Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cdCLnFfQ4G4xxVeVEw-XO4_3tM0.roa
File: cdCLnFfQ4G4xxVeVEw-XO4_3tM0.roa (raw, json)
Hash identifier: BNF7klQnkbFNSKcT7AV8D+OyXW0PLtjS9c+zLUFUdBk=
Subject key identifier: 71:D0:8B:9C:57:D0:E0:6E:31:C5:57:95:13:0F:97:3B:8F:F7:B4:CD
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FDAC92AE578D71CCFBA4B73245DA21744
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cdCLnFfQ4G4xxVeVEw-XO4_3tM0.roa
Signing time: Sun 02 Jun 2024 21:09:27 +0000
ROA not before: Sun 02 Jun 2024 21:09:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 02 Jun 2024 22:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:da:c9:2a:e5:78:d7:1c:cf:ba:4b:73:24:5d:a2:17:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 2 21:09:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71d08b9c57d0e06e31c55795130f973b8ff7b4cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:36:df:8b:0e:cc:8b:32:0b:47:51:36:b7:dd:
da:7b:51:5c:f4:f5:74:55:11:7f:f6:a7:ad:ee:46:
94:bd:e9:48:0b:d3:63:f9:84:88:85:09:67:20:ac:
06:2c:42:3c:d3:6c:fa:e8:67:f0:8c:96:44:4e:e1:
8e:9f:72:64:7b:e4:ad:4c:1c:e8:4c:97:b3:5d:12:
df:a0:16:a0:cc:c8:e7:96:a7:ff:aa:5e:47:c9:5b:
2f:6e:da:0b:b5:70:e3:8b:e0:98:c5:73:e5:e7:11:
84:8c:13:79:6a:62:2a:da:59:cb:15:8a:cb:55:5b:
80:0a:84:71:48:b2:a6:8c:d8:ed:11:fd:05:b2:a3:
68:12:da:c6:9c:e5:ef:f1:5b:26:cd:c6:3e:ce:c1:
d4:bf:d4:dd:00:ce:5b:50:43:79:ef:bd:d6:ff:3d:
5f:b8:65:3f:cf:b7:00:6f:e2:fc:2f:e4:3d:50:b9:
d2:c8:5d:20:aa:71:f0:3d:24:04:c3:68:5e:62:40:
c4:de:0f:53:1d:63:dd:02:32:af:16:29:fe:a8:60:
de:ff:b8:f1:00:2e:3f:5d:93:77:25:13:25:e1:07:
6c:e1:25:35:e9:6e:a6:b8:7e:a3:84:c3:54:b0:df:
41:a2:f4:ea:fe:57:1a:3f:8c:b4:d8:d3:48:ac:d8:
9e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D0:8B:9C:57:D0:E0:6E:31:C5:57:95:13:0F:97:3B:8F:F7:B4:CD
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cdCLnFfQ4G4xxVeVEw-XO4_3tM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:4e:35:02:0e:cf:bc:40:34:aa:6a:f1:39:fb:9c:5e:16:97:
84:a8:92:91:a8:71:b6:7a:44:88:dc:14:8a:80:7b:13:80:ff:
79:20:b1:92:fe:ab:f9:c5:31:e3:33:60:c4:c4:85:ad:56:41:
03:72:ed:30:56:21:2c:6f:c5:0a:98:84:c0:bc:14:40:5d:6f:
0c:d8:2d:72:10:f8:54:79:78:97:24:d1:47:fe:c6:d2:71:34:
39:87:98:f2:24:36:50:ce:9b:23:68:b2:e7:96:89:f4:5b:ba:
2f:0b:1e:f8:7e:7a:86:17:c1:c1:5c:a7:10:b1:16:f6:e3:fb:
b8:80:67:b3:8c:19:4b:90:ca:b5:fa:8a:0f:8d:f2:a4:8f:1f:
0c:2c:b1:54:50:78:25:6f:24:65:0f:74:19:ec:e3:42:44:b7:
bf:76:e7:5f:c8:1f:11:3b:e5:6c:1b:19:d6:65:ad:ad:5a:a8:
7d:d8:7a:23:e1:bf:6c:45:f8:81:56:e8:f1:7c:a9:23:5b:9f:
c6:e6:a5:4d:fc:1d:37:b3:aa:7c:ec:db:f3:f2:9d:8f:42:62:
81:77:7d:d9:b9:45:30:b9:9d:11:2d:63:ae:b9:4b:f6:09:f3:
6b:1a:1e:de:f9:44:51:25:e2:49:af:b0:43:67:d6:e0:ee:4c:
e5:71:01:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/aySrleNccz7pLcyRdohdEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAyMjEwOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQwOGI5YzU3ZDBlMDZlMzFjNTU3OTUxMzBmOTczYjhmZjdiNGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDbfiw7MizILR1E2t93ae1Fc9PV0
VRF/9qet7kaUvelIC9Nj+YSIhQlnIKwGLEI802z66GfwjJZETuGOn3Jke+StTBzo
TJezXRLfoBagzMjnlqf/ql5HyVsvbtoLtXDji+CYxXPl5xGEjBN5amIq2lnLFYrL
VVuACoRxSLKmjNjtEf0FsqNoEtrGnOXv8VsmzcY+zsHUv9TdAM5bUEN5773W/z1f
uGU/z7cAb+L8L+Q9ULnSyF0gqnHwPSQEw2heYkDE3g9THWPdAjKvFin+qGDe/7jx
AC4/XZN3JRMl4Qds4SU16W6muH6jhMNUsN9BovTq/lcaP4y02NNIrNiePwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHHQi5xX0OBuMcVXlRMPlzuP97TNMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvY2RDTG5GZlE0RzR4eFZlVkV3LVhPNF8zdE0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIxONQIOz7xANKpq8Tn7
nF4Wl4SokpGocbZ6RIjcFIqAexOA/3kgsZL+q/nFMeMzYMTEha1WQQNy7TBWISxv
xQqYhMC8FEBdbwzYLXIQ+FR5eJck0Uf+xtJxNDmHmPIkNlDOmyNosueWifRbui8L
Hvh+eoYXwcFcpxCxFvbj+7iAZ7OMGUuQyrX6ig+N8qSPHwwssVRQeCVvJGUPdBns
40JEt79251/IHxE75WwbGdZlra1aqH3YeiPhv2xF+IFW6PF8qSNbn8bmpU38HTez
qnzs2/PynY9CYoF3fdm5RTC5nREtY665S/YJ82saHt75RFEl4kmvsENn1uDuTOVx
AaE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org