Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_rhY75woqXmicct9hBPuUM8ofG0.roa
File: _rhY75woqXmicct9hBPuUM8ofG0.roa (raw, json)
Hash identifier: +Z1dL+O6qBZats146yN49wLZTpwNm9O5oYTuAdXRvTM=
Subject key identifier: FE:B8:58:EF:9C:28:A9:79:A2:71:CB:7D:84:13:EE:50:CF:28:7C:6D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01908860B8F2CBD7C71051D3B0836D17CD1C
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_rhY75woqXmicct9hBPuUM8ofG0.roa
Signing time: Sat 06 Jul 2024 14:09:18 +0000
ROA not before: Sat 06 Jul 2024 14:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 06 Jul 2024 15:04:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:88:60:b8:f2:cb:d7:c7:10:51:d3:b0:83:6d:17:cd:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 6 14:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=feb858ef9c28a979a271cb7d8413ee50cf287c6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f2:fe:82:c7:3a:7b:9e:f3:5e:4d:94:04:06:
93:f5:70:24:1d:3a:3d:eb:22:cc:fc:27:4b:73:ac:
52:ac:70:c8:0e:56:5c:7d:e4:6b:da:54:33:35:8c:
8f:7c:73:85:50:10:61:6f:ee:7f:12:17:9a:ae:da:
b5:f9:d2:c9:f7:42:a7:5d:c3:da:46:b7:3f:2a:c7:
1a:ae:00:28:1c:37:02:22:ac:15:f5:41:bf:93:a5:
38:e8:6e:bf:7c:b8:a1:ef:08:d3:db:13:86:bf:6c:
ac:ca:81:d9:63:be:c5:91:63:64:33:60:3a:3c:92:
eb:77:36:b1:63:f4:ca:09:4b:c3:b8:07:bb:1d:ea:
aa:d3:ce:2a:a6:40:c2:5e:eb:12:d8:4a:7d:a9:c6:
c7:f8:06:0f:2d:c1:c5:8a:7b:60:62:72:2b:a9:cc:
0e:27:c6:29:ff:45:17:77:78:fc:ca:4a:00:9e:15:
b6:ec:a3:16:6d:8e:54:ad:b4:86:3d:7c:5f:5c:65:
7a:4f:61:45:c4:d6:e1:98:00:b1:da:d6:7f:fb:99:
0e:c8:0e:f0:91:04:69:63:9a:86:51:f6:db:84:bb:
3f:69:a2:9f:02:16:f7:02:ef:d8:57:64:8e:08:bd:
ae:3c:bc:65:18:d2:b8:19:c7:cd:3e:98:15:e6:6d:
3d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:B8:58:EF:9C:28:A9:79:A2:71:CB:7D:84:13:EE:50:CF:28:7C:6D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_rhY75woqXmicct9hBPuUM8ofG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
16:6a:61:4d:b8:3c:81:26:63:b4:12:df:f0:2f:d9:6e:78:47:
db:6c:51:4a:93:11:43:14:a4:6c:8a:65:d7:54:ed:69:26:92:
0b:5e:fb:8a:63:bd:6f:cb:0c:8e:09:7a:bf:42:89:ef:38:06:
f9:f5:1b:34:34:d0:68:eb:7f:a2:eb:ce:36:59:5b:7b:b0:12:
11:a9:d1:86:b9:68:46:75:f5:64:f8:ba:c6:84:53:28:64:a1:
3d:ce:3d:15:c4:0b:9b:6b:36:0d:8e:c8:5b:cc:8f:11:10:20:
6b:4b:80:a9:a6:9a:69:98:04:2a:9c:96:03:c3:ba:b6:63:76:
41:fb:b3:5f:91:19:63:3b:e3:06:42:7c:bf:f2:34:d2:3a:9c:
87:cc:d5:ca:f1:bc:45:7c:e5:e4:9b:64:61:c7:4e:ba:e8:31:
49:ac:36:8d:62:c8:d6:65:e7:ee:ef:40:29:50:41:a9:56:af:
62:c2:48:4b:38:7a:4a:7a:fd:2f:07:b0:57:17:92:3a:f6:b7:
69:d2:c3:73:99:e0:26:6c:b9:82:5a:92:7c:2e:b0:0b:0c:ab:
d9:72:d5:f0:10:7d:06:0b:59:ce:f3:70:26:19:f0:1f:53:89:
57:9d:06:d3:9a:8c:27:c8:34:0c:00:70:9b:59:f7:0a:77:4b:
7a:70:8b:74
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCIYLjyy9fHEFHTsINtF80cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA2MTQwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWI4NThlZjljMjhhOTc5YTI3MWNiN2Q4NDEzZWU1MGNmMjg3YzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfL+gsc6e57zXk2UBAaT9XAkHTo9
6yLM/CdLc6xSrHDIDlZcfeRr2lQzNYyPfHOFUBBhb+5/Eheartq1+dLJ90KnXcPa
Rrc/KscargAoHDcCIqwV9UG/k6U46G6/fLih7wjT2xOGv2ysyoHZY77FkWNkM2A6
PJLrdzaxY/TKCUvDuAe7Heqq084qpkDCXusS2Ep9qcbH+AYPLcHFintgYnIrqcwO
J8Yp/0UXd3j8ykoAnhW27KMWbY5UrbSGPXxfXGV6T2FFxNbhmACx2tZ/+5kOyA7w
kQRpY5qGUfbbhLs/aaKfAhb3Au/YV2SOCL2uPLxlGNK4GcfNPpgV5m09iQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP64WO+cKKl5onHLfYQT7lDPKHxtMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvX3JoWTc1d29xWG1pY2N0OWhCUHVVTThvZkcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABZqYU24PIEmY7QS3/Av
2W54R9tsUUqTEUMUpGyKZddU7Wkmkgte+4pjvW/LDI4Jer9Cie84Bvn1GzQ00Gjr
f6LrzjZZW3uwEhGp0Ya5aEZ19WT4usaEUyhkoT3OPRXEC5trNg2OyFvMjxEQIGtL
gKmmmmmYBCqclgPDurZjdkH7s1+RGWM74wZCfL/yNNI6nIfM1crxvEV85eSbZGHH
TrroMUmsNo1iyNZl5+7vQClQQalWr2LCSEs4ekp6/S8HsFcXkjr2t2nSw3OZ4CZs
uYJaknwusAsMq9ly1fAQfQYLWc7zcCYZ8B9TiVedBtOajCfINAwAcJtZ9wp3S3pw
i3Q=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:36:17 2025 by rpki-client