Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Qcd3GS5wXoVJ9mmWb0_93PFXOwE.roa
File: Qcd3GS5wXoVJ9mmWb0_93PFXOwE.roa (raw, json)
Hash identifier: M/+TrkbMEgOWidgxMQseuqP4aoDnpFW9TZoDRc8RoeE=
Subject key identifier: 41:C7:77:19:2E:70:5E:85:49:F6:69:96:6F:4F:FD:DC:F1:57:3B:01
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01906AC427F2B16A677EC0696383E3E53363
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Qcd3GS5wXoVJ9mmWb0_93PFXOwE.roa
Signing time: Sun 30 Jun 2024 20:09:18 +0000
ROA not before: Sun 30 Jun 2024 20:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 30 Jun 2024 21:04:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6a:c4:27:f2:b1:6a:67:7e:c0:69:63:83:e3:e5:33:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 30 20:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41c777192e705e8549f669966f4ffddcf1573b01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ec:a1:db:98:d9:52:35:24:71:de:97:6f:f0:
f5:7b:90:e1:21:7b:d2:20:68:b1:b4:fb:0c:56:a3:
f4:d1:db:ad:64:0c:b3:35:d9:da:07:93:98:66:e4:
cc:95:a7:06:9a:81:3d:09:c8:8c:5b:37:38:8d:33:
68:fa:ac:ec:4f:27:d1:e6:b3:e1:c0:59:66:73:fe:
c1:50:82:ad:40:0f:5e:c8:17:88:d8:f2:b2:77:02:
a9:78:57:25:0a:78:ba:f2:0b:5c:c6:7f:bd:39:58:
6d:84:8b:98:4a:bb:4c:76:79:fa:cb:67:33:ba:fd:
d0:19:4b:34:c0:9e:a1:a5:54:af:81:16:27:09:55:
62:f3:a3:e6:e9:e3:28:f9:04:37:a6:22:a0:d3:fe:
9a:fa:47:75:1c:72:5d:bc:ad:2b:97:72:eb:d1:0f:
95:69:33:ba:91:ba:e9:33:bc:3f:8c:19:3f:2f:d0:
ed:e7:82:6a:d7:cc:ff:50:d0:07:6e:90:35:23:ab:
e8:88:7c:ce:ea:cd:5f:e5:91:d9:cc:ee:26:ac:2a:
91:12:5e:f6:52:b0:38:37:0e:c3:50:4d:15:1c:c3:
18:d3:ba:18:a8:37:84:5f:7a:80:88:bf:e8:6f:56:
bc:3f:6e:35:f9:04:04:46:a4:05:eb:d7:85:5a:05:
08:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C7:77:19:2E:70:5E:85:49:F6:69:96:6F:4F:FD:DC:F1:57:3B:01
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Qcd3GS5wXoVJ9mmWb0_93PFXOwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8d:7e:e7:4b:dc:0b:5f:ae:db:81:73:8a:17:50:e3:50:e6:c5:
60:52:a1:34:26:96:9c:93:b7:6a:39:a6:87:94:a5:0a:d8:60:
c8:1c:3c:0a:76:06:ee:54:28:c3:43:e6:9e:8b:74:f1:82:f9:
12:5f:5f:4c:4e:83:07:2d:0d:c4:87:6c:df:8c:5a:5c:d0:4c:
70:f7:89:a9:09:db:7e:58:3e:25:08:9b:a1:be:82:fc:f9:1a:
18:e7:e0:a3:52:33:e4:42:4c:ae:c4:1c:c3:04:c1:fa:d6:cd:
ee:a4:e3:f6:0a:1e:17:71:7e:1a:8c:27:a2:7f:cf:2b:00:61:
b1:ae:69:11:4b:f4:70:7b:59:77:52:b6:29:50:0b:cb:27:76:
14:72:4b:73:3c:3c:b6:59:eb:96:d7:4f:75:7c:82:29:b9:22:
c4:38:5b:ae:2b:c4:06:33:df:13:c9:45:52:b1:2b:ec:9f:63:
a5:33:c3:04:eb:74:a7:8d:2c:67:c1:e6:68:1f:6a:07:91:c7:
d0:b4:6a:cf:a2:a0:91:1d:e4:6a:51:8f:8e:c3:42:9c:c3:32:
a9:76:b1:a6:97:20:95:d8:05:91:09:83:ad:6b:9f:71:fe:28:
17:3f:88:70:3f:e3:62:5a:92:92:96:aa:cb:a0:af:53:63:c2:
8d:79:4d:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBqxCfysWpnfsBpY4Pj5TNjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjMwMjAwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWM3NzcxOTJlNzA1ZTg1NDlmNjY5OTY2ZjRmZmRkY2YxNTczYjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+yh25jZUjUkcd6Xb/D1e5DhIXvS
IGixtPsMVqP00dutZAyzNdnaB5OYZuTMlacGmoE9CciMWzc4jTNo+qzsTyfR5rPh
wFlmc/7BUIKtQA9eyBeI2PKydwKpeFclCni68gtcxn+9OVhthIuYSrtMdnn6y2cz
uv3QGUs0wJ6hpVSvgRYnCVVi86Pm6eMo+QQ3piKg0/6a+kd1HHJdvK0rl3Lr0Q+V
aTO6kbrpM7w/jBk/L9Dt54Jq18z/UNAHbpA1I6voiHzO6s1f5ZHZzO4mrCqREl72
UrA4Nw7DUE0VHMMY07oYqDeEX3qAiL/ob1a8P241+QQERqQF69eFWgUIiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEHHdxkucF6FSfZplm9P/dzxVzsBMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUWNkM0dTNXdYb1ZKOW1tV2IwXzkzUEZYT3dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI1+50vcC1+u24FzihdQ
41DmxWBSoTQmlpyTt2o5poeUpQrYYMgcPAp2Bu5UKMND5p6LdPGC+RJfX0xOgwct
DcSHbN+MWlzQTHD3iakJ235YPiUIm6G+gvz5Ghjn4KNSM+RCTK7EHMMEwfrWze6k
4/YKHhdxfhqMJ6J/zysAYbGuaRFL9HB7WXdStilQC8sndhRyS3M8PLZZ65bXT3V8
gim5IsQ4W64rxAYz3xPJRVKxK+yfY6UzwwTrdKeNLGfB5mgfageRx9C0as+ioJEd
5GpRj47DQpzDMql2saaXIJXYBZEJg61rn3H+KBc/iHA/42JakpKWqsugr1Njwo15
TfY=
-----END CERTIFICATE-----
Generated at Sun Jun 30 23:23:48 2024 by rpki-client on console-fra.rpki-client.org