Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_WHf3fHcCa3ItIz7ApXRgq5A35w.roa
File: _WHf3fHcCa3ItIz7ApXRgq5A35w.roa (raw, json)
Hash identifier: IoP/10aBwaQbOsEV85ZHuBmwRv/pqx1s65Gj8UC52Dg=
Subject key identifier: FD:61:DF:DD:F1:DC:09:AD:C8:B4:8C:FB:02:95:D1:82:AE:40:DF:9C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190219A8A906469BC0DE7D8715DF811AF68
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_WHf3fHcCa3ItIz7ApXRgq5A35w.roa
Signing time: Sun 16 Jun 2024 15:11:34 +0000
ROA not before: Sun 16 Jun 2024 15:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 16 Jun 2024 16:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:21:9a:8a:90:64:69:bc:0d:e7:d8:71:5d:f8:11:af:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 16 15:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd61dfddf1dc09adc8b48cfb0295d182ae40df9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:13:47:1b:98:bb:47:3b:0a:fe:c9:ee:a5:f1:
6e:18:c1:1e:74:18:64:ba:ba:e1:5e:23:6b:13:f0:
32:9d:92:36:40:6d:57:67:49:06:d9:c7:34:9e:9a:
04:65:4a:f3:22:05:c5:a2:ff:3b:0d:8a:61:0a:a4:
bc:71:30:15:08:f0:e6:5f:5a:68:14:3f:0c:35:ce:
d8:1d:3d:c2:5b:5e:8c:e4:87:f0:35:e4:e4:04:c6:
29:da:f9:1a:0f:fc:5c:e4:ff:d0:13:1a:20:da:e9:
44:60:c0:fa:49:ef:c0:60:5f:b0:1a:60:7e:a3:ad:
68:3e:b7:ff:da:cb:90:91:0a:63:8d:b2:92:aa:31:
98:81:32:33:8e:30:19:46:55:73:d1:46:4e:28:3b:
79:c1:16:e2:8f:65:34:9b:94:65:85:77:b9:ba:16:
03:f6:9f:b4:ed:7f:77:41:06:0d:9d:94:1b:37:08:
a4:01:4f:57:a1:f1:f8:a0:6e:0d:f0:17:34:49:ab:
64:f6:b8:1c:5a:8e:e6:04:3d:3a:48:67:40:94:ef:
63:6b:a1:7c:c1:e0:13:0c:95:33:44:0c:a9:93:ba:
ca:a1:70:5e:bf:83:dc:0f:43:d0:c5:39:81:d1:42:
64:cd:cf:71:be:a8:63:04:07:c0:c6:02:c1:2b:77:
e6:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:61:DF:DD:F1:DC:09:AD:C8:B4:8C:FB:02:95:D1:82:AE:40:DF:9C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_WHf3fHcCa3ItIz7ApXRgq5A35w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:1d:7b:84:f6:ee:06:fa:81:bd:09:b9:90:71:0d:0f:a4:11:
43:29:90:48:0e:df:9f:ce:2e:dc:6f:c8:96:73:8b:41:23:60:
96:9f:fc:2e:02:ff:34:c1:dd:80:d9:3b:48:a9:c8:4b:58:76:
0a:12:a3:86:1e:ca:26:f6:93:e8:fc:d3:85:7f:5b:3f:e9:13:
9f:43:53:57:cb:20:4a:d6:cc:9e:2b:3e:c2:56:20:7f:71:0d:
83:e1:d5:6d:62:15:cf:75:24:24:95:c1:34:b8:c0:80:58:f5:
3a:4c:15:c9:47:6c:86:e9:ab:2c:64:6f:8d:67:18:f7:df:1d:
d9:09:54:15:c5:e2:8f:3f:42:1a:3a:72:fa:4b:5a:81:99:e4:
62:dd:df:c0:06:c1:94:3b:75:26:fd:5d:25:59:28:cb:f0:aa:
41:0c:4c:a7:1b:32:8f:5f:66:e1:70:5c:5d:0f:13:00:10:43:
e3:93:c9:8a:0e:08:8f:a0:3f:9e:87:37:51:bc:22:32:f7:b0:
8b:8c:db:7d:9a:d2:52:b8:04:b1:d3:89:af:f5:74:bf:d8:ab:
06:33:b5:46:07:04:f0:cc:7f:1f:fe:89:ce:14:a8:cd:07:6c:
cf:45:9d:04:93:10:02:95:21:e8:33:3b:5c:75:f1:46:f7:7b:
d1:68:4b:22
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAhmoqQZGm8DefYcV34Ea9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE2MTUxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDYxZGZkZGYxZGMwOWFkYzhiNDhjZmIwMjk1ZDE4MmFlNDBkZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthNHG5i7RzsK/snupfFuGMEedBhk
urrhXiNrE/AynZI2QG1XZ0kG2cc0npoEZUrzIgXFov87DYphCqS8cTAVCPDmX1po
FD8MNc7YHT3CW16M5IfwNeTkBMYp2vkaD/xc5P/QExog2ulEYMD6Se/AYF+wGmB+
o61oPrf/2suQkQpjjbKSqjGYgTIzjjAZRlVz0UZOKDt5wRbij2U0m5RlhXe5uhYD
9p+07X93QQYNnZQbNwikAU9XofH4oG4N8Bc0Satk9rgcWo7mBD06SGdAlO9ja6F8
weATDJUzRAypk7rKoXBev4PcD0PQxTmB0UJkzc9xvqhjBAfAxgLBK3fmXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP1h393x3AmtyLSM+wKV0YKuQN+cMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvX1dIZjNmSGNDYTNJdEl6N0FwWFJncTVBMzV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHYde4T27gb6gb0JuZBx
DQ+kEUMpkEgO35/OLtxvyJZzi0EjYJaf/C4C/zTB3YDZO0ipyEtYdgoSo4Yeyib2
k+j804V/Wz/pE59DU1fLIErWzJ4rPsJWIH9xDYPh1W1iFc91JCSVwTS4wIBY9TpM
FclHbIbpqyxkb41nGPffHdkJVBXF4o8/Qho6cvpLWoGZ5GLd38AGwZQ7dSb9XSVZ
KMvwqkEMTKcbMo9fZuFwXF0PEwAQQ+OTyYoOCI+gP56HN1G8IjL3sIuM232a0lK4
BLHTia/1dL/YqwYztUYHBPDMfx/+ic4UqM0HbM9FnQSTEAKVIegzO1x18Ub3e9Fo
SyI=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:44 2025 by rpki-client