Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XpxkClRx7OGg2BZ10pEDvMx-98U.roa
File: XpxkClRx7OGg2BZ10pEDvMx-98U.roa (raw, json)
Hash identifier: cVo+gwvmEXGFezMlfOzISq2UlrO/HwbWit3gBdBeul4=
Subject key identifier: 5E:9C:64:0A:54:71:EC:E1:A0:D8:16:75:D2:91:03:BC:CC:7E:F7:C5
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190B83AB8E4614E6F026089D0DDE0D3EB44
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XpxkClRx7OGg2BZ10pEDvMx-98U.roa
Signing time: Mon 15 Jul 2024 21:09:34 +0000
ROA not before: Mon 15 Jul 2024 21:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 Jul 2024 22:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b8:3a:b8:e4:61:4e:6f:02:60:89:d0:dd:e0:d3:eb:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 15 21:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e9c640a5471ece1a0d81675d29103bccc7ef7c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:04:ae:dc:f2:cb:04:36:08:11:5e:12:34:96:
3c:c0:75:bb:d4:89:9f:ed:73:b0:2a:0a:c5:36:04:
7a:aa:64:c0:4a:27:a5:54:c9:b9:83:52:38:b9:66:
e4:f9:02:a3:21:a2:20:78:6b:ce:24:29:3e:fc:3c:
c0:7e:01:29:f9:14:0d:69:dd:a3:28:c5:77:2d:db:
63:f2:8f:d6:e6:f3:84:d1:a6:34:9d:5c:d0:a6:ec:
f3:bc:e0:69:8d:00:2e:5f:2e:09:72:b1:2c:1b:3b:
74:74:c2:1e:7f:66:93:2f:0a:75:8c:8c:8b:61:b3:
0c:29:84:aa:d4:3c:2b:df:7f:ca:fe:3b:be:70:d1:
4a:69:91:c8:d3:ab:19:38:41:46:5f:b7:bc:c2:56:
99:c2:28:cc:ce:04:a4:32:90:8f:25:62:78:75:67:
0c:f4:c3:74:e5:0b:bb:3d:31:e2:43:58:03:79:3e:
63:8d:a5:ff:b4:f3:3b:ce:5c:8f:12:99:1a:00:c9:
08:0a:0a:c0:e3:4a:0d:8b:b2:ce:ba:77:09:0b:36:
1f:0f:c5:0d:01:49:e5:69:08:04:bb:24:eb:f7:9e:
2e:1b:3f:99:48:c5:50:41:57:63:fb:a8:72:ac:5a:
08:59:3d:b7:f4:33:eb:97:2b:07:07:ac:14:bb:d2:
d1:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:9C:64:0A:54:71:EC:E1:A0:D8:16:75:D2:91:03:BC:CC:7E:F7:C5
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XpxkClRx7OGg2BZ10pEDvMx-98U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
21:84:ce:ff:7d:17:fa:dc:a9:f6:3b:f1:52:d2:33:ed:29:1b:
0d:5a:32:79:07:b3:2e:75:a0:13:13:c5:46:73:f2:10:79:e7:
7a:29:98:91:a7:82:6e:bf:de:df:cb:39:73:2f:32:e8:ea:bc:
6b:c7:52:d3:83:9c:da:96:bb:ae:dc:69:53:48:ae:fe:ab:fc:
98:0c:7b:1f:95:df:82:c2:49:64:b5:c9:fb:e6:11:cf:0b:ce:
9a:1b:98:c0:7b:39:1d:84:be:fb:e8:71:b1:9c:0f:cf:0a:6e:
cd:f0:cf:01:51:a4:72:fd:d4:84:7f:5a:21:e8:e0:ac:89:5c:
41:29:18:29:09:4a:44:5c:cc:9b:2b:68:87:59:28:75:39:cd:
7e:ce:30:66:5e:8c:86:6a:88:15:74:22:0b:fc:15:0b:43:a6:
41:05:3c:c4:87:78:1d:b5:f8:6a:69:4f:18:e9:52:0b:0d:db:
f4:a2:14:b1:67:f4:9b:fb:e1:fb:73:b5:fe:4c:cf:40:32:9e:
18:be:da:97:18:9f:ea:54:07:93:0f:7b:71:c7:f6:48:66:ab:
5c:e4:c2:f4:d6:5f:c7:d3:e3:12:f8:4d:48:20:9b:35:c3:3b:
f5:9f:99:c9:05:0f:04:e5:c4:f7:90:50:00:ee:11:64:fe:e4:
f9:7e:09:52
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZC4OrjkYU5vAmCJ0N3g0+tEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzE1MjEwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTljNjQwYTU0NzFlY2UxYTBkODE2NzVkMjkxMDNiY2NjN2VmN2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwSu3PLLBDYIEV4SNJY8wHW71Imf
7XOwKgrFNgR6qmTASielVMm5g1I4uWbk+QKjIaIgeGvOJCk+/DzAfgEp+RQNad2j
KMV3Ldtj8o/W5vOE0aY0nVzQpuzzvOBpjQAuXy4JcrEsGzt0dMIef2aTLwp1jIyL
YbMMKYSq1Dwr33/K/ju+cNFKaZHI06sZOEFGX7e8wlaZwijMzgSkMpCPJWJ4dWcM
9MN05Qu7PTHiQ1gDeT5jjaX/tPM7zlyPEpkaAMkICgrA40oNi7LOuncJCzYfD8UN
AUnlaQgEuyTr954uGz+ZSMVQQVdj+6hyrFoIWT239DPrlysHB6wUu9LRNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF6cZApUcezhoNgWddKRA7zMfvfFMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWHB4a0NsUng3T0dnMkJaMTBwRUR2TXgtOThVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACGEzv99F/rcqfY78VLS
M+0pGw1aMnkHsy51oBMTxUZz8hB553opmJGngm6/3t/LOXMvMujqvGvHUtODnNqW
u67caVNIrv6r/JgMex+V34LCSWS1yfvmEc8LzpobmMB7OR2EvvvocbGcD88Kbs3w
zwFRpHL91IR/WiHo4KyJXEEpGCkJSkRczJsraIdZKHU5zX7OMGZejIZqiBV0Igv8
FQtDpkEFPMSHeB21+GppTxjpUgsN2/SiFLFn9Jv74ftztf5Mz0Aynhi+2pcYn+pU
B5MPe3HH9khmq1zkwvTWX8fT4xL4TUggmzXDO/WfmckFDwTlxPeQUADuEWT+5Pl+
CVI=
-----END CERTIFICATE-----
Generated at Tue Jul 16 00:50:57 2024 by rpki-client on console-fra.rpki-client.org