Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ctywCILH3IPzpdzyYO2JznwUfa4.roa
File: ctywCILH3IPzpdzyYO2JznwUfa4.roa (raw, json)
Hash identifier: nTn90UkEOFCsEYbhBQ5bD58Z341MmcNngUg5iKaaG6U=
Subject key identifier: 72:DC:B0:08:82:C7:DC:83:F3:A5:DC:F2:60:ED:89:CE:7C:14:7D:AE
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01908785E970584DAE806F536F442454EA0D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ctywCILH3IPzpdzyYO2JznwUfa4.roa
Signing time: Sat 06 Jul 2024 10:10:18 +0000
ROA not before: Sat 06 Jul 2024 10:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 06 Jul 2024 11:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:87:85:e9:70:58:4d:ae:80:6f:53:6f:44:24:54:ea:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 6 10:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72dcb00882c7dc83f3a5dcf260ed89ce7c147dae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9f:9a:35:4d:7c:9a:88:ac:4f:21:e1:9a:d6:
a3:aa:39:99:5a:1a:25:4c:a6:00:31:cc:45:b3:d2:
b6:f8:1c:1a:b2:3b:bf:cf:f0:cb:c0:2c:49:ad:55:
a2:7d:97:da:1d:f2:98:83:41:23:55:8b:52:7b:f8:
0e:a4:8b:ba:55:03:d1:1f:49:69:f8:00:db:fb:22:
bc:35:56:66:10:9f:93:f1:2e:4a:9d:c8:18:46:19:
99:c8:5f:39:3d:49:cb:f8:52:20:be:ff:46:60:5f:
73:56:8c:2e:d2:fa:7f:08:3c:c6:94:3a:ea:ab:0f:
3a:b6:5a:45:0d:b0:0c:17:c3:25:f4:f6:80:2f:d2:
2e:9c:82:62:df:ab:2e:63:2f:28:69:fb:12:7e:8d:
b7:a1:f1:40:c1:cb:bf:87:34:b5:3b:1c:6d:dd:2d:
44:56:3a:05:ed:50:31:08:65:c6:a6:90:31:f8:87:
d9:63:64:60:25:4e:33:b0:66:f2:f1:40:68:ad:f0:
54:3b:06:6d:61:95:c9:08:d3:66:ac:f5:bc:35:a4:
e7:f4:b1:e3:9f:ad:b3:cc:2c:c5:78:a8:ca:98:68:
c3:6e:5c:b9:12:7f:31:8f:21:45:44:f1:91:b6:64:
c7:fe:5c:d3:a5:f3:83:da:10:98:0d:58:1c:82:41:
7d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:DC:B0:08:82:C7:DC:83:F3:A5:DC:F2:60:ED:89:CE:7C:14:7D:AE
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ctywCILH3IPzpdzyYO2JznwUfa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
46:26:cc:8f:b5:9f:a7:20:77:cc:6a:fe:6c:8f:61:0a:21:95:
81:17:d9:01:de:e5:b2:2c:91:11:5e:af:e7:87:08:33:8d:8a:
9a:39:2a:09:2f:9d:90:27:45:28:d5:46:d3:5d:95:b2:76:cd:
19:ab:d2:4b:b8:52:a7:bb:9e:25:d7:0b:58:de:3e:a1:5d:9f:
a3:c4:64:e3:b2:08:13:7b:b2:c3:70:72:09:b1:7e:5a:9e:aa:
55:8e:ac:12:82:95:7a:46:57:38:95:48:37:67:6a:7c:52:39:
ff:3e:38:92:28:af:f7:af:64:65:82:05:40:fd:88:26:2d:3c:
1d:1f:f4:c8:e7:77:54:97:e9:1c:44:cc:fc:28:4c:dd:50:fb:
16:c3:16:d2:1e:2b:f4:65:f6:7b:2c:f9:cf:20:6e:ad:ed:d0:
85:5c:8c:d3:dd:1e:0f:1b:67:a6:39:9e:6f:90:6c:cf:8c:2a:
a4:7e:a6:c1:f3:c9:7e:b4:37:e9:6b:49:4a:3a:56:93:6b:a9:
ce:d2:7f:bc:7c:92:db:2b:de:71:cc:8f:eb:9b:c2:cb:77:fa:
50:24:90:2a:12:97:2f:0a:ed:60:69:06:25:e3:6b:2b:4e:c6:
e9:69:04:fe:55:f0:2c:8f:06:6c:23:72:f8:2d:c6:70:63:33:
d9:fb:b5:09
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCHhelwWE2ugG9Tb0QkVOoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA2MTAxMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmRjYjAwODgyYzdkYzgzZjNhNWRjZjI2MGVkODljZTdjMTQ3ZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25+aNU18moisTyHhmtajqjmZWhol
TKYAMcxFs9K2+Bwasju/z/DLwCxJrVWifZfaHfKYg0EjVYtSe/gOpIu6VQPRH0lp
+ADb+yK8NVZmEJ+T8S5KncgYRhmZyF85PUnL+FIgvv9GYF9zVowu0vp/CDzGlDrq
qw86tlpFDbAMF8Ml9PaAL9IunIJi36suYy8oafsSfo23ofFAwcu/hzS1Oxxt3S1E
VjoF7VAxCGXGppAx+IfZY2RgJU4zsGby8UBorfBUOwZtYZXJCNNmrPW8NaTn9LHj
n62zzCzFeKjKmGjDbly5En8xjyFFRPGRtmTH/lzTpfOD2hCYDVgcgkF9IwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHLcsAiCx9yD86Xc8mDtic58FH2uMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvY3R5d0NJTEgzSVB6cGR6eVlPMkp6bndVZmE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEYmzI+1n6cgd8xq/myP
YQohlYEX2QHe5bIskRFer+eHCDONipo5KgkvnZAnRSjVRtNdlbJ2zRmr0ku4Uqe7
niXXC1jePqFdn6PEZOOyCBN7ssNwcgmxflqeqlWOrBKClXpGVziVSDdnanxSOf8+
OJIor/evZGWCBUD9iCYtPB0f9Mjnd1SX6RxEzPwoTN1Q+xbDFtIeK/Rl9nss+c8g
bq3t0IVcjNPdHg8bZ6Y5nm+QbM+MKqR+psHzyX60N+lrSUo6VpNrqc7Sf7x8ktsr
3nHMj+ubwst3+lAkkCoSly8K7WBpBiXjaytOxulpBP5V8CyPBmwjcvgtxnBjM9n7
tQk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:29 2025 by rpki-client