Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QzBFzhanK9BlWbe0W4DBoa0uAxk.roa
File: QzBFzhanK9BlWbe0W4DBoa0uAxk.roa (raw, json)
Hash identifier: 4h4VhYPcT/ihEk9VfAFsk8TTDyyM1O+k+Iz/6+gNkgA=
Subject key identifier: 43:30:45:CE:16:A7:2B:D0:65:59:B7:B4:5B:80:C1:A1:AD:2E:03:19
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01902B09B421E59A1AF56D967E819E2CFBF4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QzBFzhanK9BlWbe0W4DBoa0uAxk.roa
Signing time: Tue 18 Jun 2024 11:09:34 +0000
ROA not before: Tue 18 Jun 2024 11:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 18 Jun 2024 12:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2b:09:b4:21:e5:9a:1a:f5:6d:96:7e:81:9e:2c:fb:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 18 11:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=433045ce16a72bd06559b7b45b80c1a1ad2e0319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:76:20:b5:64:60:0a:a1:8f:c2:25:4b:a8:59:
11:3e:04:44:3d:36:cc:94:d3:82:e4:67:3c:18:01:
ce:01:c6:53:ab:a0:cc:9e:61:d6:84:7b:e5:83:f2:
25:18:da:7f:6e:4c:9c:b8:c3:46:9d:db:bb:77:9f:
cf:4a:d5:88:7e:e9:77:67:bf:5a:44:2b:cc:9f:bf:
69:0d:00:a3:10:e0:e0:25:8f:9f:c7:61:b1:ee:51:
1a:97:b8:3d:58:63:4f:0e:85:f0:85:a8:2f:cc:0e:
b8:4b:94:db:b3:fc:91:c0:60:7d:44:bc:b6:cd:1a:
bb:18:e0:eb:cd:62:4d:23:98:f2:d0:af:e0:0d:9e:
fb:3a:1f:87:43:7c:e1:0b:75:e9:3c:1f:d8:98:88:
4c:4c:2e:91:f5:ba:d2:0f:b6:92:e3:b8:45:7a:4c:
31:2e:61:35:41:36:fb:81:82:fc:e1:00:a3:7e:69:
3d:f0:5d:a6:6b:37:86:5c:25:3b:13:66:44:47:8d:
1a:a0:22:c1:da:3b:1e:7f:57:d2:73:cb:e8:d7:2c:
57:c2:f8:e8:47:1c:08:76:bd:db:a4:ca:7e:47:7a:
fd:0e:40:3f:a9:9c:6a:ad:6c:ac:37:19:c7:55:22:
a6:20:a7:86:91:f5:96:2a:81:52:40:5c:8b:5c:1d:
fa:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:30:45:CE:16:A7:2B:D0:65:59:B7:B4:5B:80:C1:A1:AD:2E:03:19
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QzBFzhanK9BlWbe0W4DBoa0uAxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:93:f6:1e:91:e3:5d:17:6d:a5:a8:24:68:cc:40:cd:0f:bd:
f1:77:6c:67:ce:df:6d:42:70:84:3c:1a:dd:be:98:2f:4f:42:
34:b1:61:af:d6:8c:04:54:be:dc:76:db:cb:5d:42:95:bc:c0:
b5:c8:d1:d8:81:11:00:91:2d:3b:a5:2d:47:77:3d:84:e7:de:
cb:4a:b5:a3:43:0b:c1:ce:b9:30:1b:2a:bb:98:b9:71:3d:2b:
07:44:16:45:63:8c:10:10:49:1d:7a:e7:b9:fe:7f:4a:8d:32:
25:ae:da:32:42:4c:99:8b:b1:eb:c6:0d:02:13:2e:ed:92:6b:
d4:c3:b4:0d:75:fb:d5:0b:b9:ef:44:95:61:ba:4c:cc:fb:df:
72:fd:45:f8:8c:48:e9:3f:a3:ae:41:d1:94:3e:dc:d1:ae:68:
13:c9:5c:e4:97:71:c2:e7:7b:fc:cd:e4:36:b3:d4:6f:95:2d:
49:ff:41:7c:b2:34:99:50:2a:d1:83:fe:8f:8c:a0:42:2e:3f:
96:ac:7f:03:8b:80:4e:b2:ca:1f:9f:1f:3c:83:a9:db:fb:b3:
7a:46:d5:a3:3e:b6:09:53:cf:fd:bb:66:7a:1e:fc:69:cf:5a:
9a:84:ab:c0:41:f5:ec:1b:39:1d:23:d2:95:bc:44:b3:35:ef:
f1:46:7e:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZArCbQh5Zoa9W2WfoGeLPv0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE4MTEwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzMwNDVjZTE2YTcyYmQwNjU1OWI3YjQ1YjgwYzFhMWFkMmUwMzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3YgtWRgCqGPwiVLqFkRPgREPTbM
lNOC5Gc8GAHOAcZTq6DMnmHWhHvlg/IlGNp/bkycuMNGndu7d5/PStWIful3Z79a
RCvMn79pDQCjEODgJY+fx2Gx7lEal7g9WGNPDoXwhagvzA64S5Tbs/yRwGB9RLy2
zRq7GODrzWJNI5jy0K/gDZ77Oh+HQ3zhC3XpPB/YmIhMTC6R9brSD7aS47hFekwx
LmE1QTb7gYL84QCjfmk98F2mazeGXCU7E2ZER40aoCLB2jsef1fSc8vo1yxXwvjo
RxwIdr3bpMp+R3r9DkA/qZxqrWysNxnHVSKmIKeGkfWWKoFSQFyLXB36GQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEMwRc4WpyvQZVm3tFuAwaGtLgMZMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUXpCRnpoYW5LOUJsV2JlMFc0REJvYTB1QXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACyT9h6R410XbaWoJGjM
QM0PvfF3bGfO321CcIQ8Gt2+mC9PQjSxYa/WjARUvtx228tdQpW8wLXI0diBEQCR
LTulLUd3PYTn3stKtaNDC8HOuTAbKruYuXE9KwdEFkVjjBAQSR1657n+f0qNMiWu
2jJCTJmLsevGDQITLu2Sa9TDtA11+9ULue9ElWG6TMz733L9RfiMSOk/o65B0ZQ+
3NGuaBPJXOSXccLne/zN5Daz1G+VLUn/QXyyNJlQKtGD/o+MoEIuP5asfwOLgE6y
yh+fHzyDqdv7s3pG1aM+tglTz/27Znoe/GnPWpqEq8BB9ewbOR0j0pW8RLM17/FG
fso=
-----END CERTIFICATE-----
Generated at Tue Jun 18 15:33:22 2024 by rpki-client on console-fra.rpki-client.org