Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/U_yX1S-SXCLo3honmsaGqNDFFj0.roa
File: U_yX1S-SXCLo3honmsaGqNDFFj0.roa (raw, json)
Hash identifier: cJXEIrL6dhpeuFtzUBoBfeL1joRR/KKEBUVvaf3lE80=
Subject key identifier: 53:FC:97:D5:2F:92:5C:22:E8:DE:1A:27:9A:C6:86:A8:D0:C5:16:3D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01904681DDCBDB145F3838B6E51D6585730F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/U_yX1S-SXCLo3honmsaGqNDFFj0.roa
Signing time: Sun 23 Jun 2024 19:10:34 +0000
ROA not before: Sun 23 Jun 2024 19:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 23 Jun 2024 20:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:46:81:dd:cb:db:14:5f:38:38:b6:e5:1d:65:85:73:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 23 19:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53fc97d52f925c22e8de1a279ac686a8d0c5163d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9a:98:75:e7:76:36:ae:59:08:22:70:b9:64:
cf:65:d6:1d:c4:82:f7:36:1b:7b:ca:d9:c3:09:f5:
97:8a:fa:94:cb:7d:7a:ba:20:22:92:19:3d:ff:7a:
9b:79:f7:46:5d:48:e0:50:22:86:da:b9:cc:b8:41:
14:3b:2d:be:8e:db:c0:99:82:7c:27:c4:0e:ba:78:
16:be:19:31:fe:42:35:62:3d:e3:ee:4c:15:7c:7f:
9e:8f:a8:6f:96:2a:f7:c2:c1:ad:7e:88:d4:10:2c:
9e:c8:93:9b:c4:6b:73:4d:7d:8e:4d:e6:e6:dd:37:
3a:84:5b:f2:8a:61:91:47:6e:25:33:cf:13:6c:70:
2b:16:ef:03:ee:98:25:2f:44:a1:69:33:42:82:5d:
ba:a4:07:ab:11:28:09:c9:5f:b8:26:7b:cc:b3:2e:
bd:9a:ae:4f:c8:94:d4:55:38:40:9b:87:36:a8:0f:
8b:96:0b:eb:e7:4a:e4:26:e0:a4:c3:90:bd:60:b9:
80:6c:3c:05:43:d1:2b:b3:6d:25:18:66:35:02:f3:
cb:46:aa:1e:ba:a3:c9:60:6a:7f:bc:d6:c5:b7:ea:
5c:b7:55:b0:f8:b0:2e:cf:c5:e6:05:db:dc:8b:56:
e5:e3:ab:b9:45:c4:f3:84:6b:16:41:dc:6e:a3:97:
a3:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:FC:97:D5:2F:92:5C:22:E8:DE:1A:27:9A:C6:86:A8:D0:C5:16:3D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/U_yX1S-SXCLo3honmsaGqNDFFj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
08:27:25:9a:5a:4b:9e:15:a3:11:12:02:0f:b1:c9:5a:de:59:
25:21:08:25:39:7b:33:1b:25:a7:6f:a7:cd:2d:43:d7:1b:73:
b2:10:29:a3:9a:c9:7e:aa:96:d6:76:6a:97:e5:d7:0e:5c:6c:
08:5c:36:82:b0:95:30:f7:d6:b5:3e:51:0f:19:fa:03:5d:36:
5d:dd:0a:31:ba:6c:77:0f:75:12:ba:ba:ec:f4:fc:18:5c:f0:
ac:a5:d5:4b:f7:dd:7d:e9:f9:7f:49:26:e3:0e:fa:93:08:23:
ca:14:89:50:c7:fa:50:6b:73:bf:b8:28:77:62:9e:61:b1:f4:
91:40:a4:8f:27:1c:6d:ff:7f:aa:72:ab:4f:a3:9e:3d:9b:f8:
89:21:5e:37:bb:4f:da:ad:13:07:22:cc:cb:dc:4f:bf:70:fa:
a9:b4:98:2d:da:b6:5c:ce:ef:35:4b:6c:b2:16:b2:b0:04:85:
60:1f:a6:35:7e:c7:ab:d1:f2:04:f4:cb:4a:ed:eb:83:75:ff:
40:52:7c:f4:02:a6:b2:b2:bd:02:da:3b:9c:bc:01:67:8c:e9:
99:b9:9c:c1:81:d3:fd:17:6e:a5:b1:6d:47:72:79:b9:9e:ca:
27:d7:5e:70:eb:ad:2d:d2:ae:fd:33:63:e8:a6:28:b9:8f:ad:
06:07:08:61
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBGgd3L2xRfODi25R1lhXMPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIzMTkxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2ZjOTdkNTJmOTI1YzIyZThkZTFhMjc5YWM2ODZhOGQwYzUxNjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZqYded2Nq5ZCCJwuWTPZdYdxIL3
Nht7ytnDCfWXivqUy316uiAikhk9/3qbefdGXUjgUCKG2rnMuEEUOy2+jtvAmYJ8
J8QOungWvhkx/kI1Yj3j7kwVfH+ej6hvlir3wsGtfojUECyeyJObxGtzTX2OTebm
3Tc6hFvyimGRR24lM88TbHArFu8D7pglL0ShaTNCgl26pAerESgJyV+4JnvMsy69
mq5PyJTUVThAm4c2qA+Llgvr50rkJuCkw5C9YLmAbDwFQ9Ers20lGGY1AvPLRqoe
uqPJYGp/vNbFt+pct1Ww+LAuz8XmBdvci1bl46u5RcTzhGsWQdxuo5ejOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFP8l9Uvklwi6N4aJ5rGhqjQxRY9MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVV95WDFTLVNYQ0xvM2hvbm1zYUdxTkRGRmowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAgnJZpaS54VoxESAg+x
yVreWSUhCCU5ezMbJadvp80tQ9cbc7IQKaOayX6qltZ2apfl1w5cbAhcNoKwlTD3
1rU+UQ8Z+gNdNl3dCjG6bHcPdRK6uuz0/Bhc8Kyl1Uv33X3p+X9JJuMO+pMII8oU
iVDH+lBrc7+4KHdinmGx9JFApI8nHG3/f6pyq0+jnj2b+IkhXje7T9qtEwcizMvc
T79w+qm0mC3atlzO7zVLbLIWsrAEhWAfpjV+x6vR8gT0y0rt64N1/0BSfPQCprKy
vQLaO5y8AWeM6Zm5nMGB0/0XbqWxbUdyebmeyifXXnDrrS3Srv0zY+imKLmPrQYH
CGE=
-----END CERTIFICATE-----
Generated at Mon Jun 24 00:27:07 2024 by rpki-client on console-ams.rpki-client.org