Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/aXG8_2jTcJK1pWkWiDTNpVhzKzo.roa
File: aXG8_2jTcJK1pWkWiDTNpVhzKzo.roa (raw, json)
Hash identifier: TWvLFPfVD69PBPALKboPv7MlZUY25yKinQkjkZsCq/c=
Subject key identifier: 69:71:BC:FF:68:D3:70:92:B5:A5:69:16:88:34:CD:A5:58:73:2B:3A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FE2B50F262F20BEC6EAA1516168564CCC
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/aXG8_2jTcJK1pWkWiDTNpVhzKzo.roa
Signing time: Tue 04 Jun 2024 10:04:27 +0000
ROA not before: Tue 04 Jun 2024 10:04:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:e2b4:d985/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 04 Jun 2024 10:10:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e2:b5:0f:26:2f:20:be:c6:ea:a1:51:61:68:56:4c:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 4 10:04:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6971bcff68d37092b5a569168834cda558732b3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a5:8f:fd:4f:b9:97:7a:19:9f:12:da:1c:d4:
8b:49:e4:ee:ab:04:75:47:e4:71:10:b0:ec:dc:cc:
9a:bc:29:df:75:21:07:77:6e:22:1d:de:45:69:ac:
1c:0c:af:b2:e3:2c:4f:85:9c:05:d1:59:5b:1b:0f:
bd:d3:36:42:f0:cb:2c:e3:81:0a:df:9d:de:ab:56:
d3:79:c4:1d:91:1a:8c:fc:fd:fb:f9:e5:47:00:87:
d5:1a:96:ce:a0:45:e8:60:79:da:26:a5:4f:62:34:
d1:d5:6f:ff:91:ac:23:b0:df:f4:0d:22:a7:a1:f2:
b4:4c:dd:17:56:44:c9:aa:21:c6:a2:cb:21:e0:40:
a2:04:bb:a0:87:7f:53:d6:0c:22:db:83:29:93:24:
37:f2:97:80:59:1e:04:90:3c:7f:3f:e4:f9:ce:86:
25:e7:80:d3:cd:69:d5:d4:91:af:ef:cf:ba:90:03:
70:08:95:e9:c9:49:92:c2:42:bd:17:6f:f3:a7:44:
1f:45:2d:91:1d:42:bf:76:9b:86:ba:0d:5e:27:b1:
81:d6:91:54:3a:14:54:19:41:9f:78:30:b2:ca:81:
96:a7:ef:7a:a0:b8:02:02:f1:4f:df:e8:c7:9a:92:
81:a8:34:70:5f:29:4e:29:28:3e:c5:cf:dc:4e:09:
62:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:71:BC:FF:68:D3:70:92:B5:A5:69:16:88:34:CD:A5:58:73:2B:3A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/aXG8_2jTcJK1pWkWiDTNpVhzKzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
47:43:65:3a:50:4e:3f:50:db:d2:99:56:00:db:c0:3e:8b:d3:
b9:79:c4:a5:53:c8:67:77:4c:02:8c:a6:13:f5:11:b7:e3:3a:
40:ec:35:82:94:02:1c:da:a1:79:d0:1a:9c:fc:d2:1d:a5:db:
d4:e2:7e:f7:fc:65:81:c9:7e:03:33:1e:1c:59:e8:39:9a:2e:
a4:b4:c7:28:65:a4:8a:fe:3f:ea:36:b0:d5:53:39:eb:58:34:
9d:f4:a7:7c:e1:d1:20:5d:c6:6f:84:7c:70:2b:47:5d:ae:27:
40:2c:93:99:2c:70:20:9a:ca:de:0b:20:d1:90:a8:80:42:3a:
b5:aa:27:e4:29:8d:84:65:43:9d:21:be:d4:0a:0d:d7:2c:19:
3a:c6:55:ff:20:5a:cb:85:c0:25:c4:fd:b6:b7:a2:04:3a:4e:
f1:fd:b8:70:d4:0c:fb:e0:3d:fb:b5:20:83:65:b2:e2:14:91:
96:3a:f7:ee:e4:24:ed:16:71:e1:6e:64:3c:a0:6d:5d:d9:20:
63:d8:56:0c:2e:fa:b1:3c:7f:45:7e:90:18:3f:a2:97:32:df:
db:93:e8:4b:3e:d6:e1:f2:8c:b5:c6:80:fc:2b:da:f1:9d:8c:
7b:52:41:8b:51:f2:1a:ff:a6:39:19:ac:ab:f4:e5:43:0d:fb:
83:d5:bd:92
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/itQ8mLyC+xuqhUWFoVkzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA0MTAwNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTcxYmNmZjY4ZDM3MDkyYjVhNTY5MTY4ODM0Y2RhNTU4NzMyYjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6WP/U+5l3oZnxLaHNSLSeTuqwR1
R+RxELDs3MyavCnfdSEHd24iHd5FaawcDK+y4yxPhZwF0VlbGw+90zZC8Mss44EK
353eq1bTecQdkRqM/P37+eVHAIfVGpbOoEXoYHnaJqVPYjTR1W//kawjsN/0DSKn
ofK0TN0XVkTJqiHGossh4ECiBLugh39T1gwi24MpkyQ38peAWR4EkDx/P+T5zoYl
54DTzWnV1JGv78+6kANwCJXpyUmSwkK9F2/zp0QfRS2RHUK/dpuGug1eJ7GB1pFU
OhRUGUGfeDCyyoGWp+96oLgCAvFP3+jHmpKBqDRwXylOKSg+xc/cTgli+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGlxvP9o03CStaVpFog0zaVYcys6MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYVhHOF8yalRjSksxcFdrV2lEVE5wVmh6S3pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEdDZTpQTj9Q29KZVgDb
wD6L07l5xKVTyGd3TAKMphP1EbfjOkDsNYKUAhzaoXnQGpz80h2l29Tifvf8ZYHJ
fgMzHhxZ6DmaLqS0xyhlpIr+P+o2sNVTOetYNJ30p3zh0SBdxm+EfHArR12uJ0As
k5kscCCayt4LINGQqIBCOrWqJ+QpjYRlQ50hvtQKDdcsGTrGVf8gWsuFwCXE/ba3
ogQ6TvH9uHDUDPvgPfu1IINlsuIUkZY69+7kJO0WceFuZDygbV3ZIGPYVgwu+rE8
f0V+kBg/opcy39uT6Es+1uHyjLXGgPwr2vGdjHtSQYtR8hr/pjkZrKv05UMN+4PV
vZI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:12 2025 by rpki-client