Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TLwngjr3g9IlFkurD24Gf2PoZrM.roa
File: TLwngjr3g9IlFkurD24Gf2PoZrM.roa (raw, json)
Hash identifier: 5c3K0KFdxWTrKCapVD9ewqfqN058DvQrKY/iqLck1Z8=
Subject key identifier: 4C:BC:27:82:3A:F7:83:D2:25:16:4B:AB:0F:6E:06:7F:63:E8:66:B3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190ACDE170830AA7B04B8C8AD6AE82ACB61
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TLwngjr3g9IlFkurD24Gf2PoZrM.roa
Signing time: Sat 13 Jul 2024 16:12:34 +0000
ROA not before: Sat 13 Jul 2024 16:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 13 Jul 2024 17:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ac:de:17:08:30:aa:7b:04:b8:c8:ad:6a:e8:2a:cb:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 13 16:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cbc27823af783d225164bab0f6e067f63e866b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5c:ca:5b:e2:58:8c:6a:16:a8:93:f0:ec:a3:
61:eb:d7:73:f7:26:8e:97:98:b0:46:b2:19:75:dd:
61:23:43:24:5b:73:d7:46:16:76:01:b6:15:ab:f0:
7f:47:cf:57:9d:32:d1:c8:78:68:17:44:b7:3a:f2:
f3:4b:b7:88:44:e7:c6:9f:13:e7:02:a7:9a:af:60:
ed:02:91:d6:ce:10:39:32:ed:5d:50:b5:c1:a3:bb:
65:f1:58:73:1a:57:4b:90:62:bb:6f:c1:4f:bb:6c:
da:69:ab:88:17:22:d6:e4:82:6f:23:ae:99:68:dc:
9b:aa:1b:c2:d8:1c:fc:3e:f0:15:8f:f3:9f:3f:c9:
36:9d:05:f0:96:61:25:c6:86:d9:e7:76:a6:a3:24:
45:da:96:c9:3f:5b:28:a1:88:c4:8e:98:55:e6:49:
69:8b:87:66:1f:14:c0:c1:d7:1a:36:fe:33:c3:59:
f6:a1:70:cf:79:8e:a2:80:2b:cf:7c:bc:ed:01:5c:
b5:36:38:78:8a:34:af:7a:73:dc:06:ae:7b:dd:d0:
4b:6b:21:77:3d:a7:09:05:0b:2b:13:67:5c:84:89:
11:a9:75:53:b7:3c:9c:91:80:67:8e:9f:ea:9d:76:
cf:b8:2d:27:8b:c8:d4:ad:52:96:2b:84:bb:94:6f:
78:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:BC:27:82:3A:F7:83:D2:25:16:4B:AB:0F:6E:06:7F:63:E8:66:B3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TLwngjr3g9IlFkurD24Gf2PoZrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:53:4d:da:92:5b:eb:2f:49:fe:4e:1c:f0:d5:87:cc:ee:bf:
df:60:15:2a:c5:05:16:ca:92:88:8f:71:57:a5:66:17:51:f8:
cc:80:26:e5:38:fb:0c:2f:af:21:3e:7a:c3:7a:e0:13:49:2d:
bd:9b:77:99:80:e0:5e:e3:b0:ab:40:a4:71:0d:4d:66:c5:6e:
33:5f:40:7a:78:3d:70:e5:b0:88:b6:46:a4:ac:7d:16:12:44:
5c:b4:a4:26:ff:0b:44:ec:7b:1a:a5:e9:f5:07:50:84:d7:57:
3a:6f:76:72:a0:f9:dd:1a:11:c5:a8:cb:88:fa:ba:31:14:b6:
3d:e2:66:19:b2:a0:cc:9d:04:fc:9f:cc:77:44:ad:00:47:7a:
86:08:ee:6e:5f:68:bb:6e:83:f4:97:67:74:64:2a:ef:0e:25:
a8:4a:aa:b0:61:67:9c:e9:05:04:55:6e:d0:b0:53:3a:fd:56:
84:69:ee:6c:89:35:cb:e2:60:da:84:d2:79:b2:c4:72:fb:7a:
6a:f3:6f:92:84:06:d6:9b:b4:00:ef:2a:b9:8f:f5:90:28:dc:
d6:64:aa:f7:ef:96:b6:8f:41:e9:93:e5:2a:35:3f:74:d1:62:
7e:48:52:db:bf:90:c8:f0:81:bc:32:54:99:dd:40:8c:09:09:
d5:83:94:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCs3hcIMKp7BLjIrWroKsthMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEzMTYxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2JjMjc4MjNhZjc4M2QyMjUxNjRiYWIwZjZlMDY3ZjYzZTg2NmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1zKW+JYjGoWqJPw7KNh69dz9yaO
l5iwRrIZdd1hI0MkW3PXRhZ2AbYVq/B/R89XnTLRyHhoF0S3OvLzS7eIROfGnxPn
Aqear2DtApHWzhA5Mu1dULXBo7tl8VhzGldLkGK7b8FPu2zaaauIFyLW5IJvI66Z
aNybqhvC2Bz8PvAVj/OfP8k2nQXwlmElxobZ53amoyRF2pbJP1sooYjEjphV5klp
i4dmHxTAwdcaNv4zw1n2oXDPeY6igCvPfLztAVy1Njh4ijSvenPcBq573dBLayF3
PacJBQsrE2dchIkRqXVTtzyckYBnjp/qnXbPuC0ni8jUrVKWK4S7lG94XQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEy8J4I694PSJRZLqw9uBn9j6GazMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVEx3bmdqcjNnOUlsRmt1ckQyNEdmMlBvWnJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJlTTdqSW+svSf5OHPDV
h8zuv99gFSrFBRbKkoiPcVelZhdR+MyAJuU4+wwvryE+esN64BNJLb2bd5mA4F7j
sKtApHENTWbFbjNfQHp4PXDlsIi2RqSsfRYSRFy0pCb/C0Tsexql6fUHUITXVzpv
dnKg+d0aEcWoy4j6ujEUtj3iZhmyoMydBPyfzHdErQBHeoYI7m5faLtug/SXZ3Rk
Ku8OJahKqrBhZ5zpBQRVbtCwUzr9VoRp7myJNcviYNqE0nmyxHL7emrzb5KEBtab
tADvKrmP9ZAo3NZkqvfvlraPQemT5So1P3TRYn5IUtu/kMjwgbwyVJndQIwJCdWD
lJc=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:51 2025 by rpki-client