Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_ckEXkov4F-IO9cPGWD9ioImrPc.roa
File: _ckEXkov4F-IO9cPGWD9ioImrPc.roa (raw, json)
Hash identifier: doigLBCznd/8aCmYIM1Obpyq7SQAaoijgzueUpIrbzQ=
Subject key identifier: FD:C9:04:5E:4A:2F:E0:5F:88:3B:D7:0F:19:60:FD:8A:82:26:AC:F7
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01908529A9E88CB4B408B2B2478391DBC452
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_ckEXkov4F-IO9cPGWD9ioImrPc.roa
Signing time: Fri 05 Jul 2024 23:10:18 +0000
ROA not before: Fri 05 Jul 2024 23:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 06 Jul 2024 00:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:85:29:a9:e8:8c:b4:b4:08:b2:b2:47:83:91:db:c4:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 5 23:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdc9045e4a2fe05f883bd70f1960fd8a8226acf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c8:32:fc:3d:b2:0a:1c:e2:7f:73:28:d6:b1:
df:3b:b3:2a:35:de:8a:ff:c8:24:99:31:4f:33:0b:
48:7e:fc:4a:af:22:e1:82:ee:65:85:35:f1:38:d8:
d6:5f:8a:5f:e0:19:6a:ab:6c:0f:6d:ba:e5:60:2e:
9a:e3:b1:49:8c:45:f3:51:9f:b6:df:79:99:09:c8:
08:2c:3b:ab:9f:24:31:28:f5:1d:27:66:8f:2a:8f:
7f:64:dd:c9:4f:83:ca:7c:91:df:10:7a:0e:67:35:
8d:f6:ed:21:83:45:ad:f1:08:22:2a:a4:4f:b1:5c:
07:29:ca:a5:bd:8c:e4:de:3f:06:84:45:81:da:89:
f6:fe:71:c3:ac:a8:92:d5:b2:b6:77:86:56:fa:f5:
99:12:93:e2:fc:35:e1:0f:57:a6:3a:2f:63:48:6c:
e6:cd:fd:7d:d5:9c:91:bd:40:f0:ad:4d:13:15:b5:
ec:de:01:8c:23:20:d0:0c:db:ac:75:b1:5c:f4:ed:
63:ca:32:0f:e2:5e:0f:ec:06:ed:1c:e0:e7:25:70:
15:00:1b:1f:94:9f:e8:59:ac:c3:3f:24:56:fa:e7:
c5:39:97:96:8e:e1:ca:27:ce:4a:df:fc:f2:7a:ec:
3b:60:63:39:71:a7:04:df:01:3a:d0:18:7b:ef:a2:
6c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:C9:04:5E:4A:2F:E0:5F:88:3B:D7:0F:19:60:FD:8A:82:26:AC:F7
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_ckEXkov4F-IO9cPGWD9ioImrPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:3c:29:57:d5:75:f4:b3:a6:7b:11:44:50:82:f7:58:e1:eb:
9f:49:a2:00:92:1f:3a:57:70:d7:6f:a3:ed:3c:4c:6b:43:4d:
7b:93:21:cf:ba:a8:34:38:8a:f3:cf:33:68:2c:c3:8d:1c:9e:
22:b4:ba:7e:0c:52:a6:92:87:9a:1a:b2:d1:b0:aa:1d:ba:cb:
df:88:b5:50:ae:d1:45:89:2a:f1:99:36:9d:b5:a1:a8:0d:ab:
2e:8f:9d:d9:ec:83:71:42:14:36:f2:21:5f:85:96:11:cc:99:
9e:b0:27:8c:9b:33:b9:ea:81:bc:60:97:12:0d:99:8b:3a:f1:
7e:89:72:62:04:dc:07:a0:71:a3:8a:5e:1a:04:03:1b:1f:f8:
b1:46:63:96:c4:8c:f7:03:e9:15:08:2b:0a:27:02:d8:f6:69:
88:d1:83:a2:0e:39:d5:d8:a5:ab:15:29:35:b1:6e:9a:22:67:
ca:e3:e8:a1:fa:d9:c3:5d:1b:92:3a:72:7f:d7:16:f2:dc:30:
25:2a:29:60:05:30:2c:c9:81:c9:95:db:ed:20:a0:2d:49:2e:
1d:7f:07:63:cf:9b:cd:32:c2:62:e1:98:91:57:46:16:61:9d:
9a:05:8c:b8:d4:a4:cc:e4:f3:02:ee:a9:d9:a5:a5:3f:fa:6a:
f8:eb:a6:11
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCFKanojLS0CLKyR4OR28RSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA1MjMxMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGM5MDQ1ZTRhMmZlMDVmODgzYmQ3MGYxOTYwZmQ4YTgyMjZhY2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncgy/D2yChzif3Mo1rHfO7MqNd6K
/8gkmTFPMwtIfvxKryLhgu5lhTXxONjWX4pf4Blqq2wPbbrlYC6a47FJjEXzUZ+2
33mZCcgILDurnyQxKPUdJ2aPKo9/ZN3JT4PKfJHfEHoOZzWN9u0hg0Wt8QgiKqRP
sVwHKcqlvYzk3j8GhEWB2on2/nHDrKiS1bK2d4ZW+vWZEpPi/DXhD1emOi9jSGzm
zf191ZyRvUDwrU0TFbXs3gGMIyDQDNusdbFc9O1jyjIP4l4P7AbtHODnJXAVABsf
lJ/oWazDPyRW+ufFOZeWjuHKJ85K3/zyeuw7YGM5cacE3wE60Bh776JsLwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP3JBF5KL+BfiDvXDxlg/YqCJqz3MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvX2NrRVhrb3Y0Ri1JTzljUEdXRDlpb0ltclBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHM8KVfVdfSzpnsRRFCC
91jh659JogCSHzpXcNdvo+08TGtDTXuTIc+6qDQ4ivPPM2gsw40cniK0un4MUqaS
h5oastGwqh26y9+ItVCu0UWJKvGZNp21oagNqy6Pndnsg3FCFDbyIV+FlhHMmZ6w
J4ybM7nqgbxglxINmYs68X6JcmIE3AegcaOKXhoEAxsf+LFGY5bEjPcD6RUIKwon
Atj2aYjRg6IOOdXYpasVKTWxbpoiZ8rj6KH62cNdG5I6cn/XFvLcMCUqKWAFMCzJ
gcmV2+0goC1JLh1/B2PPm80ywmLhmJFXRhZhnZoFjLjUpMzk8wLuqdmlpT/6avjr
phE=
-----END CERTIFICATE-----
Generated at Sat Jul 6 01:39:25 2024 by rpki-client on console-ams.rpki-client.org