Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RjnhkpNDNqM5PZpbgJWFib3YY8c.roa
File: RjnhkpNDNqM5PZpbgJWFib3YY8c.roa (raw, json)
Hash identifier: Xkj7w24ggehekVyY5hqgo+5uly6Urssh42cc09qS+48=
Subject key identifier: 46:39:E1:92:93:43:36:A3:39:3D:9A:5B:80:95:85:89:BD:D8:63:C7
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190A06C0E44DBBB79CDD6E7157F869EEA81
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RjnhkpNDNqM5PZpbgJWFib3YY8c.roa
Signing time: Thu 11 Jul 2024 06:12:34 +0000
ROA not before: Thu 11 Jul 2024 06:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jul 2024 07:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a0:6c:0e:44:db:bb:79:cd:d6:e7:15:7f:86:9e:ea:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 11 06:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4639e192934336a3393d9a5b80958589bdd863c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5c:55:36:e3:7e:a2:86:b1:4e:ed:8f:fe:ba:
52:41:d1:18:79:c6:da:6a:70:d2:ff:0c:be:3b:a1:
fb:d4:07:16:fc:34:d9:f6:b1:78:1a:49:53:d1:81:
ef:1f:08:ad:dc:8e:dd:db:07:70:79:9d:70:d4:6e:
05:d7:92:de:66:00:b8:2e:d5:83:69:1f:47:cd:05:
fe:24:73:5a:7d:2a:3b:06:38:e5:4f:18:f8:2d:a4:
65:83:c2:d1:2c:35:0a:bd:8f:af:50:9c:37:0f:c0:
ad:d8:96:c4:a6:f0:cc:ce:6b:b2:0c:ae:35:7e:6e:
46:80:a1:eb:52:99:87:84:60:89:1a:10:78:b2:f8:
ba:70:ee:bc:2b:0f:b6:95:12:60:8f:f6:0d:df:9a:
d1:1f:7a:4b:9d:8d:c8:0b:05:9f:8b:03:3c:4d:ec:
55:33:2a:ac:ed:3c:93:8c:9e:f4:29:4d:12:37:8f:
2e:c1:8d:66:36:d4:2e:23:ca:31:9a:82:d7:e6:db:
59:1b:b3:fd:3c:2a:bd:63:dc:27:54:27:0c:d3:d9:
6d:c7:58:0b:66:1b:08:8a:63:4d:a6:22:f6:c3:86:
04:bb:db:cb:46:0a:4e:92:79:cc:c8:02:2f:9a:40:
c4:0c:86:ab:68:1f:82:74:a8:7a:b2:e9:8c:91:08:
90:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:39:E1:92:93:43:36:A3:39:3D:9A:5B:80:95:85:89:BD:D8:63:C7
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RjnhkpNDNqM5PZpbgJWFib3YY8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6b:ad:dd:0b:7d:ec:e9:99:06:cb:b4:1b:67:fe:4b:db:12:b9:
67:da:90:09:f0:8e:3e:d2:4a:f7:2f:e9:5f:04:fc:2e:17:d9:
77:64:56:9d:14:2d:2e:2d:2e:08:27:65:5f:93:4b:ed:92:d5:
79:07:20:9c:0a:2c:db:16:11:1c:62:a2:bc:8a:0d:31:69:cf:
7e:8c:a3:37:5f:cb:33:e8:5b:de:b8:82:1a:0e:cc:42:47:ff:
27:4a:42:ea:0c:7f:c8:b2:89:4a:5e:a0:90:eb:14:1d:3f:5c:
25:8e:b8:56:fc:49:28:30:c6:1a:3b:63:a9:76:9f:e7:69:70:
f7:3b:92:44:cb:e2:a6:7e:35:34:2a:a9:5d:b8:b2:7e:83:ac:
a6:2c:a2:85:ef:fd:fa:c3:95:43:1b:d9:46:06:a0:dc:51:4e:
b0:a9:74:68:f0:ff:85:ee:82:93:ac:00:f4:a7:d9:ad:31:15:
89:5c:e6:69:79:75:f8:aa:f3:fc:9d:d8:b9:09:93:62:92:95:
d1:a2:00:bb:46:8c:50:20:6c:f9:49:3a:50:ba:48:c1:ef:61:
75:dc:32:21:f6:fa:c3:40:9d:a3:7c:83:54:e4:9f:c9:21:2b:
74:57:f9:e1:e4:0f:35:36:2a:a4:6a:07:6d:46:89:22:b2:a3:
94:3b:1c:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCgbA5E27t5zdbnFX+GnuqBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzExMDYxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjM5ZTE5MjkzNDMzNmEzMzkzZDlhNWI4MDk1ODU4OWJkZDg2M2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1xVNuN+ooaxTu2P/rpSQdEYecba
anDS/wy+O6H71AcW/DTZ9rF4GklT0YHvHwit3I7d2wdweZ1w1G4F15LeZgC4LtWD
aR9HzQX+JHNafSo7BjjlTxj4LaRlg8LRLDUKvY+vUJw3D8Ct2JbEpvDMzmuyDK41
fm5GgKHrUpmHhGCJGhB4svi6cO68Kw+2lRJgj/YN35rRH3pLnY3ICwWfiwM8TexV
Myqs7TyTjJ70KU0SN48uwY1mNtQuI8oxmoLX5ttZG7P9PCq9Y9wnVCcM09ltx1gL
ZhsIimNNpiL2w4YEu9vLRgpOknnMyAIvmkDEDIaraB+CdKh6sumMkQiQnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEY54ZKTQzajOT2aW4CVhYm92GPHMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUmpuaGtwTkROcU01UFpwYmdKV0ZpYjNZWThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGut3Qt97OmZBsu0G2f+
S9sSuWfakAnwjj7SSvcv6V8E/C4X2XdkVp0ULS4tLggnZV+TS+2S1XkHIJwKLNsW
ERxioryKDTFpz36MozdfyzPoW964ghoOzEJH/ydKQuoMf8iyiUpeoJDrFB0/XCWO
uFb8SSgwxho7Y6l2n+dpcPc7kkTL4qZ+NTQqqV24sn6DrKYsooXv/frDlUMb2UYG
oNxRTrCpdGjw/4XugpOsAPSn2a0xFYlc5ml5dfiq8/yd2LkJk2KSldGiALtGjFAg
bPlJOlC6SMHvYXXcMiH2+sNAnaN8g1Tkn8khK3RX+eHkDzU2KqRqB21GiSKyo5Q7
HGI=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:29:53 2025 by rpki-client