Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/V9E8rnQLRXst0Dt-e6cvZRW6yME.roa
File: V9E8rnQLRXst0Dt-e6cvZRW6yME.roa (raw, json)
Hash identifier: JeTe72M6etG8zN/+clKOODs3Dt+/693p9J43wrpxVwQ=
Subject key identifier: 57:D1:3C:AE:74:0B:45:7B:2D:D0:3B:7E:7B:A7:2F:65:15:BA:C8:C1
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01907FFEBAC30B968E967D93760BDD401F53
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/V9E8rnQLRXst0Dt-e6cvZRW6yME.roa
Signing time: Thu 04 Jul 2024 23:05:18 +0000
ROA not before: Thu 04 Jul 2024 23:05:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:7ffe:499/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 04 Jul 2024 23:11:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7f:fe:ba:c3:0b:96:8e:96:7d:93:76:0b:dd:40:1f:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 4 23:05:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57d13cae740b457b2dd03b7e7ba72f6515bac8c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d4:b8:f6:8f:4a:37:73:ba:09:b5:5b:3c:58:
ad:7a:81:e4:0e:a4:72:ce:e1:f2:85:1b:61:42:6d:
04:c3:aa:cb:8a:e6:07:13:ce:b5:a6:77:fa:2e:aa:
99:fa:51:da:ee:b3:6e:0e:28:d4:0b:af:4b:01:bd:
90:7f:7e:7b:fa:87:bf:6f:95:24:cc:51:48:55:60:
75:a3:0f:f5:93:61:5b:da:58:50:c3:24:37:d7:7d:
0b:67:fd:40:2b:09:ca:14:09:81:9f:6d:57:c1:83:
2d:f7:a0:26:1e:ea:13:bb:a8:92:73:27:68:df:7a:
bb:fb:4b:bf:06:4c:66:1c:9d:ea:60:c5:8e:7d:52:
14:15:de:99:1b:e5:8c:13:66:a1:b7:01:56:4a:83:
70:9d:fa:f4:8b:c3:ab:3b:d0:af:cc:37:a1:4a:e1:
29:dd:4f:30:76:1f:de:db:5b:1d:bd:c7:e3:51:45:
45:60:49:ed:60:56:d1:3c:96:1c:c2:64:a4:e4:c4:
96:07:ea:23:b3:7a:db:9e:be:db:f5:c8:39:c0:c6:
97:31:9a:6d:4c:86:a1:b0:7d:09:7d:28:65:d5:c6:
f1:e4:35:a0:72:84:30:32:38:a8:62:76:19:38:c2:
92:26:17:9d:87:c5:6f:fc:2f:2c:58:28:e5:53:8b:
31:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:D1:3C:AE:74:0B:45:7B:2D:D0:3B:7E:7B:A7:2F:65:15:BA:C8:C1
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/V9E8rnQLRXst0Dt-e6cvZRW6yME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
87:32:b4:99:1c:1c:74:64:84:e4:1a:bf:eb:6a:d9:3c:78:85:
02:b4:6b:93:22:b5:36:3f:85:e5:e0:ea:56:fe:c9:3c:ac:a2:
cf:55:8b:f2:89:12:44:ac:90:9a:fc:4c:37:4a:38:1a:8b:c3:
eb:12:1b:85:ab:4f:f4:0f:d2:e7:f0:a4:9d:03:25:ef:ed:e7:
31:8d:f4:3f:3a:61:d4:5d:f5:7d:4c:14:6f:97:fb:d0:38:e1:
fc:d3:f9:2e:ad:49:a4:0c:bd:c4:6b:df:a3:b3:c6:11:c0:31:
f2:f6:54:b8:b4:c8:11:cb:22:0f:c2:91:c3:28:87:d6:93:e8:
24:64:5b:f5:94:93:59:1e:29:2a:64:0d:f2:cc:42:31:62:66:
ea:6e:da:d4:fe:fd:38:fc:3e:f5:48:09:71:9d:c5:3f:ec:33:
5f:e2:1a:6f:77:87:05:26:1c:b2:ed:a0:a1:2c:98:87:6a:f5:
04:c6:31:b2:df:67:52:7c:52:fc:0c:22:5a:90:21:59:75:bd:
a0:12:b3:d2:74:a2:40:5f:b5:14:68:aa:f0:de:31:ef:97:01:
2f:14:2a:e7:43:ca:5d:63:9e:10:58:37:13:42:58:de:0e:ff:
1d:46:01:3c:5b:ad:0c:3e:a9:3c:b4:73:23:c1:d5:c7:68:e3:
8e:12:b5:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZB//rrDC5aOln2TdgvdQB9TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA0MjMwNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2QxM2NhZTc0MGI0NTdiMmRkMDNiN2U3YmE3MmY2NTE1YmFjOGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztS49o9KN3O6CbVbPFiteoHkDqRy
zuHyhRthQm0Ew6rLiuYHE861pnf6LqqZ+lHa7rNuDijUC69LAb2Qf357+oe/b5Uk
zFFIVWB1ow/1k2Fb2lhQwyQ3130LZ/1AKwnKFAmBn21XwYMt96AmHuoTu6iScydo
33q7+0u/BkxmHJ3qYMWOfVIUFd6ZG+WME2ahtwFWSoNwnfr0i8OrO9CvzDehSuEp
3U8wdh/e21sdvcfjUUVFYEntYFbRPJYcwmSk5MSWB+ojs3rbnr7b9cg5wMaXMZpt
TIahsH0JfShl1cbx5DWgcoQwMjioYnYZOMKSJhedh8Vv/C8sWCjlU4sxnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFfRPK50C0V7LdA7fnunL2UVusjBMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVjlFOHJuUUxSWHN0MER0LWU2Y3ZaUlc2eU1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIcytJkcHHRkhOQav+tq
2Tx4hQK0a5MitTY/heXg6lb+yTysos9Vi/KJEkSskJr8TDdKOBqLw+sSG4WrT/QP
0ufwpJ0DJe/t5zGN9D86YdRd9X1MFG+X+9A44fzT+S6tSaQMvcRr36OzxhHAMfL2
VLi0yBHLIg/CkcMoh9aT6CRkW/WUk1keKSpkDfLMQjFiZupu2tT+/Tj8PvVICXGd
xT/sM1/iGm93hwUmHLLtoKEsmIdq9QTGMbLfZ1J8UvwMIlqQIVl1vaASs9J0okBf
tRRoqvDeMe+XAS8UKudDyl1jnhBYNxNCWN4O/x1GATxbrQw+qTy0cyPB1cdo444S
tdQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:16 2025 by rpki-client