Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/S-JTasU3ddkxPVBbXC8y5bGtCes.roa
File: S-JTasU3ddkxPVBbXC8y5bGtCes.roa (raw, json)
Hash identifier: o7HXbxgXzi7n2Vdj+u4/Nrd2VdaEtdDtOm52y4g0P7I=
Subject key identifier: 4B:E2:53:6A:C5:37:75:D9:31:3D:50:5B:5C:2F:32:E5:B1:AD:09:EB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190708F500419F4CD0453704E0FBADFEDD3
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/S-JTasU3ddkxPVBbXC8y5bGtCes.roa
Signing time: Mon 01 Jul 2024 23:09:18 +0000
ROA not before: Mon 01 Jul 2024 23:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jul 2024 00:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:70:8f:50:04:19:f4:cd:04:53:70:4e:0f:ba:df:ed:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 1 23:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4be2536ac53775d9313d505b5c2f32e5b1ad09eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:02:6f:f8:c4:62:13:d0:2a:81:eb:c4:1c:9c:
d3:1a:18:9a:72:1d:03:76:eb:de:db:3f:b5:6b:8d:
60:00:14:63:98:a7:92:9e:6a:82:c1:9d:6a:6e:c1:
20:13:88:08:70:41:dc:e2:29:f4:64:ed:7e:4c:85:
f2:b8:26:f2:f5:ce:af:0a:ba:08:ad:5a:7f:e6:f4:
ae:ff:0f:dc:bb:bb:b0:b1:78:f8:91:46:df:d3:75:
58:0c:4d:54:df:20:0e:01:c0:56:08:59:dc:6e:c7:
75:eb:c3:8b:d9:03:8e:ba:03:71:f0:db:fa:39:37:
17:43:5e:ee:66:9d:82:7e:a6:30:04:92:6d:58:ab:
ca:dc:6b:80:42:05:be:a1:37:10:30:97:4c:53:c4:
d6:c4:f1:0f:f9:9e:30:bd:0a:86:69:30:e4:f5:72:
28:52:dd:a5:77:44:26:97:4d:9a:f0:75:28:87:d6:
08:01:8d:b1:e1:dd:a7:98:42:3b:7a:22:db:8e:b7:
09:46:64:bd:5c:eb:db:1e:b2:97:f4:d0:e0:23:b5:
f4:d9:c0:34:06:7b:37:21:83:ad:9c:2d:57:34:bc:
45:b0:c0:a0:29:0b:c9:2f:64:bb:6e:3e:1b:8c:e8:
e5:88:52:36:77:ab:ac:17:1e:34:54:11:0b:57:9d:
b1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E2:53:6A:C5:37:75:D9:31:3D:50:5B:5C:2F:32:E5:B1:AD:09:EB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/S-JTasU3ddkxPVBbXC8y5bGtCes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2b:a0:39:07:da:ae:f2:88:c4:30:19:9a:5b:ab:fc:d0:b4:17:
1b:76:6d:d8:41:33:4f:cb:70:24:4e:ec:b8:59:de:ee:54:47:
71:60:fa:5c:1a:85:cb:72:1c:93:f9:bb:33:14:9c:21:e0:47:
e4:4a:e2:13:9c:01:a1:17:c5:35:5a:d6:f5:6e:94:59:48:2d:
1e:f8:d7:ea:54:3d:7a:27:3f:a1:56:d9:a0:48:5d:60:23:bd:
76:7c:bf:d2:63:ab:50:5b:ff:f7:22:a8:42:e9:24:49:c0:1b:
ff:37:12:32:2c:6d:de:c3:d4:52:67:a9:5b:0d:52:6c:94:ff:
cd:34:17:f9:49:10:73:b9:fc:56:05:60:67:e1:f4:37:3f:56:
0f:11:99:15:84:30:03:d2:c8:12:69:fc:aa:24:61:be:a3:12:
b8:9a:bb:16:11:f5:bc:32:9b:ff:ee:29:0e:fc:1e:79:80:d6:
34:c7:cd:11:7d:ab:64:93:d8:fe:07:08:ee:8a:19:23:40:e4:
d6:0c:15:1e:73:21:a8:76:87:1f:94:43:ce:16:7f:18:5b:0a:
d2:5d:ad:cf:09:8d:f5:27:cf:ad:14:e4:05:13:0a:b8:73:c2:
8a:64:a6:23:a3:e9:67:22:f0:98:c8:49:17:65:6d:9b:09:91:
7c:51:4a:f7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBwj1AEGfTNBFNwTg+63+3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAxMjMwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmUyNTM2YWM1Mzc3NWQ5MzEzZDUwNWI1YzJmMzJlNWIxYWQwOWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAJv+MRiE9AqgevEHJzTGhiach0D
duve2z+1a41gABRjmKeSnmqCwZ1qbsEgE4gIcEHc4in0ZO1+TIXyuCby9c6vCroI
rVp/5vSu/w/cu7uwsXj4kUbf03VYDE1U3yAOAcBWCFncbsd168OL2QOOugNx8Nv6
OTcXQ17uZp2CfqYwBJJtWKvK3GuAQgW+oTcQMJdMU8TWxPEP+Z4wvQqGaTDk9XIo
Ut2ld0Qml02a8HUoh9YIAY2x4d2nmEI7eiLbjrcJRmS9XOvbHrKX9NDgI7X02cA0
Bns3IYOtnC1XNLxFsMCgKQvJL2S7bj4bjOjliFI2d6usFx40VBELV52xLwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEviU2rFN3XZMT1QW1wvMuWxrQnrMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUy1KVGFzVTNkZGt4UFZCYlhDOHk1Ykd0Q2VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACugOQfarvKIxDAZmlur
/NC0Fxt2bdhBM0/LcCRO7LhZ3u5UR3Fg+lwahctyHJP5uzMUnCHgR+RK4hOcAaEX
xTVa1vVulFlILR741+pUPXonP6FW2aBIXWAjvXZ8v9Jjq1Bb//ciqELpJEnAG/83
EjIsbd7D1FJnqVsNUmyU/800F/lJEHO5/FYFYGfh9Dc/Vg8RmRWEMAPSyBJp/Kok
Yb6jEriauxYR9bwym//uKQ78HnmA1jTHzRF9q2ST2P4HCO6KGSNA5NYMFR5zIah2
hx+UQ84WfxhbCtJdrc8JjfUnz60U5AUTCrhzwopkpiOj6Wci8JjISRdlbZsJkXxR
Svc=
Generated at Tue Jul 2 01:25:53 2024 by rpki-client on console-fra.rpki-client.org