Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TbRY7T7f_sgV709wcmUUTCtXetI.roa
File: TbRY7T7f_sgV709wcmUUTCtXetI.roa (raw, json)
Hash identifier: Ck+tEam4otVABNva3WXTKoRTO65VwN7wUZZwAU6DGB8=
Subject key identifier: 4D:B4:58:ED:3E:DF:FE:C8:15:EF:4F:70:72:65:14:4C:2B:57:7A:D2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01909656444EC2B516224E2FA284A4A645D1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TbRY7T7f_sgV709wcmUUTCtXetI.roa
Signing time: Tue 09 Jul 2024 07:12:34 +0000
ROA not before: Tue 09 Jul 2024 07:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Jul 2024 08:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:96:56:44:4e:c2:b5:16:22:4e:2f:a2:84:a4:a6:45:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 9 07:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4db458ed3edffec815ef4f707265144c2b577ad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:14:c7:62:05:f5:e5:ed:26:dd:0d:d4:b5:04:
da:c3:a3:af:10:f0:04:1b:64:36:52:e4:97:d2:5c:
2a:34:94:6b:9c:4f:16:70:d7:c6:ec:89:cf:3e:98:
a0:03:03:1a:ea:5e:48:3a:95:2b:32:ab:8a:d1:3f:
c9:80:9c:30:ce:6f:00:9e:59:0d:65:bb:e7:0f:52:
95:64:6a:6d:ed:15:22:0e:e8:6b:c8:c6:73:03:e1:
71:7c:ec:48:f9:1c:5a:6b:f2:81:46:14:a1:29:28:
03:10:58:49:24:90:c1:ad:d3:82:61:6d:dc:85:72:
be:32:66:a9:31:6a:54:1c:97:35:e9:60:97:a9:89:
87:95:3f:00:25:ce:ea:14:c3:83:d4:2e:21:21:2b:
60:d9:19:fd:07:ce:32:31:a7:4d:cb:30:88:c8:0e:
7d:8d:64:39:b5:89:de:98:07:d3:9a:a9:c3:fa:1d:
e4:9d:7d:2e:a6:9a:55:65:0e:4d:70:fe:5d:ac:77:
58:e4:bf:82:79:02:02:7f:23:44:05:b7:f0:40:60:
e1:77:60:0d:70:5d:02:69:50:f5:fe:cc:7d:d6:21:
86:21:7b:df:a1:80:9e:89:e4:bf:f4:c4:b6:4b:2a:
49:e0:91:d3:3e:14:6e:18:cb:b4:37:76:f0:72:44:
b3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B4:58:ED:3E:DF:FE:C8:15:EF:4F:70:72:65:14:4C:2B:57:7A:D2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TbRY7T7f_sgV709wcmUUTCtXetI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5d:18:6e:71:85:44:32:a0:eb:ac:3b:74:82:78:8e:b6:d2:b8:
5d:c1:86:a9:7f:a6:20:9b:0f:16:31:86:7a:96:81:8c:1f:d1:
db:4a:27:bb:5c:1b:b8:6d:f2:92:f4:72:db:9f:11:f0:f3:3a:
28:e3:29:68:1e:5e:92:d0:7c:be:3c:ff:87:ab:91:7f:61:77:
5e:52:4b:74:ca:83:b1:8c:d9:02:a3:5b:fd:46:4f:9c:c7:45:
d2:b3:e1:5d:31:6d:4d:9d:45:72:66:58:c5:e9:aa:e8:bf:73:
07:76:19:f5:2c:fe:f6:bc:16:1d:c2:9d:db:0e:a2:12:a6:40:
10:a1:73:63:c0:40:e1:7d:74:5f:0d:fd:3a:28:38:34:5f:ac:
26:b9:c5:89:0c:21:d5:50:e2:cd:42:41:95:bc:4a:ed:dc:3b:
88:fa:2c:5c:68:a2:d2:3f:d1:6d:cd:1e:4f:dd:d1:1b:5f:b5:
f5:5a:03:ee:18:70:7f:7a:2a:33:63:ef:c3:6a:02:aa:5b:ba:
c0:b3:94:fd:c4:db:73:96:f1:b6:10:88:19:e6:54:5d:a2:9a:
fc:73:d7:a9:65:78:0d:28:f4:73:16:69:14:91:bb:79:6f:45:
bf:42:30:dc:b5:d9:2f:94:06:cb:87:f1:2f:f8:97:53:ed:88:
67:ed:3e:55
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCWVkROwrUWIk4vooSkpkXRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA5MDcxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGI0NThlZDNlZGZmZWM4MTVlZjRmNzA3MjY1MTQ0YzJiNTc3YWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBTHYgX15e0m3Q3UtQTaw6OvEPAE
G2Q2UuSX0lwqNJRrnE8WcNfG7InPPpigAwMa6l5IOpUrMquK0T/JgJwwzm8AnlkN
ZbvnD1KVZGpt7RUiDuhryMZzA+FxfOxI+Rxaa/KBRhShKSgDEFhJJJDBrdOCYW3c
hXK+MmapMWpUHJc16WCXqYmHlT8AJc7qFMOD1C4hIStg2Rn9B84yMadNyzCIyA59
jWQ5tYnemAfTmqnD+h3knX0upppVZQ5NcP5drHdY5L+CeQICfyNEBbfwQGDhd2AN
cF0CaVD1/sx91iGGIXvfoYCeieS/9MS2SypJ4JHTPhRuGMu0N3bwckSz4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE20WO0+3/7IFe9PcHJlFEwrV3rSMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVGJSWTdUN2Zfc2dWNzA5d2NtVVVUQ3RYZXRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF0YbnGFRDKg66w7dIJ4
jrbSuF3Bhql/piCbDxYxhnqWgYwf0dtKJ7tcG7ht8pL0ctufEfDzOijjKWgeXpLQ
fL48/4erkX9hd15SS3TKg7GM2QKjW/1GT5zHRdKz4V0xbU2dRXJmWMXpqui/cwd2
GfUs/va8Fh3CndsOohKmQBChc2PAQOF9dF8N/TooODRfrCa5xYkMIdVQ4s1CQZW8
Su3cO4j6LFxootI/0W3NHk/d0RtftfVaA+4YcH96KjNj78NqAqpbusCzlP3E23OW
8bYQiBnmVF2imvxz16lleA0o9HMWaRSRu3lvRb9CMNy12S+UBsuH8S/4l1PtiGft
PlU=
-----END CERTIFICATE-----
Generated at Tue Jul 9 09:50:22 2024 by rpki-client on console-ams.rpki-client.org