Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XnFaLUmPAZLPN-dqoZg-yMah8Ng.roa
File: XnFaLUmPAZLPN-dqoZg-yMah8Ng.roa (raw, json)
Hash identifier: 5k4iN3O6qmM7BcHgmwUmrjrAe6Cqypal3pEDkoTMhEE=
Subject key identifier: 5E:71:5A:2D:49:8F:01:92:CF:37:E7:6A:A1:98:3E:C8:C6:A1:F0:D8
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01908A51DAF0E73CAA88823F6C6527651FC5
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XnFaLUmPAZLPN-dqoZg-yMah8Ng.roa
Signing time: Sat 06 Jul 2024 23:12:18 +0000
ROA not before: Sat 06 Jul 2024 23:12:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 07 Jul 2024 00:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8a:51:da:f0:e7:3c:aa:88:82:3f:6c:65:27:65:1f:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 6 23:12:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e715a2d498f0192cf37e76aa1983ec8c6a1f0d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:db:f8:06:36:2d:7e:48:33:27:c8:c5:d4:57:
82:5c:f7:73:62:9c:9c:11:d6:1e:87:44:f0:24:3d:
05:d3:cd:0e:48:e6:af:ef:21:23:28:89:2a:fd:24:
35:0d:00:dc:ef:7f:87:5e:b7:1b:8b:bd:c1:fe:49:
aa:c2:15:69:aa:7d:28:f9:b1:e0:6b:51:49:d3:8f:
af:b0:7d:83:e3:2c:96:d7:e1:84:9c:7a:75:4b:86:
5e:be:94:5e:f9:ef:a4:65:88:df:c4:b5:4b:48:7c:
ff:d6:ff:b2:d3:2a:2e:8b:d7:bb:bf:15:df:16:e8:
3b:09:b4:7d:92:2a:56:b8:7d:d8:d2:a8:ea:3b:4f:
e4:6d:21:2c:6e:7a:c6:2b:b2:65:05:84:87:50:ec:
f4:d1:08:64:77:4e:58:3a:92:59:0a:93:a4:77:44:
6a:31:b4:16:6a:e2:0c:50:21:ed:15:0d:ac:96:13:
db:53:00:eb:19:4c:a1:06:e0:c7:fc:0c:8e:b0:8d:
57:73:d7:fe:0b:8e:5f:d5:6f:5b:9e:fd:b8:48:d4:
99:b8:8c:12:90:6b:b6:43:9b:b7:8c:1e:83:6d:67:
48:31:65:43:61:f9:ae:93:97:cc:fc:df:95:ed:bd:
a3:61:91:ab:2c:d9:af:b4:d4:12:2a:0a:e9:61:cd:
35:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:71:5A:2D:49:8F:01:92:CF:37:E7:6A:A1:98:3E:C8:C6:A1:F0:D8
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XnFaLUmPAZLPN-dqoZg-yMah8Ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
14:28:4b:73:d6:47:27:2a:90:fe:e0:b6:87:e6:61:b5:91:fa:
b7:94:38:70:93:cc:6d:94:7e:ad:8b:4b:bf:11:06:43:8a:c8:
f9:0e:3a:27:44:45:d9:1f:4e:07:b8:4b:70:17:56:b1:1f:55:
94:6d:67:88:52:45:0a:e9:d8:e4:e0:5a:70:c0:61:56:5b:53:
fe:85:d6:8d:c6:0a:06:c8:7e:78:05:68:c8:87:98:5f:af:39:
97:ba:e7:89:0a:9e:f5:cc:ca:3e:11:74:f9:49:c0:1a:dc:5e:
d6:66:07:db:e8:f9:de:52:b0:54:02:ff:e7:85:3f:ab:76:49:
a5:7c:9a:a6:78:dc:9f:bd:c1:51:2e:6d:05:de:96:70:9a:e5:
3a:ba:69:f8:2d:13:9f:df:fa:8f:0b:40:14:17:2a:43:ab:8d:
43:d4:db:63:9c:e7:82:1b:09:9e:7f:99:69:38:67:68:22:0e:
10:1c:0f:6a:08:e7:60:78:d9:f3:2c:d6:45:47:9a:85:21:fc:
38:9e:6c:08:1e:f7:82:02:ad:b8:7e:18:f9:68:17:e8:3e:59:
f7:b3:ba:94:7a:a5:02:ff:85:a0:16:ad:1d:45:5c:a2:67:b6:
80:c6:79:54:8f:ab:13:91:62:49:cf:25:6a:8a:ae:2d:0e:06:
32:14:2b:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCKUdrw5zyqiII/bGUnZR/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA2MjMxMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTcxNWEyZDQ5OGYwMTkyY2YzN2U3NmFhMTk4M2VjOGM2YTFmMGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNv4BjYtfkgzJ8jF1FeCXPdzYpyc
EdYeh0TwJD0F080OSOav7yEjKIkq/SQ1DQDc73+HXrcbi73B/kmqwhVpqn0o+bHg
a1FJ04+vsH2D4yyW1+GEnHp1S4ZevpRe+e+kZYjfxLVLSHz/1v+y0youi9e7vxXf
Fug7CbR9kipWuH3Y0qjqO0/kbSEsbnrGK7JlBYSHUOz00Qhkd05YOpJZCpOkd0Rq
MbQWauIMUCHtFQ2slhPbUwDrGUyhBuDH/AyOsI1Xc9f+C45f1W9bnv24SNSZuIwS
kGu2Q5u3jB6DbWdIMWVDYfmuk5fM/N+V7b2jYZGrLNmvtNQSKgrpYc012wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF5xWi1JjwGSzzfnaqGYPsjGofDYMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWG5GYUxVbVBBWkxQTi1kcW9aZy15TWFoOE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABQoS3PWRycqkP7gtofm
YbWR+reUOHCTzG2Ufq2LS78RBkOKyPkOOidERdkfTge4S3AXVrEfVZRtZ4hSRQrp
2OTgWnDAYVZbU/6F1o3GCgbIfngFaMiHmF+vOZe654kKnvXMyj4RdPlJwBrcXtZm
B9vo+d5SsFQC/+eFP6t2SaV8mqZ43J+9wVEubQXelnCa5Tq6afgtE5/f+o8LQBQX
KkOrjUPU22Oc54IbCZ5/mWk4Z2giDhAcD2oI52B42fMs1kVHmoUh/DiebAge94IC
rbh+GPloF+g+WfezupR6pQL/haAWrR1FXKJntoDGeVSPqxORYknPJWqKri0OBjIU
K+s=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:10 2025 by rpki-client