Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XN4MZCQ2vdndNOcI7RXmiGdmABw.roa
File: XN4MZCQ2vdndNOcI7RXmiGdmABw.roa (raw, json)
Hash identifier: TxILoBlbx/M9GlK8mBVnWB1j0C7A5FkocZGpYfhPaZA=
Subject key identifier: 5C:DE:0C:64:24:36:BD:D9:DD:34:E7:08:ED:15:E6:88:67:66:00:1C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190358F2F0C50ADCBCBC98865D465DBED5E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XN4MZCQ2vdndNOcI7RXmiGdmABw.roa
Signing time: Thu 20 Jun 2024 12:11:34 +0000
ROA not before: Thu 20 Jun 2024 12:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 20 Jun 2024 13:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:35:8f:2f:0c:50:ad:cb:cb:c9:88:65:d4:65:db:ed:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 20 12:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cde0c642436bdd9dd34e708ed15e6886766001c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:90:b6:c8:1c:73:b8:d2:ec:e3:98:7c:01:bc:
70:f7:79:99:5c:c3:25:a5:f8:b9:a9:51:d8:8c:15:
d9:0d:11:b0:0b:34:23:92:36:9b:56:a4:6b:e6:df:
e1:be:44:19:30:89:2b:7e:8e:ae:a5:37:b0:a7:62:
a9:20:b3:ec:ca:af:e4:3a:27:42:6c:21:59:ee:f2:
1b:09:b3:ae:7c:ea:46:77:1a:0a:46:c8:4e:db:c4:
e1:fb:5b:2f:5c:b5:42:80:4c:b6:60:8a:12:43:af:
f2:81:b5:1b:7b:34:9b:3c:22:e4:e5:e2:21:9b:78:
f9:8e:cf:3c:b0:09:1f:28:bb:de:9a:d2:b5:a2:df:
09:be:60:78:bf:d8:59:88:69:22:0d:b8:80:5b:72:
92:f3:87:3c:c2:8d:d2:d1:5d:82:af:c5:f4:8a:3a:
22:da:94:9a:b5:92:76:df:20:d3:a4:6c:62:2e:47:
d9:48:a2:63:4d:c4:ba:ee:6a:2c:e2:bf:83:6a:0d:
00:34:26:bc:0f:82:14:56:1b:fd:c1:a6:25:cc:71:
1a:b8:87:5c:24:6e:53:5a:25:50:9b:f5:25:bb:86:
e1:10:7a:6d:83:68:4d:4f:cf:ec:0c:6c:66:bc:36:
31:f1:d6:50:21:b5:5d:db:f6:92:55:dd:54:9d:c1:
af:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:DE:0C:64:24:36:BD:D9:DD:34:E7:08:ED:15:E6:88:67:66:00:1C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XN4MZCQ2vdndNOcI7RXmiGdmABw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
09:c0:ca:30:2e:e5:27:d9:a3:41:ba:09:5a:e3:c9:23:04:03:
4f:1a:5e:55:2e:cd:d0:f1:fc:aa:1b:c2:21:18:97:89:b1:15:
4f:5f:9c:c6:0b:db:07:7d:68:76:fb:74:9e:c5:a9:9b:1b:8f:
5c:b6:8c:5e:2a:aa:22:04:f7:ad:fe:54:cb:46:e6:7a:c8:a4:
e9:ee:68:d7:26:d4:59:67:11:54:b9:e9:08:42:77:ef:3d:46:
b6:10:3d:d7:50:1f:73:c4:16:27:31:5e:10:ce:f2:9d:7f:76:
fc:5f:53:94:e2:c7:c1:6d:02:27:7d:aa:5a:0f:f2:15:fd:d4:
33:51:51:18:34:c0:2b:7c:b0:7f:d7:6c:fe:e9:bc:31:e2:ba:
f2:18:ac:7a:9a:36:94:02:03:44:db:d7:d7:b6:c1:5e:85:e7:
26:05:f0:94:85:e3:09:8c:35:50:a4:67:41:ad:94:e3:97:77:
bd:50:47:c7:1d:ad:c6:00:38:33:dc:22:52:fa:d8:70:dd:06:
a6:ab:2a:f0:b6:48:6b:8c:1b:51:8b:9a:fd:39:b1:7a:34:9b:
eb:a7:bc:7f:7b:f1:af:a1:b8:55:43:f8:e8:dc:7b:46:26:b3:
08:4a:4c:09:06:ca:70:48:38:9a:69:81:97:1e:7a:ae:ed:48:
9c:38:86:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZA1jy8MUK3Ly8mIZdRl2+1eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIwMTIxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2RlMGM2NDI0MzZiZGQ5ZGQzNGU3MDhlZDE1ZTY4ODY3NjYwMDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJC2yBxzuNLs45h8Abxw93mZXMMl
pfi5qVHYjBXZDRGwCzQjkjabVqRr5t/hvkQZMIkrfo6upTewp2KpILPsyq/kOidC
bCFZ7vIbCbOufOpGdxoKRshO28Th+1svXLVCgEy2YIoSQ6/ygbUbezSbPCLk5eIh
m3j5js88sAkfKLvemtK1ot8JvmB4v9hZiGkiDbiAW3KS84c8wo3S0V2Cr8X0ijoi
2pSatZJ23yDTpGxiLkfZSKJjTcS67mos4r+Dag0ANCa8D4IUVhv9waYlzHEauIdc
JG5TWiVQm/Ulu4bhEHptg2hNT8/sDGxmvDYx8dZQIbVd2/aSVd1UncGvrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFzeDGQkNr3Z3TTnCO0V5ohnZgAcMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWE40TVpDUTJ2ZG5kTk9jSTdSWG1pR2RtQUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAnAyjAu5SfZo0G6CVrj
ySMEA08aXlUuzdDx/KobwiEYl4mxFU9fnMYL2wd9aHb7dJ7FqZsbj1y2jF4qqiIE
963+VMtG5nrIpOnuaNcm1FlnEVS56QhCd+89RrYQPddQH3PEFicxXhDO8p1/dvxf
U5Tix8FtAid9qloP8hX91DNRURg0wCt8sH/XbP7pvDHiuvIYrHqaNpQCA0Tb19e2
wV6F5yYF8JSF4wmMNVCkZ0GtlOOXd71QR8cdrcYAODPcIlL62HDdBqarKvC2SGuM
G1GLmv05sXo0m+unvH978a+huFVD+Ojce0YmswhKTAkGynBIOJppgZceeq7tSJw4
hlg=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:59 2025 by rpki-client