Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/R_ocppFPpec-5EazWSQpcGboIkE.roa
File: R_ocppFPpec-5EazWSQpcGboIkE.roa (raw, json)
Hash identifier: 7MPDOdyE/G24eq7WBvQnJsEiZv2dcrs9DmANCrjtdro=
Subject key identifier: 47:FA:1C:A6:91:4F:A5:E7:3E:E4:46:B3:59:24:29:70:66:E8:22:41
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019024952D82E7F9C8B570DE4CA494A41408
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/R_ocppFPpec-5EazWSQpcGboIkE.roa
Signing time: Mon 17 Jun 2024 05:04:34 +0000
ROA not before: Mon 17 Jun 2024 05:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:2494:ccab/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 17 Jun 2024 05:10:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:24:95:2d:82:e7:f9:c8:b5:70:de:4c:a4:94:a4:14:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 17 05:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47fa1ca6914fa5e73ee446b35924297066e82241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7d:16:f1:05:f8:53:c1:1b:8a:4f:5a:5b:46:
b8:31:cd:aa:d5:9c:03:3d:4d:74:3a:64:79:e1:8f:
9e:54:c3:3f:29:90:dd:6c:9f:db:71:6c:96:f5:c0:
12:8a:d3:aa:82:d7:17:f7:2e:fc:42:38:f8:a3:01:
20:fb:a4:e6:86:a0:67:8b:69:36:70:43:12:8f:2c:
6e:19:19:ca:f6:26:4a:e3:e1:20:21:a7:3c:a0:5c:
30:41:b6:f4:d0:c7:c9:68:67:17:4d:0c:24:45:65:
d7:61:68:11:7f:0f:76:e4:a9:49:c8:1d:eb:61:43:
f4:65:bf:16:d2:d9:f5:5b:29:91:8c:a9:8a:92:fa:
d6:4b:37:f6:8e:f9:3f:40:44:6f:c4:76:f3:eb:5e:
48:ac:40:8c:96:f0:e2:28:3a:1e:f0:ae:05:32:03:
c2:b4:c1:7b:e6:e2:1d:44:4d:71:a9:86:f1:14:15:
74:2c:34:89:ab:5a:06:46:2f:53:4a:13:4d:59:0a:
7e:09:f8:34:e9:59:7b:90:86:88:33:b9:1e:2d:61:
27:d0:29:fd:e4:4f:ca:6c:e6:0d:13:b9:44:bb:a2:
a2:51:3a:f9:ba:74:9e:93:b7:35:69:61:ef:d4:d6:
1a:13:2b:16:8e:64:21:11:20:52:40:ec:e5:27:85:
c4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:FA:1C:A6:91:4F:A5:E7:3E:E4:46:B3:59:24:29:70:66:E8:22:41
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/R_ocppFPpec-5EazWSQpcGboIkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4c:c4:d4:9a:aa:93:f5:c6:18:76:6c:dc:5a:7b:f9:37:e8:7d:
8a:9d:e9:7e:f3:db:3d:ad:ad:94:d6:0f:60:76:78:75:28:0f:
6f:72:70:a2:55:aa:c2:3b:d6:da:5e:f6:e6:91:94:79:34:bc:
98:5e:8c:63:92:ac:05:59:d3:8c:fb:27:95:9f:c7:e1:88:28:
1d:1f:92:5f:a3:d0:4f:d3:36:b1:45:7b:e1:68:e8:82:ef:ed:
03:06:3d:59:93:10:28:29:e1:89:e1:3e:9e:63:43:f8:6c:d1:
36:37:0e:44:b0:38:bd:93:33:28:67:c1:ac:20:da:db:84:0d:
8c:a1:e3:b5:c4:2f:bc:0b:21:15:17:84:49:f5:98:68:5e:b6:
45:b5:36:22:1a:66:68:c6:ea:db:93:89:1f:0a:1a:08:cd:31:
74:45:4d:a2:5a:b3:4d:61:60:94:f9:01:6f:88:e0:4f:88:1f:
c8:30:b0:8c:4c:d2:83:08:5c:af:a5:5e:11:7d:44:4d:b4:96:
24:77:2d:52:97:3a:f5:66:1c:7f:5c:7c:5f:f5:84:cf:9b:90:
e3:d2:a0:24:16:e4:1d:76:6b:e7:d7:8c:49:48:ce:d5:0f:82:
27:63:13:92:99:66:55:3a:37:fd:86:aa:0c:63:ce:72:e3:20:
ae:30:9a:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAklS2C5/nItXDeTKSUpBQIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE3MDUwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2ZhMWNhNjkxNGZhNWU3M2VlNDQ2YjM1OTI0Mjk3MDY2ZTgyMjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk30W8QX4U8Ebik9aW0a4Mc2q1ZwD
PU10OmR54Y+eVMM/KZDdbJ/bcWyW9cASitOqgtcX9y78Qjj4owEg+6TmhqBni2k2
cEMSjyxuGRnK9iZK4+EgIac8oFwwQbb00MfJaGcXTQwkRWXXYWgRfw925KlJyB3r
YUP0Zb8W0tn1WymRjKmKkvrWSzf2jvk/QERvxHbz615IrECMlvDiKDoe8K4FMgPC
tMF75uIdRE1xqYbxFBV0LDSJq1oGRi9TShNNWQp+Cfg06Vl7kIaIM7keLWEn0Cn9
5E/KbOYNE7lEu6KiUTr5unSek7c1aWHv1NYaEysWjmQhESBSQOzlJ4XEewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEf6HKaRT6XnPuRGs1kkKXBm6CJBMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUl9vY3BwRlBwZWMtNUVheldTUXBjR2JvSWtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEzE1Jqqk/XGGHZs3Fp7
+TfofYqd6X7z2z2trZTWD2B2eHUoD29ycKJVqsI71tpe9uaRlHk0vJhejGOSrAVZ
04z7J5Wfx+GIKB0fkl+j0E/TNrFFe+Fo6ILv7QMGPVmTECgp4YnhPp5jQ/hs0TY3
DkSwOL2TMyhnwawg2tuEDYyh47XEL7wLIRUXhEn1mGhetkW1NiIaZmjG6tuTiR8K
GgjNMXRFTaJas01hYJT5AW+I4E+IH8gwsIxM0oMIXK+lXhF9RE20liR3LVKXOvVm
HH9cfF/1hM+bkOPSoCQW5B12a+fXjElIztUPgidjE5KZZlU6N/2GqgxjznLjIK4w
mic=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:48 2025 by rpki-client