Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QR1dZHo_lfS4xBHTCVo_Daq8U8g.roa
File: QR1dZHo_lfS4xBHTCVo_Daq8U8g.roa (raw, json)
Hash identifier: d8XEb0ktoihYFi5DI9aBEFkOCPUXiAGKnM7fyExl26M=
Subject key identifier: 41:1D:5D:64:7A:3F:95:F4:B8:C4:11:D3:09:5A:3F:0D:AA:BC:53:C8
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01909D323FDEBDEF6A4244B934B7F55C1294
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QR1dZHo_lfS4xBHTCVo_Daq8U8g.roa
Signing time: Wed 10 Jul 2024 15:10:34 +0000
ROA not before: Wed 10 Jul 2024 15:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Jul 2024 16:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9d:32:3f:de:bd:ef:6a:42:44:b9:34:b7:f5:5c:12:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 10 15:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=411d5d647a3f95f4b8c411d3095a3f0daabc53c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:70:ca:72:d8:a6:6a:da:7a:2e:bf:2c:3b:f2:
a3:b0:c9:6a:06:27:fa:34:44:d8:8b:86:7f:3c:b2:
82:31:99:5c:f4:e0:b3:67:84:54:aa:46:84:b1:75:
40:c7:d3:ac:1b:80:de:f5:f2:0e:96:9b:68:62:e7:
85:a0:65:ae:c2:c1:42:7b:a1:c5:cc:0d:99:27:c1:
e0:9d:e9:97:ed:bd:1e:6b:2a:db:ab:f3:d4:3d:74:
46:ed:9b:b4:40:13:1b:28:cf:0e:10:53:99:65:55:
55:dd:64:b3:c9:e5:cb:8d:17:d2:56:aa:18:3e:91:
00:c0:9e:27:c9:28:c5:b6:f3:0f:7c:99:d6:b3:64:
22:83:7b:10:17:a5:be:87:ab:67:8f:42:41:5a:e3:
65:7f:08:ae:b0:14:a6:db:55:eb:16:61:f9:a5:ab:
57:a6:01:44:1f:9d:af:ff:55:97:a7:0a:87:e9:14:
93:49:bc:d1:02:a1:5f:66:90:ca:92:1f:8f:a4:96:
27:83:8d:d9:71:db:be:7a:38:5d:a6:f0:b8:98:b7:
26:5d:1d:43:72:3a:b6:78:9d:e4:53:01:31:16:e9:
9a:4d:2d:b2:e0:ec:2f:1f:3f:79:5e:0e:b6:1f:e0:
01:02:3d:55:84:c9:1c:73:11:9b:25:06:b1:d4:43:
5a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:1D:5D:64:7A:3F:95:F4:B8:C4:11:D3:09:5A:3F:0D:AA:BC:53:C8
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QR1dZHo_lfS4xBHTCVo_Daq8U8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:50:3f:ed:21:c4:6c:00:92:6d:d2:20:64:eb:46:f0:fc:e6:
7a:e0:63:36:d8:bc:fd:0f:b4:3d:19:67:15:c9:aa:74:26:70:
60:9e:07:15:f1:f6:b6:47:a6:09:33:29:78:bd:cd:4c:c8:92:
e2:49:6d:79:29:08:3c:66:93:16:fa:b8:e1:0d:72:b9:de:34:
cf:00:e4:83:af:b6:34:79:94:31:d4:a7:fa:05:74:3c:79:b4:
9a:57:e5:51:f8:b7:5b:62:38:6e:12:1e:4b:46:32:b2:ab:3c:
e9:5c:68:8f:66:88:c5:f6:4f:49:a0:50:4d:bc:6d:b0:c9:5a:
c9:79:cd:07:1a:3f:bd:c2:ca:be:c7:f9:60:79:b0:ff:30:4d:
ee:92:e1:a2:14:48:fb:16:94:ee:04:f0:92:5c:05:28:a8:81:
6a:23:c0:b4:00:9a:ea:3a:fd:de:48:56:f2:3f:14:7c:ff:72:
f5:c3:69:4e:9a:e6:5c:47:77:42:c1:ee:d6:41:c1:e0:42:bf:
4f:38:ad:24:be:aa:9d:79:ea:92:21:64:1f:3b:1b:a9:20:d9:
70:fc:9a:c3:96:65:55:43:ba:b1:e4:6e:78:04:b8:1c:1b:7e:
80:26:2a:ca:f4:d0:67:af:d9:62:20:f7:11:47:e8:bc:ec:74:
a3:bb:d4:a2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCdMj/eve9qQkS5NLf1XBKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEwMTUxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTFkNWQ2NDdhM2Y5NWY0YjhjNDExZDMwOTVhM2YwZGFhYmM1M2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznDKctimatp6Lr8sO/KjsMlqBif6
NETYi4Z/PLKCMZlc9OCzZ4RUqkaEsXVAx9OsG4De9fIOlptoYueFoGWuwsFCe6HF
zA2ZJ8HgnemX7b0eayrbq/PUPXRG7Zu0QBMbKM8OEFOZZVVV3WSzyeXLjRfSVqoY
PpEAwJ4nySjFtvMPfJnWs2Qig3sQF6W+h6tnj0JBWuNlfwiusBSm21XrFmH5patX
pgFEH52v/1WXpwqH6RSTSbzRAqFfZpDKkh+PpJYng43Zcdu+ejhdpvC4mLcmXR1D
cjq2eJ3kUwExFumaTS2y4OwvHz95Xg62H+ABAj1VhMkccxGbJQax1ENaLwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEEdXWR6P5X0uMQR0wlaPw2qvFPIMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUVIxZFpIb19sZlM0eEJIVENWb19EYXE4VThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGVQP+0hxGwAkm3SIGTr
RvD85nrgYzbYvP0PtD0ZZxXJqnQmcGCeBxXx9rZHpgkzKXi9zUzIkuJJbXkpCDxm
kxb6uOENcrneNM8A5IOvtjR5lDHUp/oFdDx5tJpX5VH4t1tiOG4SHktGMrKrPOlc
aI9miMX2T0mgUE28bbDJWsl5zQcaP73Cyr7H+WB5sP8wTe6S4aIUSPsWlO4E8JJc
BSiogWojwLQAmuo6/d5IVvI/FHz/cvXDaU6a5lxHd0LB7tZBweBCv084rSS+qp15
6pIhZB87G6kg2XD8msOWZVVDurHkbngEuBwbfoAmKsr00Gev2WIg9xFH6LzsdKO7
1KI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:54 2025 by rpki-client