Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/SgD1-KrAxX-KU-Z4RVyAdsVPUjw.roa
File: SgD1-KrAxX-KU-Z4RVyAdsVPUjw.roa (raw, json)
Hash identifier: 63Ob+I103ZB3AiZwzpw+4x9AvnV/IiX+0Mji0KfH3Gs=
Subject key identifier: 4A:00:F5:F8:AA:C0:C5:7F:8A:53:E6:78:45:5C:80:76:C5:4F:52:3C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190B6860320AD8171CB70A1ED698FC92393
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/SgD1-KrAxX-KU-Z4RVyAdsVPUjw.roa
Signing time: Mon 15 Jul 2024 13:12:34 +0000
ROA not before: Mon 15 Jul 2024 13:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 Jul 2024 14:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b6:86:03:20:ad:81:71:cb:70:a1:ed:69:8f:c9:23:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 15 13:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a00f5f8aac0c57f8a53e678455c8076c54f523c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:6d:b6:ec:0b:11:19:a7:3a:a5:b4:8e:75:bf:
cb:49:8d:26:3e:f9:da:43:5a:bd:9d:61:f2:de:e5:
79:0e:1a:c2:a6:12:71:0c:f6:c7:18:db:e2:8d:b5:
51:42:25:6e:c8:45:4b:dd:92:2a:4d:6e:70:40:a7:
ea:44:b2:a7:1f:17:00:e8:27:3c:c3:a0:2b:8c:59:
9e:e5:fd:0f:bd:67:36:48:7a:ca:6d:d9:6c:2a:4a:
82:38:04:96:68:8a:4c:29:48:ef:f6:9e:fd:9f:e4:
c7:aa:3e:a5:a3:3f:43:d1:14:e6:7a:ff:73:e4:da:
0f:d8:1c:3e:2f:7f:00:b1:cd:91:6a:be:e7:3f:02:
b5:8e:7f:25:85:09:27:e9:23:15:99:36:db:cb:50:
5c:9c:a9:2d:e9:c2:b1:1d:8c:f1:53:7e:8a:35:26:
89:e3:d7:49:2b:2c:30:d6:8a:51:83:d1:b5:c8:3f:
d4:43:dc:a8:f2:b3:26:21:70:9d:c8:4c:74:42:8f:
8a:0c:2a:83:3c:73:40:8e:5a:59:e8:cf:54:2b:e8:
8e:3f:a6:9a:63:8c:13:ac:75:6b:f5:4e:19:ae:c3:
c2:b2:f7:33:1c:44:87:46:78:3e:22:47:f1:35:24:
a2:23:f0:15:d7:0d:68:81:68:32:a3:22:52:9a:f1:
d4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:00:F5:F8:AA:C0:C5:7F:8A:53:E6:78:45:5C:80:76:C5:4F:52:3C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/SgD1-KrAxX-KU-Z4RVyAdsVPUjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
91:2e:84:0a:41:3e:52:07:94:fb:45:33:8e:2c:5d:25:d0:0f:
5b:9d:ab:5c:bc:8b:24:ac:c5:e1:b6:ae:5a:5a:c0:5d:97:cd:
2c:b9:e5:89:c4:c4:47:e2:7c:69:2c:f6:3e:37:15:b7:6a:34:
93:7f:4b:74:80:e0:da:91:d1:5a:14:c7:53:7b:79:9b:53:5b:
48:4d:58:09:d5:7d:5c:7b:4a:87:eb:7e:81:6c:14:3f:96:62:
4f:cc:ea:7c:63:d0:26:b1:e2:ee:f5:2e:dd:33:cc:98:22:28:
9a:cc:f7:f4:0a:d6:36:74:ca:ae:05:52:c6:9b:f3:40:c9:28:
87:ef:cb:c3:c3:87:d9:bf:10:73:68:04:f3:01:5f:af:5b:94:
10:40:1b:07:09:26:90:03:45:2a:00:37:5d:0d:2b:5f:69:a9:
01:d8:d3:98:6e:66:88:2e:09:05:31:b6:a8:cb:82:e3:1d:86:
5b:06:de:40:94:65:3d:4d:b7:82:96:56:44:b5:fd:74:da:7e:
3c:c8:76:60:20:a7:c9:ca:bf:8a:52:18:a9:31:bf:60:13:6e:
8e:ea:b7:a9:c4:62:5d:5f:a6:8b:a1:21:02:b4:c3:fd:15:ff:
ac:c7:45:d6:ac:14:48:c7:60:27:47:d2:d0:03:4c:05:1b:f4:
a3:6e:13:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZC2hgMgrYFxy3Ch7WmPySOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzE1MTMxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTAwZjVmOGFhYzBjNTdmOGE1M2U2Nzg0NTVjODA3NmM1NGY1MjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4G227AsRGac6pbSOdb/LSY0mPvna
Q1q9nWHy3uV5DhrCphJxDPbHGNvijbVRQiVuyEVL3ZIqTW5wQKfqRLKnHxcA6Cc8
w6ArjFme5f0PvWc2SHrKbdlsKkqCOASWaIpMKUjv9p79n+THqj6loz9D0RTmev9z
5NoP2Bw+L38Asc2Rar7nPwK1jn8lhQkn6SMVmTbby1BcnKkt6cKxHYzxU36KNSaJ
49dJKyww1opRg9G1yD/UQ9yo8rMmIXCdyEx0Qo+KDCqDPHNAjlpZ6M9UK+iOP6aa
Y4wTrHVr9U4ZrsPCsvczHESHRng+IkfxNSSiI/AV1w1ogWgyoyJSmvHUAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEoA9fiqwMV/ilPmeEVcgHbFT1I8MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvU2dEMS1LckF4WC1LVS1aNFJWeUFkc1ZQVWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJEuhApBPlIHlPtFM44s
XSXQD1udq1y8iySsxeG2rlpawF2XzSy55YnExEfifGks9j43FbdqNJN/S3SA4NqR
0VoUx1N7eZtTW0hNWAnVfVx7SofrfoFsFD+WYk/M6nxj0Cax4u71Lt0zzJgiKJrM
9/QK1jZ0yq4FUsab80DJKIfvy8PDh9m/EHNoBPMBX69blBBAGwcJJpADRSoAN10N
K19pqQHY05huZoguCQUxtqjLguMdhlsG3kCUZT1Nt4KWVkS1/XTafjzIdmAgp8nK
v4pSGKkxv2ATbo7qt6nEYl1fpouhIQK0w/0V/6zHRdasFEjHYCdH0tADTAUb9KNu
E/4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:58 2025 by rpki-client