Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/d9qs-VKkN_eqWwci8SU2jOhwtHg.roa
File: d9qs-VKkN_eqWwci8SU2jOhwtHg.roa (raw, json)
Hash identifier: FjdqaqOYBqUzd7VxVlleCk3qZxtKsMupP6SzpTuKp2w=
Subject key identifier: 77:DA:AC:F9:52:A4:37:F7:AA:5B:07:22:F1:25:36:8C:E8:70:B4:78
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190938B3D221DA672DA724DC89CE2A1A3A2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/d9qs-VKkN_eqWwci8SU2jOhwtHg.roa
Signing time: Mon 08 Jul 2024 18:11:34 +0000
ROA not before: Mon 08 Jul 2024 18:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 08 Jul 2024 19:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:93:8b:3d:22:1d:a6:72:da:72:4d:c8:9c:e2:a1:a3:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 8 18:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77daacf952a437f7aa5b0722f125368ce870b478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d7:0d:94:74:b2:6f:94:a6:d3:4d:56:50:b0:
4e:d9:16:88:51:1a:a9:63:bb:d2:e2:12:9e:e8:2d:
52:38:d6:c7:39:db:62:27:7c:8c:f5:88:a2:b8:2b:
69:5c:46:e4:ab:e2:a1:ef:52:7c:0d:1d:28:4f:b1:
52:d1:42:14:27:bd:d3:2d:19:27:50:4b:74:55:ac:
33:cd:0c:07:ec:99:a5:47:40:fc:2a:f5:5d:ff:9f:
f6:3a:4f:17:51:33:19:36:9f:53:2a:95:17:2d:e4:
11:f4:6d:6d:29:6f:1d:da:b9:82:b0:e5:9b:b6:81:
e0:4f:96:f7:c0:6d:9a:9b:5d:13:ad:5b:0c:eb:e3:
aa:07:76:54:9d:63:c1:81:dc:81:83:27:a3:3a:b5:
c1:c5:b9:8e:49:b0:6f:d8:d3:27:3c:8b:cd:4c:02:
37:9c:b6:44:57:3c:07:aa:77:56:7e:51:65:d9:33:
fe:7b:b1:8e:42:d4:44:6f:c4:4f:41:6b:6f:e2:49:
ad:14:16:65:22:f9:30:b4:bf:5a:f2:fe:e3:9c:85:
49:85:27:f2:4a:5f:d5:8f:77:58:26:da:0a:a8:de:
c1:28:a7:89:c6:04:ba:62:64:5a:90:e5:3d:79:f7:
b8:b3:dd:44:1a:7f:17:ee:05:2e:e0:88:2d:a9:15:
d7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:DA:AC:F9:52:A4:37:F7:AA:5B:07:22:F1:25:36:8C:E8:70:B4:78
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/d9qs-VKkN_eqWwci8SU2jOhwtHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
82:ac:8b:85:95:1d:2c:6e:db:f4:38:87:77:3f:23:eb:39:09:
7c:52:a8:1f:54:bc:d8:ef:d5:93:7a:6d:51:9e:bc:0b:43:36:
de:50:f6:38:b6:c6:6b:f4:22:6c:cf:2d:0e:3b:ff:e2:4a:b6:
cb:67:a1:5f:ec:4c:81:62:c8:de:0c:56:75:15:64:8b:09:25:
d4:3c:f5:cf:70:74:d0:2d:c7:07:0e:48:2d:ab:b5:9e:d4:3d:
c3:96:e5:47:15:51:23:41:1b:cb:de:4b:fe:2c:47:74:1a:c2:
f4:64:53:8d:0a:06:bf:2a:b5:ac:8b:6a:f4:c7:02:5e:ff:ab:
39:40:89:61:e6:47:9e:6f:84:8f:ac:34:84:dd:17:61:b2:6d:
a3:8b:88:da:7b:4c:ba:e5:cb:23:03:e3:4e:f1:c5:52:15:64:
21:09:27:c9:3d:bc:a9:e6:6b:96:7e:b4:d3:57:75:7c:fb:06:
ba:22:83:ad:b7:79:31:af:a4:c6:33:2c:b5:20:26:f2:97:00:
4c:e8:8f:b7:41:68:c4:d9:10:6c:9a:fd:2c:4e:91:7c:51:eb:
80:b9:0c:3d:87:9b:c3:8f:b7:f0:47:6f:7e:cd:0e:52:17:0c:
9f:7d:4d:f3:df:a0:f5:d0:26:af:e6:de:1e:74:ee:d0:13:55:
a7:06:04:db
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCTiz0iHaZy2nJNyJzioaOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA4MTgxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2RhYWNmOTUyYTQzN2Y3YWE1YjA3MjJmMTI1MzY4Y2U4NzBiNDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtcNlHSyb5Sm001WULBO2RaIURqp
Y7vS4hKe6C1SONbHOdtiJ3yM9YiiuCtpXEbkq+Kh71J8DR0oT7FS0UIUJ73TLRkn
UEt0VawzzQwH7JmlR0D8KvVd/5/2Ok8XUTMZNp9TKpUXLeQR9G1tKW8d2rmCsOWb
toHgT5b3wG2am10TrVsM6+OqB3ZUnWPBgdyBgyejOrXBxbmOSbBv2NMnPIvNTAI3
nLZEVzwHqndWflFl2TP+e7GOQtREb8RPQWtv4kmtFBZlIvkwtL9a8v7jnIVJhSfy
Sl/Vj3dYJtoKqN7BKKeJxgS6YmRakOU9efe4s91EGn8X7gUu4IgtqRXXKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHfarPlSpDf3qlsHIvElNozocLR4MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZDlxcy1WS2tOX2VxV3djaThTVTJqT2h3dEhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIKsi4WVHSxu2/Q4h3c/
I+s5CXxSqB9UvNjv1ZN6bVGevAtDNt5Q9ji2xmv0ImzPLQ47/+JKtstnoV/sTIFi
yN4MVnUVZIsJJdQ89c9wdNAtxwcOSC2rtZ7UPcOW5UcVUSNBG8veS/4sR3QawvRk
U40KBr8qtayLavTHAl7/qzlAiWHmR55vhI+sNITdF2GybaOLiNp7TLrlyyMD407x
xVIVZCEJJ8k9vKnma5Z+tNNXdXz7Broig623eTGvpMYzLLUgJvKXAEzoj7dBaMTZ
EGya/SxOkXxR64C5DD2Hm8OPt/BHb37NDlIXDJ99TfPfoPXQJq/m3h507tATVacG
BNs=
-----END CERTIFICATE-----
Generated at Mon Jul 8 20:32:53 2024 by rpki-client on console-fra.rpki-client.org