Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bMoNEjGy-lyx2UG_omj3AWCovOM.roa
File: bMoNEjGy-lyx2UG_omj3AWCovOM.roa (raw, json)
Hash identifier: V2Nv4pjaSN2zMKBsphyZQ8JHuZe8niUoY3TWA/0kink=
Subject key identifier: 6C:CA:0D:12:31:B2:FA:5C:B1:D9:41:BF:A2:68:F7:01:60:A8:BC:E3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FDE020E15EF051D995653695AB0206105
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bMoNEjGy-lyx2UG_omj3AWCovOM.roa
Signing time: Mon 03 Jun 2024 12:10:27 +0000
ROA not before: Mon 03 Jun 2024 12:10:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 03 Jun 2024 13:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:de:02:0e:15:ef:05:1d:99:56:53:69:5a:b0:20:61:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 3 12:10:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cca0d1231b2fa5cb1d941bfa268f70160a8bce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:68:37:72:ad:26:c7:95:6e:52:a0:c4:91:25:
12:91:81:6e:34:dc:ef:f3:28:99:95:5a:3c:41:35:
32:f2:49:a9:bb:26:0f:6c:da:77:da:cd:23:0c:20:
70:bd:69:05:ad:53:20:56:48:a1:c0:8b:7a:03:73:
0a:4e:8e:8a:01:24:37:28:ce:f4:5f:2d:42:9d:c1:
d7:3d:25:56:f3:42:e1:51:e1:76:cf:59:4d:27:16:
01:ca:81:8b:87:97:f5:32:86:e9:2a:f0:ca:79:56:
f1:05:13:69:47:1a:d7:c7:64:97:60:5c:72:f2:e1:
d1:f2:c6:7d:0d:a2:b9:80:c1:39:e8:fa:da:75:ab:
fb:e5:7d:82:a4:3b:0f:a4:9b:d9:a8:d5:de:6a:9b:
f6:bc:2c:b3:49:a3:f3:8c:55:04:c2:a2:f1:a6:54:
7a:0e:90:61:9f:02:99:56:ec:f6:2f:54:d1:4b:55:
23:0d:97:d0:eb:49:e2:e9:20:f9:75:64:53:0e:fe:
32:66:08:b9:ef:6b:47:8b:13:3c:9a:52:f0:9c:c9:
2c:88:7a:3a:ec:32:b3:a5:0f:9c:43:6d:4a:cc:34:
3a:31:0d:0d:99:f7:aa:ea:bf:33:c0:73:8c:15:50:
84:6b:bd:ef:0a:80:51:e4:fe:8d:20:97:31:49:9c:
6e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:CA:0D:12:31:B2:FA:5C:B1:D9:41:BF:A2:68:F7:01:60:A8:BC:E3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bMoNEjGy-lyx2UG_omj3AWCovOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2d:59:60:df:59:57:bf:a8:f3:b0:ea:c5:ab:c0:d5:b2:0d:f3:
57:8a:fc:27:4a:72:c6:3e:3e:96:db:35:d3:21:71:96:fc:7e:
fc:5b:e9:63:4c:6c:e1:32:df:30:a5:7c:1e:50:8b:3b:e7:74:
f6:06:87:2e:25:68:4b:6e:66:3a:d9:26:e5:b1:b1:18:2c:0c:
47:72:05:50:1f:43:05:c2:57:42:cb:1e:79:99:7b:07:da:e8:
ef:b6:14:f0:7b:af:10:1c:b7:78:3b:5e:ee:3c:b9:ad:06:f6:
df:c6:d9:0a:98:29:ac:0c:32:12:b8:18:71:d0:b8:42:9a:23:
56:1a:fd:1e:7f:53:e9:76:75:cb:b3:fe:26:97:33:b2:f5:30:
95:38:87:83:f4:de:e4:6e:ba:d9:a1:79:d6:21:12:34:fb:2a:
3a:45:31:a6:dc:66:21:d1:de:6b:ef:6d:ab:60:31:1e:d7:56:
fa:20:a6:b6:fc:dd:b1:91:8a:3a:ba:23:b2:9c:a7:4f:51:0c:
49:16:80:ba:ae:35:86:df:0d:f5:93:2a:ce:72:d3:d1:6e:6c:
57:a3:42:c3:49:4a:e5:fd:90:1c:3c:13:7e:a1:6b:60:58:97:
90:81:fa:91:02:d6:f6:3c:58:6f:3b:1e:7d:ba:5c:5f:48:ae:
ee:a2:a9:e7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/eAg4V7wUdmVZTaVqwIGEFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAzMTIxMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2NhMGQxMjMxYjJmYTVjYjFkOTQxYmZhMjY4ZjcwMTYwYThiY2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGg3cq0mx5VuUqDEkSUSkYFuNNzv
8yiZlVo8QTUy8kmpuyYPbNp32s0jDCBwvWkFrVMgVkihwIt6A3MKTo6KASQ3KM70
Xy1CncHXPSVW80LhUeF2z1lNJxYByoGLh5f1MobpKvDKeVbxBRNpRxrXx2SXYFxy
8uHR8sZ9DaK5gME56Pradav75X2CpDsPpJvZqNXeapv2vCyzSaPzjFUEwqLxplR6
DpBhnwKZVuz2L1TRS1UjDZfQ60ni6SD5dWRTDv4yZgi572tHixM8mlLwnMksiHo6
7DKzpQ+cQ21KzDQ6MQ0Nmfeq6r8zwHOMFVCEa73vCoBR5P6NIJcxSZxuPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGzKDRIxsvpcsdlBv6Jo9wFgqLzjMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYk1vTkVqR3ktbHl4MlVHX29tajNBV0Nvdk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC1ZYN9ZV7+o87DqxavA
1bIN81eK/CdKcsY+PpbbNdMhcZb8fvxb6WNMbOEy3zClfB5QizvndPYGhy4laEtu
ZjrZJuWxsRgsDEdyBVAfQwXCV0LLHnmZewfa6O+2FPB7rxAct3g7Xu48ua0G9t/G
2QqYKawMMhK4GHHQuEKaI1Ya/R5/U+l2dcuz/iaXM7L1MJU4h4P03uRuutmhedYh
EjT7KjpFMabcZiHR3mvvbatgMR7XVvogprb83bGRijq6I7Kcp09RDEkWgLquNYbf
DfWTKs5y09FubFejQsNJSuX9kBw8E36ha2BYl5CB+pEC1vY8WG87Hn26XF9Iru6i
qec=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:04 2025 by rpki-client