Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_l9ICHsiDHiFIXG34My0itXD6qE.roa
File: _l9ICHsiDHiFIXG34My0itXD6qE.roa (raw, json)
Hash identifier: FyB/C2MGzAH/0WIumu+SSGjPAh1h0hxeSQh6B6XZcoo=
Subject key identifier: FE:5F:48:08:7B:22:0C:78:85:21:71:B7:E0:CC:B4:8A:D5:C3:EA:A1
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FC69EBB78CDF0DF87CEA3D118798EAAB3
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_l9ICHsiDHiFIXG34My0itXD6qE.roa
Signing time: Wed 29 May 2024 23:10:42 +0000
ROA not before: Wed 29 May 2024 23:10:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 30 May 2024 00:05:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c6:9e:bb:78:cd:f0:df:87:ce:a3:d1:18:79:8e:aa:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 29 23:10:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe5f48087b220c78852171b7e0ccb48ad5c3eaa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:2b:94:b6:1b:bf:f6:d7:5a:25:08:7c:2c:95:
92:1f:16:33:b2:a0:fb:62:21:b7:7a:29:07:b4:c8:
63:cd:99:a3:01:5d:c7:85:e1:c6:fa:c1:ce:36:f5:
dc:d4:2e:09:53:75:5e:9e:63:3f:29:e0:99:82:cf:
f7:57:9a:3b:39:51:57:6c:5b:6a:fe:95:de:fe:fd:
af:64:e7:ef:d0:11:0e:3b:85:35:35:79:07:ff:72:
d4:6f:8b:30:ef:ac:34:df:d5:82:57:10:38:c4:75:
7a:7a:50:4b:47:ac:11:77:fa:c1:c8:6c:45:52:ea:
c8:6b:74:90:78:d8:a9:9d:21:a1:da:f3:dc:35:68:
86:73:e8:76:67:2f:bd:c3:cd:90:08:fa:2e:bd:3b:
e1:5c:2e:56:b8:1b:d6:e1:90:49:82:93:ed:01:12:
65:79:3d:67:68:6f:4e:51:69:8e:78:5a:3d:a2:a5:
23:7a:26:98:22:4c:38:e4:99:0d:e4:ea:a2:d1:8b:
25:c2:3d:3a:6b:57:e3:38:cf:1b:5f:60:96:5a:ee:
49:c8:8a:1d:86:1e:c3:c5:26:34:e6:2e:03:b4:3f:
20:d8:6e:d8:68:59:92:08:43:97:e9:78:ad:8d:1d:
e8:27:b5:83:74:7c:37:40:ac:b1:2d:35:ff:37:5f:
eb:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:5F:48:08:7B:22:0C:78:85:21:71:B7:E0:CC:B4:8A:D5:C3:EA:A1
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_l9ICHsiDHiFIXG34My0itXD6qE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3f:7c:88:83:ea:a3:9b:8d:74:d7:a8:dd:1c:39:c1:b8:2f:ab:
2e:9d:a7:8b:25:62:7c:32:85:73:53:6a:83:07:23:c0:35:db:
23:c9:c0:34:28:ca:5d:d0:ea:c1:eb:0f:aa:f5:26:e0:11:7d:
7b:30:7a:b4:32:cf:31:bd:66:8a:87:29:fd:da:35:f1:4e:d7:
24:73:e3:14:e3:39:f6:1c:bb:f0:79:44:1c:62:e7:65:6d:e1:
1b:bd:43:2e:40:86:3e:76:7e:03:06:be:62:63:d2:c5:fc:c3:
f2:37:af:a4:f3:76:fa:79:d6:79:33:3e:2f:d8:44:b2:0c:08:
74:18:34:5d:74:c8:fe:0e:29:5b:de:1e:7a:08:10:e1:c2:31:
94:b7:98:d7:6d:b0:90:66:83:4f:93:83:36:22:4e:7f:3b:9b:
70:cd:f4:47:44:3f:4a:6b:99:49:38:d7:1f:13:68:70:c0:bb:
e7:d5:3f:c0:83:b8:b8:2a:4d:11:be:28:cb:5e:f4:72:d3:db:
48:03:23:5a:b0:a4:1e:46:42:91:98:bb:6a:0e:c9:0c:c5:1a:
16:33:2a:f0:40:d3:17:7b:e3:8e:7a:fc:d8:10:13:ca:6b:3d:
62:64:89:8f:38:b8:8f:a3:e3:63:de:6d:58:e7:b7:db:d4:7f:
fc:7a:cc:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/Gnrt4zfDfh86j0Rh5jqqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI5MjMxMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTVmNDgwODdiMjIwYzc4ODUyMTcxYjdlMGNjYjQ4YWQ1YzNlYWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4iuUthu/9tdaJQh8LJWSHxYzsqD7
YiG3eikHtMhjzZmjAV3HheHG+sHONvXc1C4JU3VenmM/KeCZgs/3V5o7OVFXbFtq
/pXe/v2vZOfv0BEOO4U1NXkH/3LUb4sw76w039WCVxA4xHV6elBLR6wRd/rByGxF
UurIa3SQeNipnSGh2vPcNWiGc+h2Zy+9w82QCPouvTvhXC5WuBvW4ZBJgpPtARJl
eT1naG9OUWmOeFo9oqUjeiaYIkw45JkN5Oqi0Yslwj06a1fjOM8bX2CWWu5JyIod
hh7DxSY05i4DtD8g2G7YaFmSCEOX6XitjR3oJ7WDdHw3QKyxLTX/N1/rSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP5fSAh7Igx4hSFxt+DMtIrVw+qhMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvX2w5SUNIc2lESGlGSVhHMzRNeTBpdFhENnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD98iIPqo5uNdNeo3Rw5
wbgvqy6dp4slYnwyhXNTaoMHI8A12yPJwDQoyl3Q6sHrD6r1JuARfXswerQyzzG9
ZoqHKf3aNfFO1yRz4xTjOfYcu/B5RBxi52Vt4Ru9Qy5Ahj52fgMGvmJj0sX8w/I3
r6Tzdvp51nkzPi/YRLIMCHQYNF10yP4OKVveHnoIEOHCMZS3mNdtsJBmg0+TgzYi
Tn87m3DN9EdEP0prmUk41x8TaHDAu+fVP8CDuLgqTRG+KMte9HLT20gDI1qwpB5G
QpGYu2oOyQzFGhYzKvBA0xd74456/NgQE8prPWJkiY84uI+j42PebVjnt9vUf/x6
zPE=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:50 2025 by rpki-client