Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/T4IfDJBxYaqi4ebc4FP6qguYg6M.roa
File: T4IfDJBxYaqi4ebc4FP6qguYg6M.roa (raw, json)
Hash identifier: ZbvqejxgUV/6RVIec2cjo18PT9dNt04i+TnfqFg0RPI=
Subject key identifier: 4F:82:1F:0C:90:71:61:AA:A2:E1:E6:DC:E0:53:FA:AA:0B:98:83:A3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01906566DD435EF227AAF75DAE793E2917C6
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/T4IfDJBxYaqi4ebc4FP6qguYg6M.roa
Signing time: Sat 29 Jun 2024 19:09:18 +0000
ROA not before: Sat 29 Jun 2024 19:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 29 Jun 2024 20:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:65:66:dd:43:5e:f2:27:aa:f7:5d:ae:79:3e:29:17:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 29 19:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f821f0c907161aaa2e1e6dce053faaa0b9883a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:13:0d:de:6f:e0:62:e4:3e:42:24:5c:fe:f6:
89:4d:22:ec:cd:40:1c:0d:12:8d:2b:2c:0f:c4:ae:
07:94:5b:a3:63:28:cb:e2:4e:a3:ce:5e:11:c7:54:
90:03:2d:b4:61:10:79:86:71:06:6f:11:9d:9b:59:
c1:fd:74:d0:ed:7b:8c:aa:41:61:c6:a2:7e:5c:b8:
32:21:79:77:f9:d3:91:83:b2:f9:18:f1:22:16:8c:
4c:5a:77:f9:4f:e3:1b:3b:ed:0b:08:a1:c6:2d:e9:
e7:d1:34:e2:eb:a2:77:d5:f5:39:b2:2f:a1:c7:65:
a7:1d:1e:f8:10:77:fb:e1:e3:8a:f7:e7:8e:de:e8:
10:e7:1a:98:a7:ce:df:8b:5b:9c:8e:1a:5b:8d:aa:
81:fd:4f:d2:46:c0:2f:7b:aa:9a:c3:80:21:1f:4e:
62:98:b0:7d:e2:9a:a6:0d:dc:c8:fd:46:f4:c0:7d:
7d:d8:ea:32:d8:c9:ef:d7:99:5a:82:c6:53:4d:9a:
7f:05:41:95:76:d8:3e:83:7c:91:f1:42:4a:ab:57:
bd:eb:07:3d:48:54:c4:68:de:d3:7f:22:3a:09:e1:
02:b8:41:1c:cc:ec:ff:fd:0b:76:e0:b5:15:79:d6:
91:17:77:58:52:87:1a:33:77:5a:34:dd:68:a7:de:
de:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:82:1F:0C:90:71:61:AA:A2:E1:E6:DC:E0:53:FA:AA:0B:98:83:A3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/T4IfDJBxYaqi4ebc4FP6qguYg6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5d:fb:66:94:d3:71:11:0b:ec:49:68:53:7a:a6:05:0c:8a:a6:
f6:6e:20:5a:03:2f:b4:c6:2f:26:f3:e2:97:a3:37:af:3f:a5:
8f:f7:09:cf:bb:74:5c:fb:83:cf:f0:a5:b5:ea:f5:a8:40:f8:
41:a4:86:00:61:ea:dc:99:df:9f:1c:33:79:02:3b:e7:17:80:
0b:d9:2a:28:9b:bd:45:68:f5:74:9c:97:1c:a0:3c:1a:a6:95:
f6:e9:da:32:80:a1:7f:bf:cf:23:b9:a9:4c:dc:07:f5:96:78:
28:bc:fd:5c:3c:b9:7a:97:2a:24:f1:eb:32:38:3a:3a:47:c9:
28:98:ef:f1:98:ec:ca:20:5a:d3:25:b8:25:b7:fa:85:d5:53:
dc:6c:85:49:51:5b:40:c8:b1:07:bc:2e:1b:29:8a:78:b2:c8:
99:77:57:a6:b1:44:ab:34:9a:8a:94:d4:5b:6c:1b:c3:3a:46:
1d:39:c4:67:f3:0a:4c:1d:cc:26:db:af:ec:97:37:82:d6:84:
7d:b2:8e:d5:0e:9e:85:96:f3:73:2a:a8:40:f6:92:a1:fd:40:
f6:0f:35:c6:6d:32:9b:1c:8b:ef:bd:b7:bd:3b:c7:a1:13:b4:
73:3d:89:9d:2b:3f:58:8e:52:21:09:16:13:2c:b9:e2:d9:de:
e5:c0:be:7e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBlZt1DXvInqvddrnk+KRfGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjI5MTkwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjgyMWYwYzkwNzE2MWFhYTJlMWU2ZGNlMDUzZmFhYTBiOTg4M2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBMN3m/gYuQ+QiRc/vaJTSLszUAc
DRKNKywPxK4HlFujYyjL4k6jzl4Rx1SQAy20YRB5hnEGbxGdm1nB/XTQ7XuMqkFh
xqJ+XLgyIXl3+dORg7L5GPEiFoxMWnf5T+MbO+0LCKHGLenn0TTi66J31fU5si+h
x2WnHR74EHf74eOK9+eO3ugQ5xqYp87fi1ucjhpbjaqB/U/SRsAve6qaw4AhH05i
mLB94pqmDdzI/Ub0wH192Ooy2Mnv15lagsZTTZp/BUGVdtg+g3yR8UJKq1e96wc9
SFTEaN7TfyI6CeECuEEczOz//Qt24LUVedaRF3dYUocaM3daNN1op97eLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE+CHwyQcWGqouHm3OBT+qoLmIOjMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVDRJZkRKQnhZYXFpNGViYzRGUDZxZ3VZZzZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF37ZpTTcREL7EloU3qm
BQyKpvZuIFoDL7TGLybz4pejN68/pY/3Cc+7dFz7g8/wpbXq9ahA+EGkhgBh6tyZ
358cM3kCO+cXgAvZKiibvUVo9XSclxygPBqmlfbp2jKAoX+/zyO5qUzcB/WWeCi8
/Vw8uXqXKiTx6zI4OjpHySiY7/GY7MogWtMluCW3+oXVU9xshUlRW0DIsQe8Lhsp
iniyyJl3V6axRKs0moqU1FtsG8M6Rh05xGfzCkwdzCbbr+yXN4LWhH2yjtUOnoWW
83MqqED2kqH9QPYPNcZtMpsci++9t707x6ETtHM9iZ0rP1iOUiEJFhMsueLZ3uXA
vn4=
-----END CERTIFICATE-----
Generated at Sat Jun 29 22:21:45 2024 by rpki-client on console-fra.rpki-client.org