Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/S-Ke6ITHbox3HY5zb6GSbtMWcy0.roa
File: S-Ke6ITHbox3HY5zb6GSbtMWcy0.roa (raw, json)
Hash identifier: cjLt7lbHhXtD2CNQEt5w91wAB/DbCBByPivCNmLIeXc=
Subject key identifier: 4B:E2:9E:E8:84:C7:6E:8C:77:1D:8E:73:6F:A1:92:6E:D3:16:73:2D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190871721F83D05473C3C717CEC86D3E4AB
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/S-Ke6ITHbox3HY5zb6GSbtMWcy0.roa
Signing time: Sat 06 Jul 2024 08:09:18 +0000
ROA not before: Sat 06 Jul 2024 08:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 06 Jul 2024 09:04:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:87:17:21:f8:3d:05:47:3c:3c:71:7c:ec:86:d3:e4:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 6 08:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4be29ee884c76e8c771d8e736fa1926ed316732d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:71:65:16:56:a5:33:7c:eb:6c:3f:7b:53:4d:
03:d7:4b:bd:6f:bc:40:91:d4:b2:1b:5c:49:26:b1:
7f:25:30:e0:cd:3b:5e:fe:61:22:c8:99:9d:75:0c:
c9:cb:17:27:ed:fc:96:38:7c:c1:b5:89:f6:32:c6:
eb:cf:aa:f8:ac:e6:33:ba:e0:3f:31:06:50:ce:6d:
9f:9f:78:b0:2d:97:d5:8b:33:c0:44:1f:24:74:fa:
be:69:32:71:12:a5:96:68:1a:44:74:b7:2d:c4:af:
03:7c:94:ae:9f:44:77:fe:61:79:96:71:43:df:7d:
15:4d:63:36:44:28:09:91:22:1c:9a:2c:4b:1d:d8:
00:91:ce:7d:d7:e1:a5:8c:13:41:a2:8c:04:b4:70:
07:27:2a:83:15:fa:c6:14:37:4f:44:8f:d4:7d:cc:
14:6c:fc:7f:51:e6:f7:92:75:f9:41:07:d1:ac:23:
de:ca:7a:14:ef:09:38:ea:1f:2c:89:5c:31:d8:40:
99:6b:08:4e:d4:a8:53:db:39:0a:ff:10:51:37:d8:
7c:29:c9:b8:fa:c6:b6:bb:89:6e:63:73:a0:75:7c:
be:cc:49:6e:25:f5:ff:32:9e:45:9e:a9:27:96:e5:
de:30:23:65:07:52:9c:ff:8d:40:8f:aa:b5:48:77:
dc:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E2:9E:E8:84:C7:6E:8C:77:1D:8E:73:6F:A1:92:6E:D3:16:73:2D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/S-Ke6ITHbox3HY5zb6GSbtMWcy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:65:58:6e:50:50:79:41:30:b5:6b:30:78:66:d6:ef:bf:46:
4a:d3:a2:a0:b9:bd:67:a7:e3:b5:28:5b:c0:87:f0:46:f4:7b:
fe:ca:e4:c0:20:3d:3e:be:85:47:13:b9:1f:81:7d:6d:05:1a:
3f:bc:ef:fb:c8:fe:4e:21:8e:04:c7:ca:c4:89:bf:01:cf:0a:
6c:2a:30:8b:33:05:3c:4d:5f:f0:f8:fc:f9:0d:42:b3:80:00:
4d:61:90:06:eb:65:cf:cf:fb:94:14:e4:5d:fd:1d:fb:38:5b:
99:8f:f3:30:e1:f1:21:40:bf:1b:17:3a:d8:cc:f3:c7:ce:7f:
e2:ae:60:d3:a1:cb:9e:07:77:f8:1c:47:f2:09:26:87:2d:fb:
73:f9:b4:49:70:45:d6:f5:28:57:8f:56:c8:95:c4:a3:4c:33:
3b:91:bc:5f:7b:4f:59:3d:8e:be:bf:1a:a9:97:cb:7e:1d:28:
74:36:17:a0:1a:95:64:c3:07:75:8e:4e:a1:85:21:1d:7d:d5:
c5:28:c7:d1:49:69:88:3c:12:e5:77:66:74:7c:35:8e:91:00:
bc:0e:b9:07:33:9c:08:e1:90:58:ac:ab:d1:1c:54:9e:d8:ad:
57:e8:35:e0:ed:10:52:a1:7b:bc:37:ff:4b:1e:5a:cf:ad:73:
96:7e:95:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCHFyH4PQVHPDxxfOyG0+SrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA2MDgwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmUyOWVlODg0Yzc2ZThjNzcxZDhlNzM2ZmExOTI2ZWQzMTY3MzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA53FlFlalM3zrbD97U00D10u9b7xA
kdSyG1xJJrF/JTDgzTte/mEiyJmddQzJyxcn7fyWOHzBtYn2Msbrz6r4rOYzuuA/
MQZQzm2fn3iwLZfVizPARB8kdPq+aTJxEqWWaBpEdLctxK8DfJSun0R3/mF5lnFD
330VTWM2RCgJkSIcmixLHdgAkc591+GljBNBoowEtHAHJyqDFfrGFDdPRI/UfcwU
bPx/Ueb3knX5QQfRrCPeynoU7wk46h8siVwx2ECZawhO1KhT2zkK/xBRN9h8Kcm4
+sa2u4luY3OgdXy+zEluJfX/Mp5FnqknluXeMCNlB1Kc/41Aj6q1SHfcKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEvinuiEx26Mdx2Oc2+hkm7TFnMtMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUy1LZTZJVEhib3gzSFk1emI2R1NidE1XY3kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAENlWG5QUHlBMLVrMHhm
1u+/RkrToqC5vWen47UoW8CH8Eb0e/7K5MAgPT6+hUcTuR+BfW0FGj+87/vI/k4h
jgTHysSJvwHPCmwqMIszBTxNX/D4/PkNQrOAAE1hkAbrZc/P+5QU5F39Hfs4W5mP
8zDh8SFAvxsXOtjM88fOf+KuYNOhy54Hd/gcR/IJJoct+3P5tElwRdb1KFePVsiV
xKNMMzuRvF97T1k9jr6/GqmXy34dKHQ2F6AalWTDB3WOTqGFIR191cUox9FJaYg8
EuV3ZnR8NY6RALwOuQcznAjhkFisq9EcVJ7YrVfoNeDtEFKhe7w3/0seWs+tc5Z+
lcA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:49 2025 by rpki-client