Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bdGAgH5lkpcTT63sqqI55YDeB1I.roa
File: bdGAgH5lkpcTT63sqqI55YDeB1I.roa (raw, json)
Hash identifier: GJJgzHA88iK6tmyHl+zPLlZ5+W/17B9d5DTRed06HoM=
Subject key identifier: 6D:D1:80:80:7E:65:92:97:13:4F:AD:EC:AA:A2:39:E5:80:DE:07:52
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190A2531D9F3C9F10474F5DE9EADD015B70
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bdGAgH5lkpcTT63sqqI55YDeB1I.roa
Signing time: Thu 11 Jul 2024 15:04:34 +0000
ROA not before: Thu 11 Jul 2024 15:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:a252:f794/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 11 Jul 2024 15:11:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a2:53:1d:9f:3c:9f:10:47:4f:5d:e9:ea:dd:01:5b:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 11 15:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6dd180807e659297134fadecaaa239e580de0752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e3:1e:ef:a3:28:9f:08:44:23:09:12:a1:78:
4f:65:bf:cd:df:2b:5c:a1:d2:db:73:52:ed:be:99:
4e:08:74:c7:79:79:66:c5:16:12:f5:c3:00:94:28:
c5:e1:ce:0a:2d:85:50:22:dd:58:f4:88:fa:11:3e:
96:78:08:49:91:17:38:52:c3:1b:a4:6b:b5:b9:cd:
ed:d1:4b:8c:3c:a8:f9:41:6c:3a:aa:c2:5d:49:d7:
96:78:49:e8:39:ec:43:da:9d:79:b9:3d:5e:f4:77:
6c:fa:08:24:12:dc:65:6c:ad:7c:af:fa:60:a6:f1:
1c:87:11:6a:6f:72:3c:1c:ff:d0:20:b1:15:85:c8:
1a:5a:d6:52:ef:c1:85:f6:0a:be:8d:7d:28:5a:0d:
86:2b:5a:f8:cb:50:ca:c9:62:5c:32:cf:5a:6e:99:
36:e3:fb:5b:33:15:a7:99:30:06:c7:0f:8e:a2:8b:
6f:03:cf:46:27:71:96:51:0a:ef:ea:2a:4f:5f:04:
b6:96:1a:8d:cb:7f:84:9c:fa:c6:05:c7:2e:37:c5:
f9:9b:35:f9:4c:9a:bb:0d:6b:f9:d1:56:8e:5d:7e:
fa:4e:97:a8:f4:56:9f:d8:30:34:25:fb:49:ba:03:
df:3a:63:6c:80:40:74:6c:33:71:69:67:01:6c:eb:
fe:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:D1:80:80:7E:65:92:97:13:4F:AD:EC:AA:A2:39:E5:80:DE:07:52
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bdGAgH5lkpcTT63sqqI55YDeB1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:c9:f1:e3:f4:ff:c3:a4:8e:4a:4d:2e:89:25:68:18:44:1d:
28:9a:07:e4:ee:a1:b1:ca:32:f5:3b:75:c7:15:d0:9e:fe:76:
4e:29:05:e8:b3:d9:d0:22:56:2b:01:f4:da:d5:d9:40:70:ac:
ca:ad:f5:d1:80:4d:83:21:a0:a0:3b:f4:19:13:a7:8d:7f:04:
aa:0a:65:1b:09:a5:18:5d:72:1e:52:9d:e4:80:48:56:6f:a1:
63:43:b3:4c:ec:c5:b8:5f:31:1f:05:d1:7f:68:fe:63:3e:43:
49:5b:b0:46:54:8d:ba:5a:d1:18:1f:a9:08:52:a8:06:dd:3d:
ca:e7:f5:d5:7a:2f:46:20:af:a9:db:02:af:9a:50:79:66:93:
95:27:c1:a1:95:d7:4f:9d:9f:8b:14:96:34:e2:ec:fe:69:65:
0c:2d:2f:d1:7a:a8:e8:cd:36:5f:22:d9:b2:79:04:81:58:7b:
90:e7:0d:09:d0:a5:63:2f:ec:cd:d7:40:f5:44:d6:eb:70:cf:
72:79:ca:d1:ab:6f:4b:8f:34:2b:d6:56:32:9f:88:49:d0:1d:
eb:16:83:a6:22:bb:14:4e:1b:8b:83:ff:e4:df:62:31:1e:00:
26:38:1e:94:8d:59:6f:d6:35:7b:93:cf:3a:47:a3:48:22:d3:
32:e1:b3:a9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCiUx2fPJ8QR09d6erdAVtwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzExMTUwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGQxODA4MDdlNjU5Mjk3MTM0ZmFkZWNhYWEyMzllNTgwZGUwNzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuMe76MonwhEIwkSoXhPZb/N3ytc
odLbc1LtvplOCHTHeXlmxRYS9cMAlCjF4c4KLYVQIt1Y9Ij6ET6WeAhJkRc4UsMb
pGu1uc3t0UuMPKj5QWw6qsJdSdeWeEnoOexD2p15uT1e9Hds+ggkEtxlbK18r/pg
pvEchxFqb3I8HP/QILEVhcgaWtZS78GF9gq+jX0oWg2GK1r4y1DKyWJcMs9abpk2
4/tbMxWnmTAGxw+OootvA89GJ3GWUQrv6ipPXwS2lhqNy3+EnPrGBccuN8X5mzX5
TJq7DWv50VaOXX76Tpeo9Faf2DA0JftJugPfOmNsgEB0bDNxaWcBbOv+6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG3RgIB+ZZKXE0+t7KqiOeWA3gdSMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYmRHQWdINWxrcGNUVDYzc3FxSTU1WURlQjFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHjJ8eP0/8OkjkpNLokl
aBhEHSiaB+TuobHKMvU7dccV0J7+dk4pBeiz2dAiVisB9NrV2UBwrMqt9dGATYMh
oKA79BkTp41/BKoKZRsJpRhdch5SneSASFZvoWNDs0zsxbhfMR8F0X9o/mM+Q0lb
sEZUjbpa0RgfqQhSqAbdPcrn9dV6L0Ygr6nbAq+aUHlmk5UnwaGV10+dn4sUljTi
7P5pZQwtL9F6qOjNNl8i2bJ5BIFYe5DnDQnQpWMv7M3XQPVE1utwz3J5ytGrb0uP
NCvWVjKfiEnQHesWg6YiuxROG4uD/+TfYjEeACY4HpSNWW/WNXuTzzpHo0gi0zLh
s6k=
-----END CERTIFICATE-----
Generated at Thu Jul 11 17:47:37 2024 by rpki-client on console-fra.rpki-client.org