Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YPhU7CNJEw2x3ufhYM-cUIFe6KU.roa
File: YPhU7CNJEw2x3ufhYM-cUIFe6KU.roa (raw, json)
Hash identifier: jxfAYdrFvUnvMn+8E91mPzl2BRWrK3sm/gdShHXmiEI=
Subject key identifier: 60:F8:54:EC:23:49:13:0D:B1:DE:E7:E1:60:CF:9C:50:81:5E:E8:A5
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01901DB75D73609CA2A581772C35291DD575
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YPhU7CNJEw2x3ufhYM-cUIFe6KU.roa
Signing time: Sat 15 Jun 2024 21:04:34 +0000
ROA not before: Sat 15 Jun 2024 21:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:1db6:fcf4/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 15 Jun 2024 21:10:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:1d:b7:5d:73:60:9c:a2:a5:81:77:2c:35:29:1d:d5:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 15 21:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60f854ec2349130db1dee7e160cf9c50815ee8a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:88:ad:95:87:05:c9:bd:61:70:b6:8d:25:d6:
88:02:cc:f8:ac:30:42:33:b2:15:a7:c1:e4:ea:09:
2e:18:98:27:16:30:fa:bd:02:7c:7d:3c:11:ec:3f:
dc:d8:b9:30:b0:e3:0f:dd:78:4a:aa:d4:a7:08:69:
f5:2f:7e:bc:ea:25:7a:6e:bd:fb:4a:13:33:c7:6f:
a3:fa:6a:86:5e:3d:16:fe:21:67:10:a2:17:84:e8:
3b:d5:79:f3:f5:6a:2f:7d:ec:f0:93:6e:fd:b3:9c:
1d:c4:3c:a0:99:55:07:5b:46:7f:4f:f9:33:45:cd:
86:c8:59:7e:d7:c8:51:62:d6:0d:be:73:0c:4c:d6:
9b:e5:85:39:ca:33:7e:05:61:ab:23:cb:6e:c4:2f:
02:61:78:9e:1d:32:d1:a2:84:b7:e6:ca:37:8a:c7:
d4:88:85:71:1d:62:d9:4a:d3:c0:5a:18:c3:f9:33:
30:e9:13:3c:dc:99:4d:bc:3d:54:94:95:a9:82:b5:
82:fd:7a:e5:77:91:54:f8:50:e6:e8:d6:8d:86:7b:
06:03:14:f2:5d:8c:4e:fb:bb:1f:f9:7b:a6:f9:b3:
ab:3a:e7:48:7f:ba:16:7c:2c:d8:58:b5:d5:6f:61:
0b:a0:09:23:2d:f9:39:0c:26:fd:48:80:ab:7e:71:
dc:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F8:54:EC:23:49:13:0D:B1:DE:E7:E1:60:CF:9C:50:81:5E:E8:A5
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YPhU7CNJEw2x3ufhYM-cUIFe6KU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
19:58:a2:c6:22:39:9d:57:45:e9:67:fa:b3:80:23:43:df:52:
65:01:13:bb:b0:ed:81:4e:06:bf:4b:cd:00:dc:81:3a:71:36:
6a:0f:a0:63:c1:62:6f:77:a7:aa:25:8a:df:cd:7a:89:50:f5:
71:87:54:67:96:75:b6:14:0c:41:51:f9:0d:4f:03:df:8c:e0:
7f:1f:5a:6e:4e:be:5c:4a:e0:8a:bd:df:f0:94:92:bb:2a:e2:
7e:7a:5e:7d:28:86:e5:60:ac:8e:a4:40:0a:8f:d7:84:9f:88:
7c:dc:49:51:3a:3e:5c:6d:6c:3a:c4:30:e0:0b:80:60:f7:01:
1e:41:73:7a:6c:c1:05:35:9c:40:20:83:02:ed:cb:53:e3:65:
5e:d6:f5:3f:8b:c8:cb:b7:8c:12:01:f8:39:63:17:8b:7c:6e:
d6:32:0d:33:7c:a1:4e:c9:81:e4:22:16:e6:89:1c:4e:98:3e:
10:df:3f:d1:38:21:e4:08:38:b2:41:c4:6b:b6:ea:1b:0b:0e:
fc:9f:15:90:26:6f:d6:53:7e:ff:b5:91:f1:94:5f:5a:a7:4e:
a6:8a:97:97:0d:47:a0:09:91:44:08:c0:13:6d:63:56:ec:34:
eb:61:d1:64:d5:25:b0:4a:50:80:f1:4f:30:a5:fd:5e:4a:37:
b4:ae:23:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAdt11zYJyipYF3LDUpHdV1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE1MjEwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGY4NTRlYzIzNDkxMzBkYjFkZWU3ZTE2MGNmOWM1MDgxNWVlOGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYitlYcFyb1hcLaNJdaIAsz4rDBC
M7IVp8Hk6gkuGJgnFjD6vQJ8fTwR7D/c2LkwsOMP3XhKqtSnCGn1L3686iV6br37
ShMzx2+j+mqGXj0W/iFnEKIXhOg71Xnz9Wovfezwk279s5wdxDygmVUHW0Z/T/kz
Rc2GyFl+18hRYtYNvnMMTNab5YU5yjN+BWGrI8tuxC8CYXieHTLRooS35so3isfU
iIVxHWLZStPAWhjD+TMw6RM83JlNvD1UlJWpgrWC/Xrld5FU+FDm6NaNhnsGAxTy
XYxO+7sf+Xum+bOrOudIf7oWfCzYWLXVb2ELoAkjLfk5DCb9SICrfnHcQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGD4VOwjSRMNsd7n4WDPnFCBXuilMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWVBoVTdDTkpFdzJ4M3VmaFlNLWNVSUZlNktVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABlYosYiOZ1XReln+rOA
I0PfUmUBE7uw7YFOBr9LzQDcgTpxNmoPoGPBYm93p6olit/NeolQ9XGHVGeWdbYU
DEFR+Q1PA9+M4H8fWm5OvlxK4Iq93/CUkrsq4n56Xn0ohuVgrI6kQAqP14SfiHzc
SVE6PlxtbDrEMOALgGD3AR5Bc3pswQU1nEAggwLty1PjZV7W9T+LyMu3jBIB+Dlj
F4t8btYyDTN8oU7JgeQiFuaJHE6YPhDfP9E4IeQIOLJBxGu26hsLDvyfFZAmb9ZT
fv+1kfGUX1qnTqaKl5cNR6AJkUQIwBNtY1bsNOth0WTVJbBKUIDxTzCl/V5KN7Su
I4Y=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:11 2025 by rpki-client