Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PgDZOSr9naNdGcL6mNmMI3BYIHg.roa
File: PgDZOSr9naNdGcL6mNmMI3BYIHg.roa (raw, json)
Hash identifier: jG9QZ6wxSerhkoHcinvLkmeCvthgy5zRjzmFbARD/Bs=
Subject key identifier: 3E:00:D9:39:2A:FD:9D:A3:5D:19:C2:FA:98:D9:8C:23:70:58:20:78
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190415603AD5B746CC588E2FF9060C6C994
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PgDZOSr9naNdGcL6mNmMI3BYIHg.roa
Signing time: Sat 22 Jun 2024 19:04:34 +0000
ROA not before: Sat 22 Jun 2024 19:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:4155:ce45/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 22 Jun 2024 19:10:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:41:56:03:ad:5b:74:6c:c5:88:e2:ff:90:60:c6:c9:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 22 19:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e00d9392afd9da35d19c2fa98d98c2370582078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8b:c7:16:8e:43:20:2f:64:80:4c:a9:6c:ae:
d1:f3:34:01:db:0f:4a:22:1a:97:0d:96:4e:f4:de:
f4:1c:7b:d4:aa:b0:77:c5:32:72:7e:72:43:9f:b6:
a8:f3:57:df:31:c7:3f:a9:08:41:2c:ac:8b:80:47:
54:0c:58:f2:ac:b5:77:f0:8b:93:c7:de:fa:62:4c:
65:8c:c7:4a:3c:94:9e:86:37:88:49:63:34:c4:5f:
ba:0f:0b:62:12:9b:bf:9d:d5:56:85:ca:d0:ab:1e:
e6:3d:c6:07:64:2f:b3:71:00:d8:36:96:b9:9e:84:
08:06:5a:74:74:41:65:ba:8b:9d:57:3b:22:e8:af:
b2:46:be:3a:e1:43:7b:12:c9:4d:ea:b5:2e:42:be:
4b:8e:ba:40:24:a6:23:b9:66:79:76:c1:41:4d:82:
32:1e:5f:c5:ad:a5:20:65:a2:ff:3d:25:29:32:3e:
64:52:35:be:92:b2:3c:df:50:24:80:ef:6c:26:95:
df:bf:dc:d9:43:ad:e0:19:4c:1e:10:02:e5:2b:83:
9a:33:05:8b:bb:fb:00:d7:a4:2e:5b:9f:1e:51:ba:
3a:9c:81:99:d4:50:4d:95:9b:c7:2f:5e:d2:d5:a9:
48:f9:0c:6a:9e:97:69:ff:a4:3e:7d:8c:38:26:8c:
ae:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:00:D9:39:2A:FD:9D:A3:5D:19:C2:FA:98:D9:8C:23:70:58:20:78
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PgDZOSr9naNdGcL6mNmMI3BYIHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6d:a7:0d:ff:64:4e:3f:c1:b4:cb:23:b0:c4:45:e6:94:c9:02:
d1:5b:d4:6c:92:39:b6:ac:b3:b3:8a:6b:c0:f5:d7:6a:c1:9d:
9e:9d:60:0f:8b:f5:36:5b:10:20:76:41:e7:53:47:9d:db:bb:
db:48:9d:84:96:9a:98:d5:40:1d:10:b3:aa:44:a3:e8:a1:8d:
8f:31:d9:b7:3c:ef:de:21:2a:c8:aa:07:20:84:65:11:c3:66:
d2:48:b8:cf:6b:a1:eb:d5:5e:f5:ae:cb:13:0c:1a:a6:16:b3:
34:db:f9:4f:7d:14:9f:e7:f2:fc:09:21:d6:b3:e6:d6:74:cc:
ae:e6:8d:d5:44:af:ae:bd:df:1c:c8:c6:6f:b5:c8:c5:25:1d:
52:9f:c8:6a:ba:7b:9f:16:bc:7e:ba:ca:c9:66:33:0f:bf:05:
06:b7:8c:9b:f1:cb:a9:71:a5:30:6a:db:17:8e:53:95:d9:b1:
eb:fa:36:19:36:b0:1a:f4:72:7b:87:d5:32:56:63:57:13:7a:
39:58:a0:43:ab:50:d0:31:99:b3:5b:ce:31:0e:4c:95:4d:47:
bd:04:cc:5f:3d:95:45:3f:4b:e8:81:79:e5:18:1d:7f:c3:9b:
ce:ea:63:79:88:e8:6f:e8:c3:a3:52:4e:22:31:48:b9:45:e5:
5f:3a:54:d3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBBVgOtW3RsxYji/5BgxsmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIyMTkwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTAwZDkzOTJhZmQ5ZGEzNWQxOWMyZmE5OGQ5OGMyMzcwNTgyMDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIvHFo5DIC9kgEypbK7R8zQB2w9K
IhqXDZZO9N70HHvUqrB3xTJyfnJDn7ao81ffMcc/qQhBLKyLgEdUDFjyrLV38IuT
x976YkxljMdKPJSehjeISWM0xF+6DwtiEpu/ndVWhcrQqx7mPcYHZC+zcQDYNpa5
noQIBlp0dEFluoudVzsi6K+yRr464UN7EslN6rUuQr5LjrpAJKYjuWZ5dsFBTYIy
Hl/FraUgZaL/PSUpMj5kUjW+krI831AkgO9sJpXfv9zZQ63gGUweEALlK4OaMwWL
u/sA16QuW58eUbo6nIGZ1FBNlZvHL17S1alI+Qxqnpdp/6Q+fYw4Joyu0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD4A2Tkq/Z2jXRnC+pjZjCNwWCB4MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUGdEWk9TcjluYU5kR2NMNm1ObU1JM0JZSUhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG2nDf9kTj/BtMsjsMRF
5pTJAtFb1GySObass7OKa8D112rBnZ6dYA+L9TZbECB2QedTR53bu9tInYSWmpjV
QB0Qs6pEo+ihjY8x2bc8794hKsiqByCEZRHDZtJIuM9roevVXvWuyxMMGqYWszTb
+U99FJ/n8vwJIdaz5tZ0zK7mjdVEr6693xzIxm+1yMUlHVKfyGq6e58WvH66yslm
Mw+/BQa3jJvxy6lxpTBq2xeOU5XZsev6Nhk2sBr0cnuH1TJWY1cTejlYoEOrUNAx
mbNbzjEOTJVNR70EzF89lUU/S+iBeeUYHX/Dm87qY3mI6G/ow6NSTiIxSLlF5V86
VNM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:10 2025 by rpki-client