Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_gYVbRR2LoIxBncMAnMbXv8nPSA.roa
File: _gYVbRR2LoIxBncMAnMbXv8nPSA.roa (raw, json)
Hash identifier: U295lFdUQjk+Ycrzy52CEm789deYHN2VUu4HkEw1R04=
Subject key identifier: FE:06:15:6D:14:76:2E:82:31:06:77:0C:02:73:1B:5E:FF:27:3D:20
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019073914572DB6D463161894E9C353B6A85
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_gYVbRR2LoIxBncMAnMbXv8nPSA.roa
Signing time: Tue 02 Jul 2024 13:10:18 +0000
ROA not before: Tue 02 Jul 2024 13:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jul 2024 14:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:73:91:45:72:db:6d:46:31:61:89:4e:9c:35:3b:6a:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 2 13:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe06156d14762e823106770c02731b5eff273d20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1c:9b:a9:ee:c6:30:92:fb:bc:28:ad:d3:5d:
1e:77:02:1f:e4:b0:dc:f8:a7:70:9f:98:72:9f:92:
36:de:13:f3:3d:24:19:8e:9b:f1:73:80:68:45:22:
46:5f:b4:f0:a8:85:ab:96:57:e8:a5:4d:a1:7e:ab:
49:2c:84:94:c6:32:bd:72:53:2b:2a:20:58:a8:0e:
9c:68:bf:2b:dd:d0:86:7c:a0:cb:aa:a7:40:4f:2a:
8f:a2:ae:e7:94:30:55:be:3b:d2:1b:07:16:00:2b:
dd:66:6b:cb:35:22:8d:e4:2d:be:2f:03:1e:f9:82:
ee:20:e8:dd:7a:45:a9:53:ce:1f:25:76:b5:3b:e6:
e2:bd:57:d6:60:f5:8e:a8:86:5c:5f:86:ba:b1:12:
5d:85:86:11:ff:3e:93:d0:d3:ff:39:ed:64:0b:43:
e1:e5:0f:8c:ab:6c:17:1f:56:f4:df:6e:65:07:a1:
c8:4b:26:0e:a7:e8:07:94:09:f8:78:78:e7:a2:b1:
23:b3:e8:ea:89:06:e7:2c:47:46:3b:93:87:a7:e3:
e0:a2:25:24:bd:ff:a4:bc:78:a5:78:26:f0:86:0c:
56:b4:83:92:21:8d:2e:7c:a2:21:59:66:41:0b:52:
2e:ce:e1:43:dd:73:27:ff:ad:5e:74:3f:53:40:4b:
aa:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:06:15:6D:14:76:2E:82:31:06:77:0C:02:73:1B:5E:FF:27:3D:20
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_gYVbRR2LoIxBncMAnMbXv8nPSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5d:a2:b1:d3:75:16:20:e8:66:e7:1b:e1:0b:a0:03:ad:28:f8:
47:0f:23:5c:3d:3e:0b:b0:e1:ea:51:b6:35:05:5e:89:38:9f:
cc:49:25:e2:3e:77:e9:56:0a:6d:c6:5d:0f:a9:90:f7:5f:9d:
d1:0e:23:a8:68:62:77:53:47:5d:fe:15:3c:73:59:f5:35:a8:
c7:9d:83:43:30:de:d2:61:ef:11:06:1d:61:5f:10:62:9b:87:
10:60:86:31:7d:6e:3c:3a:d8:eb:0c:46:9c:12:16:fc:b5:ee:
80:c9:dc:b7:0d:c6:02:bd:54:ea:ac:51:5b:a4:f9:8c:12:57:
ea:fc:2c:fc:93:bd:4a:ee:8f:b2:63:94:6e:1d:e6:9f:db:a6:
3d:41:45:cb:0a:72:9c:54:4d:70:9b:db:1b:8c:0d:46:c4:90:
32:e0:c6:10:a4:89:46:89:5f:ed:93:5c:4d:7c:47:6e:cd:73:
2c:a6:03:33:8a:04:c9:8b:2b:21:d7:68:be:5c:92:ee:31:0c:
b1:f0:d2:15:86:9b:58:0e:7d:56:ab:bc:5d:20:28:30:9b:86:
2f:64:6d:86:3b:ae:73:47:2b:de:4f:90:a1:fb:93:d1:f0:b7:
74:b3:2f:07:17:b3:1b:d7:06:8d:69:25:9e:ab:e5:44:6b:76:
82:f3:57:d5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBzkUVy221GMWGJTpw1O2qFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAyMTMxMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTA2MTU2ZDE0NzYyZTgyMzEwNjc3MGMwMjczMWI1ZWZmMjczZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshybqe7GMJL7vCit010edwIf5LDc
+Kdwn5hyn5I23hPzPSQZjpvxc4BoRSJGX7TwqIWrllfopU2hfqtJLISUxjK9clMr
KiBYqA6caL8r3dCGfKDLqqdATyqPoq7nlDBVvjvSGwcWACvdZmvLNSKN5C2+LwMe
+YLuIOjdekWpU84fJXa1O+bivVfWYPWOqIZcX4a6sRJdhYYR/z6T0NP/Oe1kC0Ph
5Q+Mq2wXH1b0325lB6HISyYOp+gHlAn4eHjnorEjs+jqiQbnLEdGO5OHp+PgoiUk
vf+kvHileCbwhgxWtIOSIY0ufKIhWWZBC1IuzuFD3XMn/61edD9TQEuqJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP4GFW0Udi6CMQZ3DAJzG17/Jz0gMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvX2dZVmJSUjJMb0l4Qm5jTUFuTWJYdjhuUFNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF2isdN1FiDoZucb4Qug
A60o+EcPI1w9Pguw4epRtjUFXok4n8xJJeI+d+lWCm3GXQ+pkPdfndEOI6hoYndT
R13+FTxzWfU1qMedg0Mw3tJh7xEGHWFfEGKbhxBghjF9bjw62OsMRpwSFvy17oDJ
3LcNxgK9VOqsUVuk+YwSV+r8LPyTvUruj7JjlG4d5p/bpj1BRcsKcpxUTXCb2xuM
DUbEkDLgxhCkiUaJX+2TXE18R27NcyymAzOKBMmLKyHXaL5cku4xDLHw0hWGm1gO
fVarvF0gKDCbhi9kbYY7rnNHK95PkKH7k9Hwt3SzLwcXsxvXBo1pJZ6r5URrdoLz
V9U=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:30 2025 by rpki-client