Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WE1B2rWnzsuJXohK3-OkhR-cTKM.roa
File: WE1B2rWnzsuJXohK3-OkhR-cTKM.roa (raw, json)
Hash identifier: oV6TEX+e2U5nLkFOpqB0SpAqX8CK6na5KopPdlkZOjU=
Subject key identifier: 58:4D:41:DA:B5:A7:CE:CB:89:5E:88:4A:DF:E3:A4:85:1F:9C:4C:A3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01900510A238A9680C77D5F93B7D9555F36A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WE1B2rWnzsuJXohK3-OkhR-cTKM.roa
Signing time: Tue 11 Jun 2024 02:11:34 +0000
ROA not before: Tue 11 Jun 2024 02:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 11 Jun 2024 03:05:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:05:10:a2:38:a9:68:0c:77:d5:f9:3b:7d:95:55:f3:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 11 02:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=584d41dab5a7cecb895e884adfe3a4851f9c4ca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6a:ce:ad:49:f3:40:15:0c:b7:74:25:f6:6e:
62:4f:cb:ad:19:36:e3:6e:27:1a:aa:ce:f9:d3:61:
83:ae:b1:a4:c7:fc:f7:a4:cf:01:11:0f:4b:eb:b0:
8c:8b:29:40:4d:2d:82:87:69:d8:40:8b:81:94:9d:
d6:af:4f:fd:a0:cc:ff:89:57:12:6f:06:41:59:f8:
aa:4b:29:d7:60:2c:65:71:3d:ba:71:bb:67:28:6a:
d3:ec:e2:c1:9f:ab:df:92:0b:2e:37:33:d1:b4:00:
76:6d:87:72:b1:2d:23:c6:21:7f:17:c7:be:c1:34:
bf:a0:0f:0a:4d:f9:51:c2:60:bc:8e:9d:87:7d:0b:
0d:96:29:bc:56:22:95:8d:b2:a4:de:8c:52:a6:aa:
22:9d:54:c5:e2:07:84:8b:32:9e:8b:b6:4c:5c:51:
d3:38:50:8a:fc:a1:87:c1:9d:39:a1:06:07:af:29:
ac:12:83:4c:c2:59:e4:cc:83:c3:e8:6a:88:63:a4:
29:7a:bc:00:5a:e3:87:9a:06:5b:0e:72:21:ab:0f:
ec:a1:df:e4:11:be:03:a6:9d:a4:ad:da:23:55:d4:
93:a0:7c:35:2b:61:22:33:f7:f9:bb:f5:34:28:ba:
7b:4b:43:d3:f3:32:ed:7e:08:f5:bd:fb:72:8e:83:
a3:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:4D:41:DA:B5:A7:CE:CB:89:5E:88:4A:DF:E3:A4:85:1F:9C:4C:A3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WE1B2rWnzsuJXohK3-OkhR-cTKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:02:17:10:47:7f:b1:4d:21:48:77:af:07:84:c7:54:25:c7:
63:c5:03:2a:b0:e2:54:09:19:12:b2:1e:7f:fe:34:6b:ab:39:
70:3f:b6:58:1e:0f:f4:f7:37:70:44:33:22:29:ae:95:e6:69:
66:6e:ed:b9:6c:01:d1:8f:02:70:49:cb:39:07:7f:59:60:00:
f7:df:e5:18:40:02:b6:50:f7:ec:21:cb:b0:b6:6b:2f:8c:d1:
93:15:59:65:a2:b0:ef:b8:d1:ac:53:f9:65:d1:c8:28:de:79:
49:fc:8f:7f:e8:bc:46:0d:8f:fb:ad:7f:8c:7f:29:f9:30:ed:
b7:4c:fe:62:e5:53:c4:97:0e:08:f4:ed:c4:4b:d2:56:87:de:
b9:97:f0:20:9c:5f:1d:24:7f:2c:ed:a7:00:32:e3:06:80:c6:
ca:08:18:19:e5:75:c0:d0:d1:e6:9a:09:42:9f:a5:cb:ab:f1:
9d:e3:4d:43:ce:ea:2a:e3:1e:87:83:15:3e:73:1b:24:b7:c6:
f2:0f:1e:ca:33:51:60:7b:ec:74:79:1a:0a:36:28:6c:bf:87:
f6:e7:59:f4:8b:1d:59:d1:0a:9b:56:f3:f2:2d:b4:81:c2:57:
32:e6:1d:94:90:c9:ed:45:b7:af:2b:91:7a:03:0d:b3:18:a0:
0f:57:dd:57
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAFEKI4qWgMd9X5O32VVfNqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjExMDIxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODRkNDFkYWI1YTdjZWNiODk1ZTg4NGFkZmUzYTQ4NTFmOWM0Y2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGrOrUnzQBUMt3Ql9m5iT8utGTbj
bicaqs7502GDrrGkx/z3pM8BEQ9L67CMiylATS2Ch2nYQIuBlJ3Wr0/9oMz/iVcS
bwZBWfiqSynXYCxlcT26cbtnKGrT7OLBn6vfkgsuNzPRtAB2bYdysS0jxiF/F8e+
wTS/oA8KTflRwmC8jp2HfQsNlim8ViKVjbKk3oxSpqoinVTF4geEizKei7ZMXFHT
OFCK/KGHwZ05oQYHrymsEoNMwlnkzIPD6GqIY6QperwAWuOHmgZbDnIhqw/sod/k
Eb4Dpp2krdojVdSToHw1K2EiM/f5u/U0KLp7S0PT8zLtfgj1vftyjoOj1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFhNQdq1p87LiV6ISt/jpIUfnEyjMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvV0UxQjJyV256c3VKWG9oSzMtT2toUi1jVEtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB4CFxBHf7FNIUh3rweE
x1Qlx2PFAyqw4lQJGRKyHn/+NGurOXA/tlgeD/T3N3BEMyIprpXmaWZu7blsAdGP
AnBJyzkHf1lgAPff5RhAArZQ9+why7C2ay+M0ZMVWWWisO+40axT+WXRyCjeeUn8
j3/ovEYNj/utf4x/Kfkw7bdM/mLlU8SXDgj07cRL0laH3rmX8CCcXx0kfyztpwAy
4waAxsoIGBnldcDQ0eaaCUKfpcur8Z3jTUPO6irjHoeDFT5zGyS3xvIPHsozUWB7
7HR5Ggo2KGy/h/bnWfSLHVnRCptW8/IttIHCVzLmHZSQye1Ft68rkXoDDbMYoA9X
3Vc=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:27:52 2025 by rpki-client