Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_MFQnNYQckbQVEvDpVQelcxSICU.roa
File: _MFQnNYQckbQVEvDpVQelcxSICU.roa (raw, json)
Hash identifier: 0xtfvLaD3ETHEGyNNxw96fCptZzriA90RlKMYyMsgas=
Subject key identifier: FC:C1:50:9C:D6:10:72:46:D0:54:4B:C3:A5:54:1E:95:CC:52:20:25
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190A85B9CE70C61B4324F6BA08D9B339F41
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_MFQnNYQckbQVEvDpVQelcxSICU.roa
Signing time: Fri 12 Jul 2024 19:11:34 +0000
ROA not before: Fri 12 Jul 2024 19:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 12 Jul 2024 20:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a8:5b:9c:e7:0c:61:b4:32:4f:6b:a0:8d:9b:33:9f:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 12 19:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fcc1509cd6107246d0544bc3a5541e95cc522025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:19:c4:8f:12:52:16:96:27:af:e3:c0:b5:fa:
21:4c:e0:7b:5b:4a:fd:bf:c6:43:21:b7:b8:7b:21:
7f:c0:c9:1c:8f:5c:77:61:92:6f:89:a0:f8:73:ec:
fb:96:55:32:d2:21:0d:83:54:3a:c1:42:2a:71:8e:
04:0c:1d:27:00:8b:81:e6:63:bd:a4:00:64:25:1e:
fc:33:34:f5:ae:8c:23:4a:03:86:0b:0a:cb:2a:4e:
31:e3:0a:7c:c4:3c:8c:3e:3a:f6:40:56:69:eb:1b:
1a:7d:70:0b:4b:25:15:c5:cd:ab:5d:60:3a:57:51:
3a:ee:96:ed:52:3c:da:17:7d:61:19:93:cc:1b:20:
a6:6a:45:3b:0d:cf:b5:97:d6:9a:c1:3e:e3:ae:52:
ce:76:8b:09:59:fc:77:3d:c4:a0:43:83:78:c1:bc:
f6:88:0c:98:ee:48:ad:62:86:15:81:a8:f4:5a:fa:
5f:2f:97:0a:aa:ef:10:93:09:a5:2c:b6:1d:8e:22:
4c:79:51:e5:71:3a:0b:6d:07:63:75:6f:f7:f1:ca:
84:ea:6f:0d:53:7d:b9:cf:a2:e1:6b:6f:84:3a:81:
eb:03:77:e4:b4:16:b6:b0:d0:db:85:c7:41:47:46:
8d:c6:9e:10:20:ab:4e:ae:cc:dd:33:75:67:97:50:
e3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:C1:50:9C:D6:10:72:46:D0:54:4B:C3:A5:54:1E:95:CC:52:20:25
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_MFQnNYQckbQVEvDpVQelcxSICU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5d:a7:46:2f:00:99:3e:e7:1e:0a:d0:dc:e1:23:25:63:9a:ba:
18:18:b6:ed:87:87:27:f2:4d:87:ce:0e:70:52:45:b4:b4:0f:
84:f5:84:b0:a3:2e:8e:4c:12:17:78:a0:30:75:2e:40:c1:37:
dd:28:4a:a5:f2:ad:37:1e:8f:c5:d7:a4:05:e3:1e:92:a1:92:
70:35:70:f2:5e:f5:18:a1:59:c2:0b:8d:33:cb:4b:38:d8:ad:
ec:30:d6:f6:e8:3e:6e:46:51:46:9d:6f:fa:dc:dd:0b:a4:b6:
6d:17:13:10:13:07:51:6c:ab:e1:34:f2:48:fb:a8:6a:e9:b0:
56:a6:79:70:3e:ee:4c:ff:df:ec:1f:c2:3a:e3:b1:45:36:31:
a2:e7:a9:3d:49:b4:bb:1a:24:de:d3:84:a7:1a:d1:59:25:5d:
8e:e0:c3:c7:9d:c4:02:82:6b:aa:ea:66:b2:cc:dc:b3:2c:42:
44:63:5b:a9:af:c6:8d:1c:8a:96:59:95:4e:a3:c9:8d:5b:86:
ab:9c:68:b9:7f:6a:81:45:89:ab:a0:76:00:84:94:6b:a6:45:
25:65:64:c6:35:bc:ff:9c:cc:0f:cc:5c:6e:84:81:2e:f8:4a:
7c:5d:d8:5a:5d:bb:a6:42:49:b4:4f:41:1c:09:8d:74:ee:9d:
73:f6:15:08
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCoW5znDGG0Mk9roI2bM59BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEyMTkxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2MxNTA5Y2Q2MTA3MjQ2ZDA1NDRiYzNhNTU0MWU5NWNjNTIyMDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRnEjxJSFpYnr+PAtfohTOB7W0r9
v8ZDIbe4eyF/wMkcj1x3YZJviaD4c+z7llUy0iENg1Q6wUIqcY4EDB0nAIuB5mO9
pABkJR78MzT1rowjSgOGCwrLKk4x4wp8xDyMPjr2QFZp6xsafXALSyUVxc2rXWA6
V1E67pbtUjzaF31hGZPMGyCmakU7Dc+1l9aawT7jrlLOdosJWfx3PcSgQ4N4wbz2
iAyY7kitYoYVgaj0WvpfL5cKqu8QkwmlLLYdjiJMeVHlcToLbQdjdW/38cqE6m8N
U325z6Lha2+EOoHrA3fktBa2sNDbhcdBR0aNxp4QIKtOrszdM3Vnl1DjhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPzBUJzWEHJG0FRLw6VUHpXMUiAlMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvX01GUW5OWVFja2JRVkV2RHBWUWVsY3hTSUNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF2nRi8AmT7nHgrQ3OEj
JWOauhgYtu2HhyfyTYfODnBSRbS0D4T1hLCjLo5MEhd4oDB1LkDBN90oSqXyrTce
j8XXpAXjHpKhknA1cPJe9RihWcILjTPLSzjYreww1vboPm5GUUadb/rc3Quktm0X
ExATB1Fsq+E08kj7qGrpsFameXA+7kz/3+wfwjrjsUU2MaLnqT1JtLsaJN7ThKca
0VklXY7gw8edxAKCa6rqZrLM3LMsQkRjW6mvxo0cipZZlU6jyY1bhqucaLl/aoFF
iaugdgCElGumRSVlZMY1vP+czA/MXG6EgS74Snxd2Fpdu6ZCSbRPQRwJjXTunXP2
FQg=
-----END CERTIFICATE-----
Generated at Fri Jul 12 21:15:30 2024 by rpki-client on console-fra.rpki-client.org