Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ebBpm8D3n72R3WhwOdVgrtmumBk.roa
File: ebBpm8D3n72R3WhwOdVgrtmumBk.roa (raw, json)
Hash identifier: N5PtzH2rBWx5NH9wH0dZ6mlJFBJTKO3S+cv4cc+iISA=
Subject key identifier: 79:B0:69:9B:C0:F7:9F:BD:91:DD:68:70:39:D5:60:AE:D9:AE:98:19
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FC6D77EC4893CE5A20594707CD5136DDE
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ebBpm8D3n72R3WhwOdVgrtmumBk.roa
Signing time: Thu 30 May 2024 00:12:42 +0000
ROA not before: Thu 30 May 2024 00:12:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 30 May 2024 01:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c6:d7:7e:c4:89:3c:e5:a2:05:94:70:7c:d5:13:6d:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 30 00:12:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79b0699bc0f79fbd91dd687039d560aed9ae9819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ad:39:66:fc:a2:85:9b:d7:8d:c2:52:f4:4e:
b7:ed:07:52:cd:c4:20:0e:55:f0:88:90:b7:f6:c8:
b0:79:8c:5c:9e:22:9c:29:ce:f8:9d:a0:a3:04:71:
aa:6e:62:d9:65:9c:70:3b:61:6d:f2:af:7c:ef:63:
11:f2:e3:30:c6:cf:55:af:b9:2e:33:6b:ee:54:a2:
cf:92:d3:58:35:48:44:0d:86:62:c3:89:22:02:b0:
d7:e7:5f:c3:d0:05:da:50:7e:7c:f5:67:94:3d:1d:
c4:ff:8b:1f:af:a0:81:32:22:e5:44:d2:57:cd:78:
8e:27:82:ec:a0:44:c7:8c:20:7c:50:de:76:bb:10:
cc:32:05:83:f3:86:7a:a9:a4:94:c9:87:09:ab:92:
a7:d6:df:35:b0:66:02:0a:51:f2:6a:92:28:58:6f:
59:2e:f6:5d:d5:82:b7:34:21:d9:11:8c:b4:58:2b:
b3:8e:91:1c:da:99:4e:4b:03:0b:4e:61:e7:14:62:
37:30:cc:3b:87:0c:49:2d:51:e2:2d:6a:68:c9:ad:
4a:da:31:bf:03:b0:f7:b7:c4:9a:b1:04:6e:f6:1b:
ff:ff:b3:da:7b:f8:0c:26:cf:7d:09:12:e7:61:97:
ce:bd:42:71:91:04:bd:16:b9:3f:1a:d1:bf:91:37:
01:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:B0:69:9B:C0:F7:9F:BD:91:DD:68:70:39:D5:60:AE:D9:AE:98:19
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ebBpm8D3n72R3WhwOdVgrtmumBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
88:b7:10:f9:21:c2:63:64:24:97:b4:0e:be:dc:6c:22:f3:b7:
80:4b:c0:5e:57:e5:7a:ca:c3:0c:f0:b5:04:76:fc:33:66:04:
8a:dc:c1:9a:ab:74:44:20:ab:d2:b0:c7:28:16:7f:62:32:f3:
1c:3c:eb:92:21:7a:12:da:e7:15:c4:a9:69:e3:3c:b0:1e:2e:
48:93:8e:32:ad:f6:41:f7:5b:9f:33:15:7a:13:06:c7:a4:e1:
f0:a0:94:d0:7e:38:f6:ae:d3:d3:fd:50:68:a2:14:98:44:06:
e3:73:52:4e:2b:07:ff:a3:b9:ea:4f:95:7e:76:1f:5b:6b:22:
40:c8:b3:f1:f8:52:54:30:1a:63:33:b9:44:ca:4e:b4:67:ce:
a8:da:88:68:a9:57:a7:04:54:52:dd:5d:ae:95:cf:a7:5e:26:
d7:c5:0a:8a:20:2e:fb:49:82:3c:c7:1b:47:f1:fb:b9:8e:17:
02:55:98:39:d5:aa:cc:01:38:8c:88:b9:c9:36:85:72:07:ad:
b4:6a:5e:01:d6:c3:8b:54:b0:6f:01:e8:0e:99:1f:3b:d5:ce:
25:6c:74:84:7b:c2:6f:3a:ac:58:e0:e4:2b:7e:cf:34:6b:16:
bd:55:4d:54:61:08:57:42:0b:f7:21:88:6b:30:25:84:ae:e5:
14:57:22:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/G137EiTzlogWUcHzVE23eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTMwMDAxMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWIwNjk5YmMwZjc5ZmJkOTFkZDY4NzAzOWQ1NjBhZWQ5YWU5ODE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp605ZvyihZvXjcJS9E637QdSzcQg
DlXwiJC39siweYxcniKcKc74naCjBHGqbmLZZZxwO2Ft8q9872MR8uMwxs9Vr7ku
M2vuVKLPktNYNUhEDYZiw4kiArDX51/D0AXaUH589WeUPR3E/4sfr6CBMiLlRNJX
zXiOJ4LsoETHjCB8UN52uxDMMgWD84Z6qaSUyYcJq5Kn1t81sGYCClHyapIoWG9Z
LvZd1YK3NCHZEYy0WCuzjpEc2plOSwMLTmHnFGI3MMw7hwxJLVHiLWpoya1K2jG/
A7D3t8SasQRu9hv//7Pae/gMJs99CRLnYZfOvUJxkQS9Frk/GtG/kTcBHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHmwaZvA95+9kd1ocDnVYK7ZrpgZMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZWJCcG04RDNuNzJSM1dod09kVmdydG11bUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIi3EPkhwmNkJJe0Dr7c
bCLzt4BLwF5X5XrKwwzwtQR2/DNmBIrcwZqrdEQgq9KwxygWf2Iy8xw865IhehLa
5xXEqWnjPLAeLkiTjjKt9kH3W58zFXoTBsek4fCglNB+OPau09P9UGiiFJhEBuNz
Uk4rB/+juepPlX52H1trIkDIs/H4UlQwGmMzuUTKTrRnzqjaiGipV6cEVFLdXa6V
z6deJtfFCoogLvtJgjzHG0fx+7mOFwJVmDnVqswBOIyIuck2hXIHrbRqXgHWw4tU
sG8B6A6ZHzvVziVsdIR7wm86rFjg5Ct+zzRrFr1VTVRhCFdCC/chiGswJYSu5RRX
Ilk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org