Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/axHjsxJNAEheChVsm4XFuryLRn0.roa
File: axHjsxJNAEheChVsm4XFuryLRn0.roa (raw, json)
Hash identifier: HHc2OIImvaElcFQG5QUmIbJWAINPrxONryJQrT7Gk58=
Subject key identifier: 6B:11:E3:B3:12:4D:00:48:5E:0A:15:6C:9B:85:C5:BA:BC:8B:46:7D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190A146DD662E79EA0FA8F1E628325A0FE9
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/axHjsxJNAEheChVsm4XFuryLRn0.roa
Signing time: Thu 11 Jul 2024 10:11:34 +0000
ROA not before: Thu 11 Jul 2024 10:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jul 2024 11:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a1:46:dd:66:2e:79:ea:0f:a8:f1:e6:28:32:5a:0f:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 11 10:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b11e3b3124d00485e0a156c9b85c5babc8b467d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:d0:13:1a:f4:23:0f:81:4a:dd:f0:b6:3d:cc:
dd:50:1f:86:92:8f:c2:2b:2b:06:80:d3:3d:93:e5:
16:c5:ab:e1:d5:f5:3f:7a:d4:de:ce:ee:94:46:bc:
33:ed:df:0b:a0:8e:a5:84:14:50:f3:0c:d9:65:41:
ea:b2:18:c6:97:0f:23:c8:26:bd:f7:10:1f:d4:d1:
7e:8f:45:d3:f6:ec:f7:3a:75:e9:15:a5:f8:04:77:
fd:a0:af:33:f5:c2:f1:d7:f1:7e:8f:3e:10:a3:5c:
ba:11:91:2a:e4:65:b1:8b:aa:b4:e4:56:55:b5:51:
8e:79:bb:3d:dc:3b:87:00:ee:fb:13:92:67:70:ce:
75:f4:73:7b:6d:17:e8:f1:7b:1d:80:65:df:ec:cc:
22:ac:e0:3e:ab:2b:37:96:b5:86:13:06:83:03:a9:
83:b0:e6:52:02:97:65:a6:29:00:11:6c:8d:10:3f:
46:56:9d:3f:b5:ec:6e:97:5a:ab:6f:0d:ba:11:73:
41:04:37:b8:94:dc:30:d4:ce:d3:f1:8e:d7:5e:de:
af:cf:01:88:81:d3:32:8d:6d:e4:a1:94:14:c8:9b:
2a:02:9f:7c:a1:5b:e3:4c:5d:20:24:4f:52:95:12:
9d:01:cc:bd:70:1b:16:36:e3:87:89:6e:b3:8e:bc:
04:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:11:E3:B3:12:4D:00:48:5E:0A:15:6C:9B:85:C5:BA:BC:8B:46:7D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/axHjsxJNAEheChVsm4XFuryLRn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
22:ed:17:68:bb:90:37:e8:13:4b:22:8a:f2:a2:77:e2:98:98:
2f:f1:f9:60:25:2d:e6:7c:61:3c:7b:be:4d:18:32:d6:3d:44:
77:47:f0:de:65:e0:6c:27:30:5d:4b:8d:6a:30:14:39:91:57:
2c:ed:06:38:58:39:e4:eb:9b:6f:4c:5f:81:53:11:e1:2c:99:
b7:9a:f2:6d:d7:24:c1:6a:8b:92:cc:dd:ba:9f:7b:bc:fe:14:
c4:4c:88:66:fb:4c:49:f5:eb:8d:ea:ed:81:6f:aa:6f:7b:88:
71:b4:91:77:e4:a0:ea:74:d4:6e:17:78:f8:e5:ff:27:98:20:
0f:28:c5:59:80:52:8d:de:22:0d:52:7a:86:8c:94:06:89:20:
68:39:1c:81:6a:fe:3d:16:e2:fe:dc:3b:8b:6a:c0:e5:00:df:
f2:c0:92:1d:81:2a:2b:45:21:30:63:9f:ec:f4:c8:df:6f:e2:
4c:42:3a:00:8e:b7:8d:10:e2:13:04:22:b0:aa:76:32:79:00:
27:79:5d:8f:07:fc:4c:89:73:5f:8e:f4:6f:61:5c:b9:ea:17:
5e:ee:fa:ec:d3:2b:fc:44:e0:78:32:dc:5f:d0:0b:96:5d:2b:
21:7e:33:5f:b5:d9:39:0c:b7:5e:b9:26:ca:e5:ab:b4:11:2b:
65:fb:95:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZChRt1mLnnqD6jx5igyWg/pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzExMTAxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjExZTNiMzEyNGQwMDQ4NWUwYTE1NmM5Yjg1YzViYWJjOGI0NjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6tATGvQjD4FK3fC2PczdUB+Gko/C
KysGgNM9k+UWxavh1fU/etTezu6URrwz7d8LoI6lhBRQ8wzZZUHqshjGlw8jyCa9
9xAf1NF+j0XT9uz3OnXpFaX4BHf9oK8z9cLx1/F+jz4Qo1y6EZEq5GWxi6q05FZV
tVGOebs93DuHAO77E5JncM519HN7bRfo8XsdgGXf7MwirOA+qys3lrWGEwaDA6mD
sOZSApdlpikAEWyNED9GVp0/texul1qrbw26EXNBBDe4lNww1M7T8Y7XXt6vzwGI
gdMyjW3koZQUyJsqAp98oVvjTF0gJE9SlRKdAcy9cBsWNuOHiW6zjrwEzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGsR47MSTQBIXgoVbJuFxbq8i0Z9MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYXhIanN4Sk5BRWhlQ2hWc200WEZ1cnlMUm4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACLtF2i7kDfoE0siivKi
d+KYmC/x+WAlLeZ8YTx7vk0YMtY9RHdH8N5l4GwnMF1LjWowFDmRVyztBjhYOeTr
m29MX4FTEeEsmbea8m3XJMFqi5LM3bqfe7z+FMRMiGb7TEn1643q7YFvqm97iHG0
kXfkoOp01G4XePjl/yeYIA8oxVmAUo3eIg1SeoaMlAaJIGg5HIFq/j0W4v7cO4tq
wOUA3/LAkh2BKitFITBjn+z0yN9v4kxCOgCOt40Q4hMEIrCqdjJ5ACd5XY8H/EyJ
c1+O9G9hXLnqF17u+uzTK/xE4Hgy3F/QC5ZdKyF+M1+12TkMt165Jsrlq7QRK2X7
lTk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:04 2025 by rpki-client