Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bKxdQGcKUPbgoqs5CTE9-49CiAY.roa
File: bKxdQGcKUPbgoqs5CTE9-49CiAY.roa (raw, json)
Hash identifier: svgRFARzeoDZo2CFH0hAqt9ls3YBEsMTjsi+t1DkcoM=
Subject key identifier: 6C:AC:5D:40:67:0A:50:F6:E0:A2:AB:39:09:31:3D:FB:8F:42:88:06
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01909DD8E08BBCC8F09C3F00FB8F5D1EC0E2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bKxdQGcKUPbgoqs5CTE9-49CiAY.roa
Signing time: Wed 10 Jul 2024 18:12:34 +0000
ROA not before: Wed 10 Jul 2024 18:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Jul 2024 19:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9d:d8:e0:8b:bc:c8:f0:9c:3f:00:fb:8f:5d:1e:c0:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 10 18:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cac5d40670a50f6e0a2ab3909313dfb8f428806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ea:29:9b:26:83:42:e3:e4:53:be:78:e4:97:
54:32:cf:81:be:4e:bd:19:87:58:52:2f:9e:ee:f0:
d5:01:51:90:e8:67:d5:c6:83:fd:7d:88:be:74:e4:
77:9c:e6:5e:04:cb:0d:b3:eb:6e:86:47:44:50:f2:
b8:b9:56:55:60:b9:37:92:a1:b6:2e:e3:90:d9:8b:
f1:76:02:20:96:89:98:24:a5:38:33:6b:5b:a6:89:
41:08:01:96:ff:4f:22:65:ee:29:af:b5:39:b6:3e:
53:08:9b:f2:8c:c5:94:ac:95:ed:88:67:94:d3:67:
10:41:70:9f:a4:1b:0d:b6:c0:14:f0:de:23:f3:b8:
bc:33:1e:16:b7:32:92:89:1d:12:c1:0d:d3:c9:87:
e4:74:fd:b5:7d:21:98:57:5d:b1:eb:9f:b4:a8:59:
e7:9a:fb:1e:e3:57:b6:ef:51:8d:a2:78:1d:41:fb:
3a:7e:25:bd:e6:ef:15:a8:f6:dd:6e:8b:a9:65:16:
a5:bb:20:08:d4:a1:30:77:db:2b:a0:7b:a7:d6:5d:
31:4c:d4:63:21:8d:77:e1:ba:a5:e8:b7:86:b4:ef:
c6:b7:70:6a:2d:9e:90:37:1f:3c:31:a9:a7:1c:a8:
3b:5a:e5:e0:a5:93:e1:f6:0f:fd:d8:f9:86:82:4c:
5e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:AC:5D:40:67:0A:50:F6:E0:A2:AB:39:09:31:3D:FB:8F:42:88:06
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bKxdQGcKUPbgoqs5CTE9-49CiAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
70:11:3c:75:71:fa:67:ce:0d:55:94:72:35:72:63:1b:57:50:
14:12:fc:3f:d6:a5:1e:3b:5d:9c:71:cf:e8:79:1b:ed:dd:c0:
a6:eb:7b:92:81:2c:a4:91:82:0c:8a:91:f2:3d:a0:b0:ac:c6:
e0:6c:01:a8:92:27:6f:d7:fc:03:31:c8:9e:b8:bc:30:7b:3a:
d3:5a:2f:ba:3f:59:f6:15:2c:3b:fe:5a:92:9b:87:83:3a:54:
4f:f9:b2:7d:98:54:e6:32:a5:a3:2a:54:04:a0:3e:3b:0c:65:
d7:a1:2a:65:a6:58:12:58:36:7c:c7:22:a2:07:c0:af:ef:0d:
4e:69:d8:cd:d2:fc:2d:47:72:88:17:91:23:53:d3:1d:19:6b:
c8:b8:a3:f5:81:b6:f7:40:e0:57:6c:f6:07:98:7a:59:6f:f2:
e2:3c:6a:ab:a7:a8:11:3e:fd:65:b7:e5:b8:7d:26:79:7d:46:
cd:ce:8e:10:3c:32:77:84:cf:fd:b6:d2:b0:77:dd:2b:c6:6e:
b7:31:b0:bc:9d:bc:63:48:f7:9f:6a:eb:76:77:f1:ab:54:12:
1a:52:39:9d:14:87:87:93:72:27:98:d8:a8:da:e3:ac:3c:c4:
5e:42:4d:f3:27:e4:fa:8e:5f:44:10:b1:d3:06:b0:c2:60:93:
cf:dc:b3:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCd2OCLvMjwnD8A+49dHsDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEwMTgxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2FjNWQ0MDY3MGE1MGY2ZTBhMmFiMzkwOTMxM2RmYjhmNDI4ODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOopmyaDQuPkU7545JdUMs+Bvk69
GYdYUi+e7vDVAVGQ6GfVxoP9fYi+dOR3nOZeBMsNs+tuhkdEUPK4uVZVYLk3kqG2
LuOQ2YvxdgIglomYJKU4M2tbpolBCAGW/08iZe4pr7U5tj5TCJvyjMWUrJXtiGeU
02cQQXCfpBsNtsAU8N4j87i8Mx4WtzKSiR0SwQ3TyYfkdP21fSGYV12x65+0qFnn
mvse41e271GNongdQfs6fiW95u8VqPbdboupZRaluyAI1KEwd9sroHun1l0xTNRj
IY134bql6LeGtO/Gt3BqLZ6QNx88MamnHKg7WuXgpZPh9g/92PmGgkxePwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGysXUBnClD24KKrOQkxPfuPQogGMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYkt4ZFFHY0tVUGJnb3FzNUNURTktNDlDaUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHARPHVx+mfODVWUcjVy
YxtXUBQS/D/WpR47XZxxz+h5G+3dwKbre5KBLKSRggyKkfI9oLCsxuBsAaiSJ2/X
/AMxyJ64vDB7OtNaL7o/WfYVLDv+WpKbh4M6VE/5sn2YVOYypaMqVASgPjsMZdeh
KmWmWBJYNnzHIqIHwK/vDU5p2M3S/C1HcogXkSNT0x0Za8i4o/WBtvdA4Fds9geY
ellv8uI8aqunqBE+/WW35bh9Jnl9Rs3OjhA8MneEz/220rB33SvGbrcxsLydvGNI
959q63Z38atUEhpSOZ0Uh4eTcieY2Kja46w8xF5CTfMn5PqOX0QQsdMGsMJgk8/c
s3A=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:58 2025 by rpki-client