Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cX92rfyAns-DRdNrgGf216Hgds0.roa
File: cX92rfyAns-DRdNrgGf216Hgds0.roa (raw, json)
Hash identifier: 5jufgNQcxVByAlrSbr4eTHYPyPXS/Si4l3/sb6oyFFE=
Subject key identifier: 71:7F:76:AD:FC:80:9E:CF:83:45:D3:6B:80:67:F6:D7:A1:E0:76:CD
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01902E7985C54BBE5F8C23C28E0B687F5EEA
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cX92rfyAns-DRdNrgGf216Hgds0.roa
Signing time: Wed 19 Jun 2024 03:10:34 +0000
ROA not before: Wed 19 Jun 2024 03:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 19 Jun 2024 04:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2e:79:85:c5:4b:be:5f:8c:23:c2:8e:0b:68:7f:5e:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 19 03:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=717f76adfc809ecf8345d36b8067f6d7a1e076cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8d:d9:e0:2f:1a:71:8f:e3:5e:42:00:8e:50:
d3:2f:47:fa:a6:c0:19:b6:16:e5:54:53:5b:63:b1:
2e:97:19:b9:5c:87:d1:bb:1b:32:81:df:e2:9d:0e:
e9:b2:9b:c4:a8:99:f2:d2:c9:35:67:c6:e3:63:8e:
35:63:8f:ec:06:0d:0f:f7:a5:b8:e9:2b:d8:62:33:
83:4d:75:fa:49:73:bb:e8:e3:e2:17:a7:b7:40:71:
30:ce:84:5f:cb:f6:3e:df:e7:36:42:10:36:66:65:
00:03:21:19:bb:fd:ff:b4:ab:84:05:f9:fc:dc:46:
8b:af:37:09:6f:d0:44:96:fc:9b:b2:14:25:89:01:
5d:e6:99:98:51:c2:bf:bb:bf:b1:bc:d6:f0:76:21:
98:b3:73:a0:c7:f4:a2:63:f3:f3:7b:30:f0:0e:de:
e0:1c:dc:c9:32:83:01:cd:26:f0:c8:ee:c6:0e:67:
b3:fe:e9:7c:10:33:76:39:2a:c0:39:a1:04:00:cf:
15:e7:61:a1:59:ac:37:6f:fd:97:6a:0d:16:6e:fd:
0c:d1:f3:78:59:fd:6e:11:8e:d5:cc:3d:0c:c4:c0:
c3:8f:4a:a2:b4:31:bb:ac:f6:27:66:f3:e9:3d:42:
87:28:4e:d8:1e:99:03:0e:5c:83:92:68:97:77:ad:
a8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:7F:76:AD:FC:80:9E:CF:83:45:D3:6B:80:67:F6:D7:A1:E0:76:CD
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cX92rfyAns-DRdNrgGf216Hgds0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
93:b1:d1:e3:f3:b1:c1:8e:6f:71:87:93:89:64:28:37:87:35:
91:04:78:6e:a5:49:1a:49:4f:c1:73:fd:f1:13:ce:3c:4e:9d:
ae:14:c5:64:2f:d4:6b:97:a9:16:26:fe:d2:be:e1:58:ce:73:
77:19:fd:99:20:e5:81:12:2b:10:9f:a7:a2:91:85:75:bf:28:
1c:41:09:4d:07:20:db:59:73:eb:e0:a3:36:d8:ac:02:73:6e:
f4:bb:32:ca:ba:68:35:bc:ac:f2:fd:41:37:7b:36:b5:d5:fb:
93:c4:4d:28:14:9e:77:8d:27:1a:6d:a3:18:17:f5:39:03:5c:
3e:fb:73:a8:a7:71:b7:57:f4:78:3d:5c:06:00:1f:fd:2a:77:
cd:a7:fe:e5:c2:94:59:df:e7:69:70:6b:d8:64:11:f7:1a:b1:
e0:38:f8:b4:c6:e4:65:03:b9:0c:26:74:8a:5f:ec:31:1a:08:
b9:a8:43:7f:7e:7b:3e:7b:07:57:94:15:c2:7d:5e:cc:92:33:
e1:23:db:43:0b:d9:ad:b7:05:ee:dc:ce:0f:e8:89:7f:69:c9:
ad:34:99:5b:e1:40:43:26:d1:62:89:00:7c:bd:59:fd:30:71:
e6:07:04:e9:9e:6d:db:8a:54:14:a9:f4:d8:16:89:64:59:7b:
e6:b8:23:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAueYXFS75fjCPCjgtof17qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE5MDMxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTdmNzZhZGZjODA5ZWNmODM0NWQzNmI4MDY3ZjZkN2ExZTA3NmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuY3Z4C8acY/jXkIAjlDTL0f6psAZ
thblVFNbY7Eulxm5XIfRuxsygd/inQ7pspvEqJny0sk1Z8bjY441Y4/sBg0P96W4
6SvYYjODTXX6SXO76OPiF6e3QHEwzoRfy/Y+3+c2QhA2ZmUAAyEZu/3/tKuEBfn8
3EaLrzcJb9BElvybshQliQFd5pmYUcK/u7+xvNbwdiGYs3Ogx/SiY/PzezDwDt7g
HNzJMoMBzSbwyO7GDmez/ul8EDN2OSrAOaEEAM8V52GhWaw3b/2Xag0Wbv0M0fN4
Wf1uEY7VzD0MxMDDj0qitDG7rPYnZvPpPUKHKE7YHpkDDlyDkmiXd62oTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHF/dq38gJ7Pg0XTa4Bn9teh4HbNMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvY1g5MnJmeUFucy1EUmROcmdHZjIxNkhnZHMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJOx0ePzscGOb3GHk4lk
KDeHNZEEeG6lSRpJT8Fz/fETzjxOna4UxWQv1GuXqRYm/tK+4VjOc3cZ/Zkg5YES
KxCfp6KRhXW/KBxBCU0HINtZc+vgozbYrAJzbvS7Msq6aDW8rPL9QTd7NrXV+5PE
TSgUnneNJxptoxgX9TkDXD77c6incbdX9Hg9XAYAH/0qd82n/uXClFnf52lwa9hk
EfcaseA4+LTG5GUDuQwmdIpf7DEaCLmoQ39+ez57B1eUFcJ9XsySM+Ej20ML2a23
Be7czg/oiX9pya00mVvhQEMm0WKJAHy9Wf0wceYHBOmebduKVBSp9NgWiWRZe+a4
I48=
-----END CERTIFICATE-----
Generated at Wed Jun 19 07:20:46 2024 by rpki-client on console-fra.rpki-client.org