Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cGfCc6gpTNNfGBwYXjO2twyVC8I.roa
File: cGfCc6gpTNNfGBwYXjO2twyVC8I.roa (raw, json)
Hash identifier: /JxoVAP7Y4Bn1yMY63Db1ptZ2f/r5O87lnHLYsL02x4=
Subject key identifier: 70:67:C2:73:A8:29:4C:D3:5F:18:1C:18:5E:33:B6:B7:0C:95:0B:C2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190547603E9FA06D8B85250C190A3156745
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cGfCc6gpTNNfGBwYXjO2twyVC8I.roa
Signing time: Wed 26 Jun 2024 12:12:18 +0000
ROA not before: Wed 26 Jun 2024 12:12:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Jun 2024 13:04:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:54:76:03:e9:fa:06:d8:b8:52:50:c1:90:a3:15:67:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 26 12:12:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7067c273a8294cd35f181c185e33b6b70c950bc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:51:1f:eb:65:20:33:5d:39:78:2b:a2:86:7c:
00:51:7c:dc:d3:a1:e4:94:08:08:2b:11:ca:90:57:
dd:92:4e:3a:94:bd:7f:ff:93:0e:7b:5e:46:0b:be:
2c:ca:12:a5:eb:95:e6:68:84:f9:fc:48:46:da:bb:
9c:8a:06:c2:ff:b8:36:ca:f1:7d:76:5b:50:de:d4:
ec:e2:06:79:bb:47:b8:1c:78:f0:fe:50:59:83:fa:
7a:83:53:64:67:d3:95:1c:73:a8:6a:d1:d7:39:0f:
fc:23:12:bd:ac:9b:56:77:1f:52:ee:53:68:12:6b:
46:8e:71:c5:c6:6c:4e:cb:b6:8f:69:8e:aa:28:b6:
07:f3:4b:12:84:0f:5c:35:d9:55:b9:78:7c:c6:5e:
c7:50:d7:84:11:20:7f:1f:25:89:d6:ee:3c:99:71:
36:a3:57:d4:6a:88:c5:57:66:bb:0e:fc:f1:a8:59:
4b:86:50:6e:ae:71:60:ff:36:76:3a:e6:f8:67:6c:
a2:25:4e:b8:6d:49:9f:e2:5c:22:bd:aa:8a:5a:c3:
d0:69:7a:5f:4a:9b:81:58:5f:3b:0a:4c:f9:8a:7c:
e9:72:0a:9f:f3:81:1f:56:2f:45:0d:f4:99:77:0b:
da:a3:6f:db:65:d7:4c:a5:70:cd:8b:62:59:a6:ab:
38:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:67:C2:73:A8:29:4C:D3:5F:18:1C:18:5E:33:B6:B7:0C:95:0B:C2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cGfCc6gpTNNfGBwYXjO2twyVC8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3c:11:cd:47:00:75:5e:6d:4d:14:c2:9f:fc:4a:3e:32:80:7c:
9f:e7:89:64:47:4c:6e:70:44:f4:7d:71:66:21:4e:64:8c:e4:
c5:4e:33:44:8e:ea:b9:92:9d:b8:08:a9:89:06:1c:1f:37:1c:
81:20:68:d9:7d:57:f1:21:71:4d:6d:2d:b1:c7:7f:18:47:92:
cb:c5:4f:18:88:fc:0a:e4:07:6a:22:7e:fa:ad:aa:73:2a:2e:
81:ac:b9:6f:96:0f:09:78:a2:61:c7:bc:e0:9f:6c:3c:b9:80:
e6:7b:7b:29:d9:dc:bc:bc:b3:b3:a3:89:60:7a:ea:af:1f:0f:
3e:d5:b4:e8:05:73:2f:d0:48:0d:6d:00:18:6c:68:64:06:c4:
71:e7:8c:b9:6c:2f:39:1c:cf:86:fc:16:7c:43:b1:71:9f:34:
23:1c:d6:ff:f2:bc:ad:34:3c:91:2f:12:ea:f8:4d:e8:15:c4:
8e:07:5a:15:01:2c:2f:e8:18:c6:45:92:a1:52:d0:8e:a9:3f:
ef:2c:48:27:96:7d:8f:36:fe:5e:37:11:22:7a:fc:0d:9f:56:
38:fb:eb:96:bb:e8:24:d3:27:b8:c4:96:62:99:62:4c:79:1c:
ce:f8:95:71:9e:5a:ae:db:0d:46:7e:2d:92:03:a0:a9:11:01:
ba:77:2c:ce
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBUdgPp+gbYuFJQwZCjFWdFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjI2MTIxMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDY3YzI3M2E4Mjk0Y2QzNWYxODFjMTg1ZTMzYjZiNzBjOTUwYmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1Ef62UgM105eCuihnwAUXzc06Hk
lAgIKxHKkFfdkk46lL1//5MOe15GC74syhKl65XmaIT5/EhG2rucigbC/7g2yvF9
dltQ3tTs4gZ5u0e4HHjw/lBZg/p6g1NkZ9OVHHOoatHXOQ/8IxK9rJtWdx9S7lNo
EmtGjnHFxmxOy7aPaY6qKLYH80sShA9cNdlVuXh8xl7HUNeEESB/HyWJ1u48mXE2
o1fUaojFV2a7DvzxqFlLhlBurnFg/zZ2Oub4Z2yiJU64bUmf4lwivaqKWsPQaXpf
SpuBWF87Ckz5inzpcgqf84EfVi9FDfSZdwvao2/bZddMpXDNi2JZpqs4ZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHBnwnOoKUzTXxgcGF4ztrcMlQvCMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvY0dmQ2M2Z3BUTk5mR0J3WVhqTzJ0d3lWQzhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADwRzUcAdV5tTRTCn/xK
PjKAfJ/niWRHTG5wRPR9cWYhTmSM5MVOM0SO6rmSnbgIqYkGHB83HIEgaNl9V/Eh
cU1tLbHHfxhHksvFTxiI/ArkB2oifvqtqnMqLoGsuW+WDwl4omHHvOCfbDy5gOZ7
eynZ3Ly8s7OjiWB66q8fDz7VtOgFcy/QSA1tABhsaGQGxHHnjLlsLzkcz4b8FnxD
sXGfNCMc1v/yvK00PJEvEur4TegVxI4HWhUBLC/oGMZFkqFS0I6pP+8sSCeWfY82
/l43ESJ6/A2fVjj765a76CTTJ7jElmKZYkx5HM74lXGeWq7bDUZ+LZIDoKkRAbp3
LM4=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:20 2025 by rpki-client