Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/a4-pylH4AO38OUAvkuNUfqR6Zt0.roa
File: a4-pylH4AO38OUAvkuNUfqR6Zt0.roa (raw, json)
Hash identifier: iPPz76rIOnErH3Lmxhzp5wolNKllKlHBCUDqA0lsPis=
Subject key identifier: 6B:8F:A9:CA:51:F8:00:ED:FC:39:40:2F:92:E3:54:7E:A4:7A:66:DD
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190AF396B92DCB305F963F2AE231C1EEC94
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/a4-pylH4AO38OUAvkuNUfqR6Zt0.roa
Signing time: Sun 14 Jul 2024 03:11:34 +0000
ROA not before: Sun 14 Jul 2024 03:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 14 Jul 2024 04:05:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:af:39:6b:92:dc:b3:05:f9:63:f2:ae:23:1c:1e:ec:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 14 03:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b8fa9ca51f800edfc39402f92e3547ea47a66dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:46:92:c7:f1:32:a7:81:2f:bf:da:b7:9e:91:
eb:36:e9:da:31:f1:b9:04:eb:14:39:bc:63:f4:7d:
44:94:9e:45:39:ac:d4:5e:af:9c:e8:64:89:13:f6:
44:0d:7c:1e:d6:a3:04:6f:74:62:81:d8:ac:33:42:
96:87:b6:24:de:c8:64:a4:4a:87:93:ed:24:e6:57:
8e:dc:fa:60:26:f1:89:bf:99:0a:ed:b2:d0:a3:05:
db:8e:fb:3e:1f:c0:0d:c4:ef:63:a5:0c:f5:4c:5e:
8f:45:2c:9f:9f:4e:0d:be:6a:0d:af:24:50:c6:61:
05:45:4c:a4:84:3c:7c:46:43:e4:6a:2a:e4:03:c2:
76:a2:65:d1:17:03:83:48:a8:68:06:82:53:33:1b:
f8:96:a4:16:6d:f0:22:92:2f:8a:61:d3:81:d7:ed:
00:2b:e0:9f:78:49:ba:3f:73:3e:0a:c8:80:3a:df:
0a:d7:ac:54:c5:b1:bc:58:76:d8:ad:2b:49:a5:de:
5f:e2:76:c9:54:1c:24:c9:e1:8f:0b:ff:ac:25:b8:
be:d3:cd:3a:b7:a2:dc:48:79:d7:67:71:ee:c2:0e:
88:63:c7:19:31:02:16:ec:95:a8:33:8c:c8:80:2e:
41:5d:f0:9a:e4:9b:a9:73:25:b9:b9:6f:d6:d9:db:
ed:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:8F:A9:CA:51:F8:00:ED:FC:39:40:2F:92:E3:54:7E:A4:7A:66:DD
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/a4-pylH4AO38OUAvkuNUfqR6Zt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
55:df:c6:4d:eb:aa:1d:17:5a:d4:5c:ea:b1:09:fb:86:e6:3c:
80:65:56:d7:f2:ae:d5:dd:47:31:fc:e5:f9:57:a4:7b:92:e7:
92:ad:9a:c8:4b:28:68:de:eb:8a:e2:3f:9d:1e:3c:77:7e:1c:
90:d9:44:9a:b5:97:ef:bc:d4:6a:01:70:b6:12:cf:73:ea:e2:
f2:8f:06:c4:2f:9e:f2:3e:1d:3e:59:ec:a8:ca:7e:c4:90:e3:
30:7c:61:9c:52:d0:9a:ac:00:cc:8b:cc:57:54:cb:13:36:96:
ef:0f:54:11:6f:5d:d2:88:9f:01:7a:5c:9f:e7:52:2d:11:fd:
0e:7b:cb:33:4a:ee:03:49:34:39:05:f7:f4:85:f3:84:16:dc:
73:87:37:e0:0e:19:bd:7e:b0:8f:06:39:5b:dc:7b:d6:88:d8:
4b:1e:9f:b7:a5:bc:f5:70:26:42:93:34:22:07:f4:37:df:01:
6f:71:ff:16:60:0f:22:14:3c:de:5a:92:2a:04:61:7a:e1:aa:
cf:1d:81:ec:54:ad:50:19:0e:cd:1c:01:f7:cc:e6:e9:aa:f0:
35:1b:f0:ac:08:b4:ca:47:93:e9:51:f1:09:19:a1:33:e9:e6:
f7:4f:01:ff:e8:d4:79:57:83:5f:fe:00:2d:27:7d:8c:d2:c8:
5e:0a:00:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCvOWuS3LMF+WPyriMcHuyUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzE0MDMxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjhmYTljYTUxZjgwMGVkZmMzOTQwMmY5MmUzNTQ3ZWE0N2E2NmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0aSx/Eyp4Evv9q3npHrNunaMfG5
BOsUObxj9H1ElJ5FOazUXq+c6GSJE/ZEDXwe1qMEb3RigdisM0KWh7Yk3shkpEqH
k+0k5leO3PpgJvGJv5kK7bLQowXbjvs+H8ANxO9jpQz1TF6PRSyfn04NvmoNryRQ
xmEFRUykhDx8RkPkairkA8J2omXRFwODSKhoBoJTMxv4lqQWbfAiki+KYdOB1+0A
K+CfeEm6P3M+CsiAOt8K16xUxbG8WHbYrStJpd5f4nbJVBwkyeGPC/+sJbi+0806
t6LcSHnXZ3Huwg6IY8cZMQIW7JWoM4zIgC5BXfCa5JupcyW5uW/W2dvtUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGuPqcpR+ADt/DlAL5LjVH6kembdMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYTQtcHlsSDRBTzM4T1VBdmt1TlVmcVI2WnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFXfxk3rqh0XWtRc6rEJ
+4bmPIBlVtfyrtXdRzH85flXpHuS55KtmshLKGje64riP50ePHd+HJDZRJq1l++8
1GoBcLYSz3Pq4vKPBsQvnvI+HT5Z7KjKfsSQ4zB8YZxS0JqsAMyLzFdUyxM2lu8P
VBFvXdKInwF6XJ/nUi0R/Q57yzNK7gNJNDkF9/SF84QW3HOHN+AOGb1+sI8GOVvc
e9aI2Esen7elvPVwJkKTNCIH9DffAW9x/xZgDyIUPN5akioEYXrhqs8dgexUrVAZ
Ds0cAffM5umq8DUb8KwItMpHk+lR8QkZoTPp5vdPAf/o1HlXg1/+AC0nfYzSyF4K
AKo=
-----END CERTIFICATE-----
Generated at Sun Jul 14 06:25:07 2024 by rpki-client on console-ams.rpki-client.org