hc1pvSmYtQ3owYmVIWmlSZUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEUvtYoljAVoauQRWOCz
p5jzMt9gCP+eskkhP/nGo0kJoH3NIT/ZDWF7H8YKe9/6nUEjLpLi64Umof652c79
duOj7z6gmaeQ7EKp1V9vUFnP5RopQ1Aa55AGFLVhLKnriImExbk5ywTmrcmt9Klb
yQLDv1UBjFLkSkQvkOMI9IH/OIaBgHeK86dNF5sYTMNwLTD5ScyKABhbdb2RGREk
JZ0Fb9MyKFM0cbG7W5aGkjLIhc+GW1u/yh5ziKeERBCHeQjO/qf9lV3sNX3kMToY
RibLFRiLcRJyC28R5v7aG0L3OZ9ztm8tV+yx834cuKNco+A4GaMsmNDd8MBVc4dH
Lls=
-----END CERTIFICATE-----
Generated at Fri Jun 14 13:48:52 2024 by rpki-client on console-fra.rpki-client.org