Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Zd1B1UiVOoN7ODV0nj92uIrniHc.roa
File: Zd1B1UiVOoN7ODV0nj92uIrniHc.roa (raw, json)
Hash identifier: drQZDY2QL45Tuoeg5R6GX0tv0+qTFg4qMMGfknQdWic=
Subject key identifier: 65:DD:41:D5:48:95:3A:83:7B:38:35:74:9E:3F:76:B8:8A:E7:88:77
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190B195ACE6A814CE85B0A2F828AACD6805
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Zd1B1UiVOoN7ODV0nj92uIrniHc.roa
Signing time: Sun 14 Jul 2024 14:11:34 +0000
ROA not before: Sun 14 Jul 2024 14:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 14 Jul 2024 15:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b1:95:ac:e6:a8:14:ce:85:b0:a2:f8:28:aa:cd:68:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 14 14:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65dd41d548953a837b3835749e3f76b88ae78877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:3e:c1:58:5a:99:c2:d4:c5:a2:d6:a0:f1:fc:
29:ee:10:51:6b:d5:f8:e3:50:00:9b:ca:79:c2:e8:
a0:e2:5f:1e:62:62:35:41:9e:99:a8:f2:42:fc:f0:
e2:46:4a:c7:8d:fc:60:6f:61:aa:10:ce:25:f5:d5:
89:0f:36:e6:fb:db:d0:7d:2f:0b:5d:81:44:10:de:
3f:67:36:f9:39:ad:04:fd:a0:16:d3:3a:75:fb:f3:
41:fc:98:3e:2e:7d:46:81:7c:6b:5d:0d:c3:91:28:
06:f5:0b:4e:73:bd:10:d5:56:16:03:18:11:0c:13:
ae:b0:76:79:2f:09:9a:b7:ce:d7:d8:e0:81:08:7f:
e6:91:1d:0a:2a:62:e6:d4:0b:01:54:f1:2e:08:23:
fe:16:58:1c:3f:a6:7a:00:3d:1b:33:14:09:be:43:
7c:88:4d:53:05:4c:b7:4d:4e:fa:2e:2b:fd:ab:b7:
98:1d:51:0e:8e:fe:a2:c4:95:97:f1:e0:c4:8c:7e:
17:0c:2c:ed:5b:e4:7a:01:15:cf:85:2f:fe:3a:53:
7c:67:a1:a2:e1:ae:70:7f:6c:61:ea:d0:22:ad:49:
ba:a6:2b:76:f4:a6:dd:ab:f1:d0:1d:9d:a9:84:a3:
13:19:f7:98:8c:fa:bd:c6:fb:b4:b6:40:07:f0:42:
e6:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:DD:41:D5:48:95:3A:83:7B:38:35:74:9E:3F:76:B8:8A:E7:88:77
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Zd1B1UiVOoN7ODV0nj92uIrniHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:49:be:29:39:4c:19:88:3b:e0:71:c6:0d:c6:78:c1:d3:15:
ea:f0:61:6d:b3:d8:53:f3:10:05:b7:b8:c5:ea:05:97:87:b5:
e9:bf:ae:bb:ca:cd:da:53:57:69:00:ce:4a:65:de:ec:02:b3:
b8:d5:12:6e:58:08:43:02:12:fa:42:90:2c:c3:b4:ad:6e:0f:
48:17:46:d0:5e:1b:39:eb:a0:fe:c4:b4:89:20:74:27:ca:33:
98:bc:52:06:e2:c0:f7:6f:d3:a2:44:9e:5b:f5:01:75:a1:70:
96:8c:92:a5:7a:fc:57:74:a4:64:95:b3:0b:56:8c:79:0a:ed:
b0:24:86:ab:b2:82:29:01:1b:cc:05:c2:77:46:db:c4:94:7d:
26:ab:0d:36:71:3d:e1:12:78:c5:cd:8f:f7:f4:4c:a8:fd:f9:
c5:f2:d5:72:07:b9:98:6d:82:b3:e2:e0:d2:34:f2:c5:b9:19:
47:76:13:cb:9b:2b:8e:39:e4:f8:3a:e2:5d:9b:0e:aa:00:55:
8f:f4:bc:60:8a:17:0a:a9:35:84:15:70:bb:fe:c7:7e:3b:18:
b6:a0:2b:d3:0b:f8:ee:97:4e:e8:76:32:4c:04:a6:bb:5c:99:
cf:02:af:0a:1f:f2:29:a0:86:17:5c:54:96:2d:fb:79:1a:b4:
4a:94:25:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCxlazmqBTOhbCi+CiqzWgFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzE0MTQxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWRkNDFkNTQ4OTUzYTgzN2IzODM1NzQ5ZTNmNzZiODhhZTc4ODc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjz7BWFqZwtTFotag8fwp7hBRa9X4
41AAm8p5wuig4l8eYmI1QZ6ZqPJC/PDiRkrHjfxgb2GqEM4l9dWJDzbm+9vQfS8L
XYFEEN4/Zzb5Oa0E/aAW0zp1+/NB/Jg+Ln1GgXxrXQ3DkSgG9QtOc70Q1VYWAxgR
DBOusHZ5Lwmat87X2OCBCH/mkR0KKmLm1AsBVPEuCCP+FlgcP6Z6AD0bMxQJvkN8
iE1TBUy3TU76Liv9q7eYHVEOjv6ixJWX8eDEjH4XDCztW+R6ARXPhS/+OlN8Z6Gi
4a5wf2xh6tAirUm6pit29Kbdq/HQHZ2phKMTGfeYjPq9xvu0tkAH8ELmiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGXdQdVIlTqDezg1dJ4/driK54h3MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWmQxQjFVaVZPb043T0RWMG5qOTJ1SXJuaUhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHZJvik5TBmIO+Bxxg3G
eMHTFerwYW2z2FPzEAW3uMXqBZeHtem/rrvKzdpTV2kAzkpl3uwCs7jVEm5YCEMC
EvpCkCzDtK1uD0gXRtBeGznroP7EtIkgdCfKM5i8UgbiwPdv06JEnlv1AXWhcJaM
kqV6/Fd0pGSVswtWjHkK7bAkhquygikBG8wFwndG28SUfSarDTZxPeESeMXNj/f0
TKj9+cXy1XIHuZhtgrPi4NI08sW5GUd2E8ubK4455Pg64l2bDqoAVY/0vGCKFwqp
NYQVcLv+x347GLagK9ML+O6XTuh2MkwEprtcmc8Crwof8imghhdcVJYt+3katEqU
JWk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:32:54 2025 by rpki-client