Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dGMJ_D_m_d4fZqzgRegKMJbgQvA.roa
File: dGMJ_D_m_d4fZqzgRegKMJbgQvA.roa (raw, json)
Hash identifier: klEahhH+Xc/uYTxYIWEA+nWjBXL7za3F5NGDhJOGuuM=
Subject key identifier: 74:63:09:FC:3F:E6:FD:DE:1F:66:AC:E0:45:E8:0A:30:96:E0:42:F0
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019087BF96C4FD2C41E6D79E94050F992E5E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dGMJ_D_m_d4fZqzgRegKMJbgQvA.roa
Signing time: Sat 06 Jul 2024 11:13:18 +0000
ROA not before: Sat 06 Jul 2024 11:13:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 06 Jul 2024 12:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:87:bf:96:c4:fd:2c:41:e6:d7:9e:94:05:0f:99:2e:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 6 11:13:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=746309fc3fe6fdde1f66ace045e80a3096e042f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6b:bf:f5:fe:1b:25:e9:eb:98:62:f3:cb:a7:
5d:63:e3:aa:ea:48:59:13:90:8d:9b:d8:4c:a6:f8:
61:4f:b2:e9:62:04:fe:a9:40:94:77:47:b5:00:e6:
5a:10:0a:5b:4c:0d:dc:b8:2c:de:ba:1b:ca:17:26:
e6:e4:36:3c:29:17:0d:e3:26:1d:3d:b9:63:75:f7:
4c:74:16:87:7a:cd:f5:f4:45:51:5c:fb:55:44:42:
40:00:b5:d0:ed:28:65:f7:24:1a:92:1f:a0:6e:8a:
eb:37:bd:ff:9c:8f:12:b6:69:a4:4a:14:f1:cb:07:
2e:a7:c6:37:0c:e6:fb:8b:35:8f:a5:c8:cc:94:87:
f6:2c:48:08:d2:ae:67:4a:2d:14:45:79:69:58:80:
0f:7b:45:8e:e8:ea:a5:cd:a1:d9:75:cd:1b:09:c4:
77:2e:48:c0:75:b6:49:68:bc:6e:7a:59:fe:59:cb:
ba:af:9f:35:8d:2d:d6:36:c3:86:77:e3:87:3c:ea:
90:02:bc:13:c7:1c:d2:1c:47:9e:85:1a:bb:69:f4:
c8:cf:4f:92:cd:2c:a7:4d:4c:92:44:c1:fd:0c:71:
c3:e2:1a:7d:cf:49:8d:92:2f:00:4d:c3:1f:e4:03:
27:88:9c:07:3e:46:95:26:b9:a2:3c:74:d3:cd:4c:
9b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:63:09:FC:3F:E6:FD:DE:1F:66:AC:E0:45:E8:0A:30:96:E0:42:F0
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dGMJ_D_m_d4fZqzgRegKMJbgQvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
11:a4:de:7d:df:54:1e:96:52:a6:01:d8:6d:91:d6:59:6d:6b:
10:77:ac:e7:5b:98:b6:52:21:83:cd:b4:ab:84:02:e9:45:e3:
40:45:50:01:43:1e:d6:08:35:3c:89:d1:53:db:25:43:d7:5c:
a5:ea:e2:9c:1a:98:1c:d6:e8:32:d3:f6:43:98:8d:e0:36:4f:
bc:5b:b5:09:9e:b4:e4:ec:ad:84:8e:9d:e5:a4:6e:4b:d9:ec:
36:66:ac:de:89:a8:df:90:fc:65:79:f8:06:0d:1a:4f:94:40:
c4:d8:5d:31:b4:0e:81:40:19:a8:6b:9c:a0:3a:74:75:a4:10:
b2:d5:cf:8a:7f:f8:fd:da:8c:fd:9b:84:34:92:ac:f7:0a:e2:
a9:0b:8c:f6:b2:16:12:e2:8b:bb:57:a3:f8:8d:ae:25:71:69:
9b:6c:b2:f0:12:ef:6f:4d:c1:46:ba:24:a1:cb:a6:e6:55:e7:
b7:8f:08:ae:c2:c9:0c:bf:9e:ba:a3:69:12:98:ad:6b:53:64:
b4:80:81:14:10:5a:97:00:00:26:af:85:39:24:4e:11:46:19:
7f:fd:21:a9:8b:e8:d4:c7:31:cb:67:67:d4:33:8c:e6:db:ff:
5f:37:23:5b:3f:f3:1b:3f:34:ce:75:15:2c:a8:4c:21:0b:80:
1f:f8:7f:6f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCHv5bE/SxB5teelAUPmS5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA2MTExMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDYzMDlmYzNmZTZmZGRlMWY2NmFjZTA0NWU4MGEzMDk2ZTA0MmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2u/9f4bJenrmGLzy6ddY+Oq6khZ
E5CNm9hMpvhhT7LpYgT+qUCUd0e1AOZaEApbTA3cuCzeuhvKFybm5DY8KRcN4yYd
PbljdfdMdBaHes319EVRXPtVREJAALXQ7Shl9yQakh+gborrN73/nI8StmmkShTx
ywcup8Y3DOb7izWPpcjMlIf2LEgI0q5nSi0URXlpWIAPe0WO6OqlzaHZdc0bCcR3
LkjAdbZJaLxueln+Wcu6r581jS3WNsOGd+OHPOqQArwTxxzSHEeehRq7afTIz0+S
zSynTUySRMH9DHHD4hp9z0mNki8ATcMf5AMniJwHPkaVJrmiPHTTzUybhwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHRjCfw/5v3eH2as4EXoCjCW4ELwMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZEdNSl9EX21fZDRmWnF6Z1JlZ0tNSmJnUXZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABGk3n3fVB6WUqYB2G2R
1lltaxB3rOdbmLZSIYPNtKuEAulF40BFUAFDHtYINTyJ0VPbJUPXXKXq4pwamBzW
6DLT9kOYjeA2T7xbtQmetOTsrYSOneWkbkvZ7DZmrN6JqN+Q/GV5+AYNGk+UQMTY
XTG0DoFAGahrnKA6dHWkELLVz4p/+P3ajP2bhDSSrPcK4qkLjPayFhLii7tXo/iN
riVxaZtssvAS729NwUa6JKHLpuZV57ePCK7CyQy/nrqjaRKYrWtTZLSAgRQQWpcA
ACavhTkkThFGGX/9IamL6NTHMctnZ9QzjObb/183I1s/8xs/NM51FSyoTCELgB/4
f28=
-----END CERTIFICATE-----
Generated at Sat Jul 6 13:01:43 2024 by rpki-client on console-fra.rpki-client.org