Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ck19oeWoUsXS2f0XTLggdTV4Y2Q.roa
File: ck19oeWoUsXS2f0XTLggdTV4Y2Q.roa (raw, json)
Hash identifier: A/myZZu5+7ZQuRquva75RWr4WXSBUAUWMNvrGp+iSIA=
Subject key identifier: 72:4D:7D:A1:E5:A8:52:C5:D2:D9:FD:17:4C:B8:20:75:35:78:63:64
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019021CB1042C39562813E1D7AC934ECB7A7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ck19oeWoUsXS2f0XTLggdTV4Y2Q.roa
Signing time: Sun 16 Jun 2024 16:04:34 +0000
ROA not before: Sun 16 Jun 2024 16:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:21ca:b9a4/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 16 Jun 2024 16:10:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:21:cb:10:42:c3:95:62:81:3e:1d:7a:c9:34:ec:b7:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 16 16:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=724d7da1e5a852c5d2d9fd174cb8207535786364
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a4:c0:2a:3f:46:cb:dc:2e:8b:8e:e6:51:5a:
14:0a:80:70:0e:d7:77:80:42:94:2a:b6:f9:85:58:
02:84:75:4c:27:70:16:f5:f0:e7:3a:59:18:05:ce:
a5:41:b5:07:0c:09:ac:9c:f7:3d:22:ee:b2:8e:ed:
de:a1:6e:24:69:f3:78:03:25:fe:0f:55:f5:f4:ec:
20:5d:c3:af:8c:3b:6c:4c:26:1a:35:d5:be:99:84:
1d:93:c8:26:14:d8:f1:bd:44:8b:e2:64:29:a2:35:
61:c8:13:b3:78:49:7e:c2:af:f5:b3:83:69:6f:a8:
ca:7e:19:54:b3:4b:94:ec:2b:04:cb:ec:86:b7:d4:
d8:f6:ee:9d:e2:4f:dd:c1:db:7c:81:cb:5e:2b:40:
b5:cc:5e:e5:45:e6:be:e3:85:1d:ec:0f:a6:45:b4:
4f:a1:62:7d:5e:aa:42:17:4f:08:1d:72:df:a9:31:
9a:fc:dd:2c:ea:97:66:57:dd:79:7d:06:b3:83:ae:
d2:3f:f9:7f:3f:c2:e4:4a:ad:72:fd:cb:a0:a8:17:
78:22:21:9a:26:57:9d:35:12:4e:31:40:80:ac:0d:
69:fe:c9:7c:c3:6f:69:00:92:61:40:e4:63:83:68:
ab:8e:6d:e8:88:6d:5d:5e:0d:2c:49:5f:75:22:fe:
4a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:4D:7D:A1:E5:A8:52:C5:D2:D9:FD:17:4C:B8:20:75:35:78:63:64
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ck19oeWoUsXS2f0XTLggdTV4Y2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:2e:14:10:4b:90:90:4f:b7:56:22:cc:a6:b0:00:c9:4e:4c:
16:e2:2a:93:39:7e:e0:f3:68:dd:75:5f:1e:02:00:40:b2:2b:
e1:bb:09:50:4d:d8:95:8a:00:6c:98:8b:3f:4e:a9:38:d7:f6:
77:68:c6:9b:18:ef:07:6f:71:a4:7c:19:13:69:aa:e5:85:88:
6e:9d:f5:fb:02:51:8c:ee:7a:41:4d:c0:65:46:dc:89:2b:96:
6c:95:5b:bf:59:69:29:31:d6:6f:8b:97:ac:83:9e:f5:98:fa:
fd:b9:5f:60:06:16:5a:8f:32:27:ab:ba:49:08:08:fe:cd:cc:
8b:37:35:8e:ac:05:d5:f5:5f:24:7a:f3:7a:cf:25:75:86:70:
61:ca:f9:e8:0b:30:6b:b8:62:81:0e:d3:20:f9:06:c2:f0:fc:
9e:48:ce:04:ec:d9:fa:f1:ae:9c:e7:3e:92:82:39:cc:3e:d4:
2a:77:e0:b1:83:f9:2c:03:22:ff:21:ff:db:8f:e6:4f:f5:24:
89:bf:4e:49:df:5f:dc:e9:97:df:2a:e0:6c:c3:2b:39:74:86:
df:ae:03:f1:a0:59:6c:51:68:39:5e:78:e2:5f:6c:d1:b3:c4:
64:4c:8a:63:6a:87:8e:a2:3e:38:93:3e:72:18:c6:57:58:1f:
85:d2:e2:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAhyxBCw5VigT4desk07LenMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE2MTYwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjRkN2RhMWU1YTg1MmM1ZDJkOWZkMTc0Y2I4MjA3NTM1Nzg2MzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKTAKj9Gy9wui47mUVoUCoBwDtd3
gEKUKrb5hVgChHVMJ3AW9fDnOlkYBc6lQbUHDAmsnPc9Iu6yju3eoW4kafN4AyX+
D1X19OwgXcOvjDtsTCYaNdW+mYQdk8gmFNjxvUSL4mQpojVhyBOzeEl+wq/1s4Np
b6jKfhlUs0uU7CsEy+yGt9TY9u6d4k/dwdt8gcteK0C1zF7lRea+44Ud7A+mRbRP
oWJ9XqpCF08IHXLfqTGa/N0s6pdmV915fQazg67SP/l/P8LkSq1y/cugqBd4IiGa
JledNRJOMUCArA1p/sl8w29pAJJhQORjg2irjm3oiG1dXg0sSV91Iv5KLwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHJNfaHlqFLF0tn9F0y4IHU1eGNkMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvY2sxOW9lV29Vc1hTMmYwWFRMZ2dkVFY0WTJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABUuFBBLkJBPt1YizKaw
AMlOTBbiKpM5fuDzaN11Xx4CAECyK+G7CVBN2JWKAGyYiz9OqTjX9ndoxpsY7wdv
caR8GRNpquWFiG6d9fsCUYzuekFNwGVG3IkrlmyVW79ZaSkx1m+Ll6yDnvWY+v25
X2AGFlqPMierukkICP7NzIs3NY6sBdX1XyR683rPJXWGcGHK+egLMGu4YoEO0yD5
BsLw/J5IzgTs2frxrpznPpKCOcw+1Cp34LGD+SwDIv8h/9uP5k/1JIm/TknfX9zp
l98q4GzDKzl0ht+uA/GgWWxRaDleeOJfbNGzxGRMimNqh46iPjiTPnIYxldYH4XS
4o8=
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:35:34 2024 by rpki-client on console-fra.rpki-client.org