Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WcARbKfzO2YnkaCnbi_YsTy2j1w.roa
File: WcARbKfzO2YnkaCnbi_YsTy2j1w.roa (raw, json)
Hash identifier: QHlkuB8hGKP3YputSAmVAaibrKNB+EzecD9Xt4SL2Oo=
Subject key identifier: 59:C0:11:6C:A7:F3:3B:66:27:91:A0:A7:6E:2F:D8:B1:3C:B6:8F:5C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01909E43FDF6A4A6A48232EE9345973FB8F7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WcARbKfzO2YnkaCnbi_YsTy2j1w.roa
Signing time: Wed 10 Jul 2024 20:09:34 +0000
ROA not before: Wed 10 Jul 2024 20:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Jul 2024 21:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9e:43:fd:f6:a4:a6:a4:82:32:ee:93:45:97:3f:b8:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 10 20:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59c0116ca7f33b662791a0a76e2fd8b13cb68f5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:15:6d:ed:7b:d0:bc:13:13:6e:b2:e1:c6:50:
84:3a:6d:5a:61:58:aa:c8:3f:2a:82:32:f0:7d:d3:
dc:9a:0e:93:86:da:fe:65:58:e8:8c:f7:5c:1c:47:
6b:2d:80:c8:4b:82:1c:6a:a2:fa:7f:2b:93:70:a3:
f6:08:78:3b:17:d9:48:55:b4:c1:5b:14:0d:fe:04:
fa:97:5e:51:32:c2:e0:93:f4:05:57:92:16:84:f0:
ee:a8:e0:7c:09:91:6d:4b:97:e8:7a:02:b2:61:3c:
b0:44:0a:6c:08:d2:a3:56:fb:1d:1e:b7:55:85:79:
2b:d3:a2:f4:25:67:6d:8c:3f:8d:37:89:ed:a8:f6:
11:b5:5b:68:53:d4:49:df:23:a7:28:6f:03:bc:89:
3a:8a:fe:24:45:65:09:76:e5:d2:5f:55:6c:2b:d4:
38:d5:64:70:50:c9:70:0a:49:dd:b6:24:57:dc:c1:
70:81:9e:f7:b9:7d:e1:7e:e0:ec:0e:59:83:bb:4e:
5d:29:4c:82:8c:13:d7:f9:9c:92:0c:77:09:c5:ec:
1e:f6:39:10:ae:8b:fc:d7:9f:19:a7:ca:e8:ca:0c:
b4:f0:f9:1e:74:69:47:17:3e:35:3e:63:3c:0c:e9:
7c:bd:f3:ad:b0:79:c8:48:84:1f:58:94:a9:64:54:
31:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:C0:11:6C:A7:F3:3B:66:27:91:A0:A7:6E:2F:D8:B1:3C:B6:8F:5C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WcARbKfzO2YnkaCnbi_YsTy2j1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
08:39:f9:ad:56:da:0c:21:e6:a4:0d:80:0e:ef:32:95:64:f2:
10:09:ba:6d:de:fd:91:01:80:94:0f:6e:46:fe:de:9a:ff:1b:
a6:d9:31:e0:2d:7b:b1:fc:06:ee:af:11:65:78:06:f0:14:dd:
e1:89:e1:aa:f2:71:76:91:23:a0:41:90:1c:43:2c:0b:4d:d6:
8c:8d:ed:56:81:4d:e4:e8:35:09:a3:11:30:00:9a:e9:9c:ed:
27:4d:78:48:09:2d:b1:70:ee:fb:74:50:2b:73:c1:d3:bd:64:
ad:55:a3:8e:f8:3a:50:f2:d1:93:3c:39:40:ab:af:d4:36:ac:
77:b4:9a:85:f9:6f:fc:57:0d:b9:10:b9:4c:70:9c:34:fa:a9:
58:d0:5e:63:83:61:af:97:3e:b5:a7:9c:4f:69:bc:c0:37:fc:
db:5a:3d:60:79:68:4a:e7:62:bf:a0:6f:78:3e:ff:e4:ab:9d:
6a:05:54:0d:03:d9:29:9f:40:88:31:24:e7:00:4b:9a:cd:02:
c4:c7:9c:43:f5:9a:32:2a:92:1c:61:3a:ec:a0:20:30:11:6b:
6a:11:b7:27:39:fb:c9:ea:31:f8:e5:21:5e:59:03:30:f7:0f:
6e:7a:88:78:0f:0d:bf:c6:6e:df:f0:ed:4b:16:38:1e:7c:79:
8c:e0:d2:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCeQ/32pKakgjLuk0WXP7j3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEwMjAwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWMwMTE2Y2E3ZjMzYjY2Mjc5MWEwYTc2ZTJmZDhiMTNjYjY4ZjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhVt7XvQvBMTbrLhxlCEOm1aYViq
yD8qgjLwfdPcmg6Thtr+ZVjojPdcHEdrLYDIS4IcaqL6fyuTcKP2CHg7F9lIVbTB
WxQN/gT6l15RMsLgk/QFV5IWhPDuqOB8CZFtS5foegKyYTywRApsCNKjVvsdHrdV
hXkr06L0JWdtjD+NN4ntqPYRtVtoU9RJ3yOnKG8DvIk6iv4kRWUJduXSX1VsK9Q4
1WRwUMlwCkndtiRX3MFwgZ73uX3hfuDsDlmDu05dKUyCjBPX+ZySDHcJxewe9jkQ
rov8158Zp8roygy08PkedGlHFz41PmM8DOl8vfOtsHnISIQfWJSpZFQxEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFnAEWyn8ztmJ5Ggp24v2LE8to9cMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvV2NBUmJLZnpPMllua2FDbmJpX1lzVHkyajF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAg5+a1W2gwh5qQNgA7v
MpVk8hAJum3e/ZEBgJQPbkb+3pr/G6bZMeAte7H8Bu6vEWV4BvAU3eGJ4arycXaR
I6BBkBxDLAtN1oyN7VaBTeToNQmjETAAmumc7SdNeEgJLbFw7vt0UCtzwdO9ZK1V
o474OlDy0ZM8OUCrr9Q2rHe0moX5b/xXDbkQuUxwnDT6qVjQXmODYa+XPrWnnE9p
vMA3/NtaPWB5aErnYr+gb3g+/+SrnWoFVA0D2SmfQIgxJOcAS5rNAsTHnEP1mjIq
khxhOuygIDARa2oRtyc5+8nqMfjlIV5ZAzD3D256iHgPDb/Gbt/w7UsWOB58eYzg
0ic=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:53 2025 by rpki-client