Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XB5twR0yEp5J4TIgyET0hjVPpJo.roa
File: XB5twR0yEp5J4TIgyET0hjVPpJo.roa (raw, json)
Hash identifier: Xj7C1J0j4XAHHeg6jnUIWRevXam/y6UPGpWwQaTnnuE=
Subject key identifier: 5C:1E:6D:C1:1D:32:12:9E:49:E1:32:20:C8:44:F4:86:35:4F:A4:9A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01908ED0AC897F21A8ED5309EAAD16DBFE87
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XB5twR0yEp5J4TIgyET0hjVPpJo.roa
Signing time: Sun 07 Jul 2024 20:09:18 +0000
ROA not before: Sun 07 Jul 2024 20:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 07 Jul 2024 21:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8e:d0:ac:89:7f:21:a8:ed:53:09:ea:ad:16:db:fe:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 7 20:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c1e6dc11d32129e49e13220c844f486354fa49a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4c:6d:54:ab:54:04:f1:4e:c7:d2:a6:f1:9a:
bf:e4:dd:89:66:7d:56:f9:2e:6b:ff:66:4f:e5:24:
28:c0:4d:c0:bd:26:de:7a:b3:1e:f7:33:bb:40:d9:
c3:9e:06:c7:62:ec:27:67:cd:ed:a0:c7:52:97:af:
2a:7c:2b:dc:23:b0:65:eb:9b:76:b2:ea:05:ac:bc:
9b:36:04:0a:d3:e3:f0:2c:05:14:d0:b5:91:c5:34:
88:41:21:58:fa:3e:1f:e2:ed:81:9c:0d:b6:bc:40:
4a:97:ee:8c:44:7a:30:e3:d7:7b:49:e0:62:c7:cf:
e0:d0:3f:26:fa:a3:05:16:8c:4a:4a:f0:00:44:b7:
fc:0a:22:35:fa:0e:2d:ad:d0:95:da:5a:45:2d:b5:
de:77:7e:ce:70:fc:62:a6:76:4e:d3:98:af:32:c5:
20:2c:58:5e:8d:64:5c:28:62:1f:e2:02:3c:ca:e4:
5a:b3:ab:d3:74:ae:05:32:1f:76:b4:70:f9:3f:04:
0e:96:4b:99:d7:08:4a:5e:e4:05:4b:ca:29:4f:6e:
f6:72:5a:0e:db:0c:41:c9:8e:3f:96:6a:14:a4:ea:
1b:d1:45:20:c2:aa:73:75:e2:f2:e1:e3:83:86:2a:
75:4e:a8:0b:cc:1e:16:0e:51:51:11:00:99:72:22:
7b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:1E:6D:C1:1D:32:12:9E:49:E1:32:20:C8:44:F4:86:35:4F:A4:9A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XB5twR0yEp5J4TIgyET0hjVPpJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:c2:31:63:ba:7b:d0:94:e4:71:a0:6a:95:84:a1:2b:c1:95:
1f:a4:20:b2:4e:1c:21:3d:82:a5:ad:c8:1c:e4:2d:bb:fb:45:
c6:50:59:48:f1:9a:94:46:20:37:ee:f5:38:51:b0:08:2f:d4:
fe:a6:1d:52:05:74:16:5d:b6:27:6e:63:f3:35:1b:0a:1d:d4:
36:82:0a:15:77:6e:57:5b:51:6a:42:7c:23:90:7c:71:d9:f5:
ec:bc:02:ed:ca:cd:36:0e:c8:61:b1:36:74:94:7e:bc:72:3f:
dd:11:82:82:97:41:de:da:f0:72:e9:08:d8:11:1a:4b:d1:fd:
b4:68:91:c1:93:c1:8c:91:7d:17:d0:22:7d:71:e0:78:63:64:
a1:92:5e:92:d8:35:4e:7c:bd:d3:c6:0f:22:20:f1:35:96:6e:
51:a4:58:a4:60:d1:f8:23:f4:61:0e:48:2d:89:c1:43:7e:ba:
ff:37:19:f7:42:1f:ac:1c:15:93:14:d8:e7:4d:94:ec:08:4d:
a8:83:2d:72:2d:5c:34:28:ae:f0:6d:a8:0a:1d:0d:e7:b7:b6:
da:ed:f3:0a:44:fe:bb:e5:32:6e:fb:eb:39:7a:77:0a:50:b6:
43:38:87:fa:5b:f3:42:d8:da:ac:db:ee:47:dc:c6:d4:98:94:
2c:75:d6:57
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCO0KyJfyGo7VMJ6q0W2/6HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA3MjAwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzFlNmRjMTFkMzIxMjllNDllMTMyMjBjODQ0ZjQ4NjM1NGZhNDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokxtVKtUBPFOx9Km8Zq/5N2JZn1W
+S5r/2ZP5SQowE3AvSbeerMe9zO7QNnDngbHYuwnZ83toMdSl68qfCvcI7Bl65t2
suoFrLybNgQK0+PwLAUU0LWRxTSIQSFY+j4f4u2BnA22vEBKl+6MRHow49d7SeBi
x8/g0D8m+qMFFoxKSvAARLf8CiI1+g4trdCV2lpFLbXed37OcPxipnZO05ivMsUg
LFhejWRcKGIf4gI8yuRas6vTdK4FMh92tHD5PwQOlkuZ1whKXuQFS8opT272cloO
2wxByY4/lmoUpOob0UUgwqpzdeLy4eODhip1TqgLzB4WDlFREQCZciJ7kwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFwebcEdMhKeSeEyIMhE9IY1T6SaMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWEI1dHdSMHlFcDVKNFRJZ3lFVDBoalZQcEpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIXCMWO6e9CU5HGgapWE
oSvBlR+kILJOHCE9gqWtyBzkLbv7RcZQWUjxmpRGIDfu9ThRsAgv1P6mHVIFdBZd
tiduY/M1Gwod1DaCChV3bldbUWpCfCOQfHHZ9ey8Au3KzTYOyGGxNnSUfrxyP90R
goKXQd7a8HLpCNgRGkvR/bRokcGTwYyRfRfQIn1x4HhjZKGSXpLYNU58vdPGDyIg
8TWWblGkWKRg0fgj9GEOSC2JwUN+uv83GfdCH6wcFZMU2OdNlOwITaiDLXItXDQo
rvBtqAodDee3ttrt8wpE/rvlMm776zl6dwpQtkM4h/pb80LY2qzb7kfcxtSYlCx1
1lc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:28 2025 by rpki-client