Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/VrI0LXAKN2USVTRxG3Nbv3QYqSE.roa
File: VrI0LXAKN2USVTRxG3Nbv3QYqSE.roa (raw, json)
Hash identifier: G+mmoPjgC/zwdCwH8zeo+L2mw4DBbcUPMko6xF+kjzc=
Subject key identifier: 56:B2:34:2D:70:0A:37:65:12:55:34:71:1B:73:5B:BF:74:18:A9:21
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FFBD58E4B26D8639C6809229D613126C1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/VrI0LXAKN2USVTRxG3Nbv3QYqSE.roa
Signing time: Sun 09 Jun 2024 07:10:27 +0000
ROA not before: Sun 09 Jun 2024 07:10:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 09 Jun 2024 08:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:fb:d5:8e:4b:26:d8:63:9c:68:09:22:9d:61:31:26:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 9 07:10:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56b2342d700a3765125534711b735bbf7418a921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:11:bc:f1:b2:30:fb:e7:30:6e:b0:c0:e8:2f:
63:46:f8:18:9c:1d:f4:87:0d:62:4b:0b:72:34:a1:
87:fd:7a:87:49:38:21:52:72:4d:57:fc:39:c7:5e:
94:73:b4:e1:5e:5a:a9:f4:97:72:45:5f:ce:9d:b8:
32:2c:5e:15:71:88:d4:9b:65:15:8e:02:64:fc:50:
80:7b:c1:cb:9c:d3:0e:7a:d5:c3:d0:59:b4:9e:c1:
7f:6f:78:d4:fc:fd:a4:e1:43:cf:f2:04:80:0e:5f:
61:59:66:46:76:97:3d:f5:77:c3:03:57:db:0e:bf:
b3:08:21:6f:f4:bd:83:66:ba:39:aa:ed:6c:f7:c7:
94:0d:88:24:51:85:78:e6:08:33:0f:3b:7f:c1:ee:
63:9e:36:9e:96:b4:4a:1c:b5:e1:90:b3:9b:69:9f:
f3:82:f0:93:de:7d:73:62:74:a1:e3:ba:2c:31:59:
97:ce:b8:89:87:1a:31:fb:64:ef:16:f5:3e:e4:b4:
12:71:c5:de:b1:e5:ae:ac:26:01:c7:a5:00:35:51:
50:15:61:36:f6:82:f8:a0:17:8e:af:1c:98:e2:c8:
ad:d2:3a:3d:d3:c5:4a:9f:37:fc:dd:d4:33:79:72:
b0:ac:71:0b:1c:98:1e:ad:ba:2c:ee:2d:5d:ba:8a:
46:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B2:34:2D:70:0A:37:65:12:55:34:71:1B:73:5B:BF:74:18:A9:21
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/VrI0LXAKN2USVTRxG3Nbv3QYqSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:7c:17:8e:f4:a6:3f:c9:82:5f:98:cf:ab:41:5c:aa:1e:8c:
0f:bb:30:f4:89:0e:86:a5:48:a2:8f:a4:12:8e:b2:9f:96:69:
7a:74:57:fd:19:75:b2:ff:9d:79:b5:77:e6:37:1a:04:0d:38:
77:aa:1a:ce:7d:70:94:04:9e:91:be:0d:0c:6d:88:b7:36:f4:
d1:03:5d:9e:d5:0c:62:4c:5c:a5:24:ba:24:b9:f0:94:20:f6:
25:5f:51:c8:3f:af:6e:1f:15:1c:d9:86:f0:2e:48:c1:76:e2:
14:aa:36:b5:63:5a:d9:d4:ad:e2:db:14:62:a3:9c:ca:48:a9:
e9:06:7d:f2:f7:fe:49:68:1e:77:31:87:b1:57:e0:83:3d:02:
00:fa:6d:0e:8b:a4:b1:a2:15:ad:1d:92:9b:cd:bd:87:23:53:
37:9f:cb:c7:4a:d5:f0:f6:b9:54:3e:5c:10:c4:b5:6b:80:32:
3a:df:7d:02:38:61:fe:9e:a3:a8:94:73:65:66:85:ee:72:02:
a7:cf:00:a0:17:8c:5f:c0:3a:6f:a8:8b:b3:f4:8a:43:ef:e7:
9e:17:2c:7b:09:9d:da:f2:d2:4d:17:02:bb:7b:70:28:0c:ab:
a2:c9:7e:ad:da:a1:ef:2a:6d:b8:15:45:a7:e4:a2:c9:af:cd:
78:0c:1b:7d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/71Y5LJthjnGgJIp1hMSbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA5MDcxMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmIyMzQyZDcwMGEzNzY1MTI1NTM0NzExYjczNWJiZjc0MThhOTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRG88bIw++cwbrDA6C9jRvgYnB30
hw1iSwtyNKGH/XqHSTghUnJNV/w5x16Uc7ThXlqp9JdyRV/OnbgyLF4VcYjUm2UV
jgJk/FCAe8HLnNMOetXD0Fm0nsF/b3jU/P2k4UPP8gSADl9hWWZGdpc99XfDA1fb
Dr+zCCFv9L2DZro5qu1s98eUDYgkUYV45ggzDzt/we5jnjaelrRKHLXhkLObaZ/z
gvCT3n1zYnSh47osMVmXzriJhxox+2TvFvU+5LQSccXeseWurCYBx6UANVFQFWE2
9oL4oBeOrxyY4sit0jo908VKnzf83dQzeXKwrHELHJgerbos7i1duopGfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFayNC1wCjdlElU0cRtzW790GKkhMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVnJJMExYQUtOMlVTVlRSeEczTmJ2M1FZcVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACx8F470pj/Jgl+Yz6tB
XKoejA+7MPSJDoalSKKPpBKOsp+WaXp0V/0ZdbL/nXm1d+Y3GgQNOHeqGs59cJQE
npG+DQxtiLc29NEDXZ7VDGJMXKUkuiS58JQg9iVfUcg/r24fFRzZhvAuSMF24hSq
NrVjWtnUreLbFGKjnMpIqekGffL3/kloHncxh7FX4IM9AgD6bQ6LpLGiFa0dkpvN
vYcjUzefy8dK1fD2uVQ+XBDEtWuAMjrffQI4Yf6eo6iUc2Vmhe5yAqfPAKAXjF/A
Om+oi7P0ikPv554XLHsJndry0k0XArt7cCgMq6LJfq3aoe8qbbgVRafkosmvzXgM
G30=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:13 2025 by rpki-client