Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XTgGaMUd-zc6g0jFWZ66duVuWqo.roa
File: XTgGaMUd-zc6g0jFWZ66duVuWqo.roa (raw, json)
Hash identifier: x3FW9f6egHV+OFA26wLcxMrqa6WR6+5HYXAh0w6YZPg=
Subject key identifier: 5D:38:06:68:C5:1D:FB:37:3A:83:48:C5:59:9E:BA:76:E5:6E:5A:AA
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01903FA4F8C0EBD87C8F3AE3161B2467CA82
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XTgGaMUd-zc6g0jFWZ66duVuWqo.roa
Signing time: Sat 22 Jun 2024 11:11:34 +0000
ROA not before: Sat 22 Jun 2024 11:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 22 Jun 2024 12:05:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3f:a4:f8:c0:eb:d8:7c:8f:3a:e3:16:1b:24:67:ca:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 22 11:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d380668c51dfb373a8348c5599eba76e56e5aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c1:41:1b:77:ee:77:56:0a:d6:f6:50:49:22:
c1:74:90:b6:42:0b:02:af:c8:f9:43:ce:ac:ca:21:
71:30:a2:26:13:f4:0e:93:71:6b:b5:11:b7:c8:8a:
fc:80:28:e3:05:ee:62:03:4e:14:9d:ef:a3:8a:55:
26:c7:72:c5:e8:d1:67:1d:bf:41:ba:f9:8e:f6:97:
1e:4b:b9:7a:9a:53:4c:a5:17:ff:91:a5:37:c0:00:
a1:3c:74:a9:38:6e:35:6d:95:39:f5:6c:e3:c8:e6:
2e:76:05:c3:82:82:a5:e1:56:21:af:e7:c3:d8:f3:
16:1f:d9:da:7a:85:eb:73:c0:23:a2:04:76:bf:65:
4e:dc:2e:cd:a1:d4:c1:10:5e:ed:74:22:66:7c:68:
f1:af:25:99:99:54:7b:d0:07:36:c3:cb:4a:bd:45:
1b:fb:2a:c8:02:d8:34:e0:32:6e:5a:8e:d6:5d:f9:
e4:ba:5f:e9:67:66:c9:9b:14:6e:e8:00:98:5f:54:
12:c3:7a:64:21:ae:74:44:c0:ac:c3:5a:28:c9:ce:
1f:ba:ee:f4:4e:eb:05:e2:0c:f7:22:ef:cf:72:b9:
6f:c4:cf:db:b2:01:1d:3f:7d:66:5a:ac:46:55:e0:
cb:ab:0e:fa:20:18:d0:1e:0a:9b:f1:9b:09:9f:3e:
dd:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:38:06:68:C5:1D:FB:37:3A:83:48:C5:59:9E:BA:76:E5:6E:5A:AA
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XTgGaMUd-zc6g0jFWZ66duVuWqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:e1:5e:1b:d7:18:e3:d8:dd:27:98:ea:da:4f:f1:66:77:ec:
db:96:79:35:d8:a2:cb:1a:91:6c:ac:e8:f5:37:2e:dc:2f:c7:
5f:a2:58:2a:7b:2e:8c:80:3f:68:42:fe:5b:84:47:18:2e:68:
b0:a7:ff:9e:f1:25:83:68:6f:7f:2d:e8:5c:50:2b:97:98:b2:
b3:91:07:d2:01:b6:8d:3b:6f:10:61:8c:5d:b7:66:9d:d3:de:
dd:f9:c4:e4:fb:b1:fa:a1:9d:0a:68:20:01:b9:92:f9:8e:3e:
d8:39:e5:3c:a7:38:52:13:cd:0a:7c:c9:9a:e3:8e:0b:87:f3:
9d:53:12:e1:f6:dd:af:53:43:fa:7e:0b:19:05:db:6c:ba:c2:
c2:c1:cc:4a:a6:d7:99:ce:f8:4a:87:49:91:52:7e:2e:5f:5c:
3d:29:1c:0a:fb:a8:da:de:fe:a6:51:4e:d4:43:8f:08:41:80:
6a:0e:8c:82:e6:a5:d4:ed:df:c5:9d:dd:11:14:a8:b7:b7:34:
02:41:9b:65:8a:2e:c0:17:d7:da:bf:24:ab:5a:3e:78:70:0d:
a4:8b:2f:3d:4a:95:b8:94:72:c1:4b:eb:49:8b:42:e3:9b:b8:
d7:23:ad:85:10:5c:d3:8c:46:d5:00:8b:a6:b1:a8:66:f1:4c:
cb:fd:fa:37
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZA/pPjA69h8jzrjFhskZ8qCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIyMTExMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDM4MDY2OGM1MWRmYjM3M2E4MzQ4YzU1OTllYmE3NmU1NmU1YWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsFBG3fud1YK1vZQSSLBdJC2QgsC
r8j5Q86syiFxMKImE/QOk3FrtRG3yIr8gCjjBe5iA04Une+jilUmx3LF6NFnHb9B
uvmO9pceS7l6mlNMpRf/kaU3wAChPHSpOG41bZU59WzjyOYudgXDgoKl4VYhr+fD
2PMWH9naeoXrc8AjogR2v2VO3C7NodTBEF7tdCJmfGjxryWZmVR70Ac2w8tKvUUb
+yrIAtg04DJuWo7WXfnkul/pZ2bJmxRu6ACYX1QSw3pkIa50RMCsw1ooyc4fuu70
TusF4gz3Iu/PcrlvxM/bsgEdP31mWqxGVeDLqw76IBjQHgqb8ZsJnz7d7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF04BmjFHfs3OoNIxVmeunblblqqMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWFRnR2FNVWQtemM2ZzBqRldaNjZkdVZ1V3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABPhXhvXGOPY3SeY6tpP
8WZ37NuWeTXYossakWys6PU3Ltwvx1+iWCp7LoyAP2hC/luERxguaLCn/57xJYNo
b38t6FxQK5eYsrORB9IBto07bxBhjF23Zp3T3t35xOT7sfqhnQpoIAG5kvmOPtg5
5TynOFITzQp8yZrjjguH851TEuH23a9TQ/p+CxkF22y6wsLBzEqm15nO+EqHSZFS
fi5fXD0pHAr7qNre/qZRTtRDjwhBgGoOjILmpdTt38Wd3REUqLe3NAJBm2WKLsAX
19q/JKtaPnhwDaSLLz1KlbiUcsFL60mLQuObuNcjrYUQXNOMRtUAi6axqGbxTMv9
+jc=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:22:17 2025 by rpki-client