Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/f0PK7TiOyI4bWvztesg1Dde_3es.roa
File: f0PK7TiOyI4bWvztesg1Dde_3es.roa (raw, json)
Hash identifier: 1SCEWEJ5GeZuz41nDBg4jdGE1mSX0XVxdOt8koetk3c=
Subject key identifier: 7F:43:CA:ED:38:8E:C8:8E:1B:5A:FC:ED:7A:C8:35:0D:D7:BF:DD:EB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01908DC0C2D93581D3D10C6495F157DB607D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/f0PK7TiOyI4bWvztesg1Dde_3es.roa
Signing time: Sun 07 Jul 2024 15:12:18 +0000
ROA not before: Sun 07 Jul 2024 15:12:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 07 Jul 2024 16:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8d:c0:c2:d9:35:81:d3:d1:0c:64:95:f1:57:db:60:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 7 15:12:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f43caed388ec88e1b5afced7ac8350dd7bfddeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3b:64:7d:c0:db:fe:fc:83:4b:13:19:30:68:
50:54:22:c1:37:70:19:38:04:db:5c:73:99:1a:d2:
02:5a:c9:43:3f:d4:2e:8a:a7:2d:37:49:4e:43:13:
3c:a3:67:51:dd:0a:e3:9c:3f:06:e0:89:83:c8:60:
c3:b0:47:03:c9:d8:9b:84:14:34:ab:d8:16:6e:75:
55:44:e5:40:fb:ff:6a:74:4f:53:bb:0f:f8:3b:c4:
1b:7d:10:44:78:b2:ec:6d:b1:da:af:82:7d:97:77:
22:6d:78:61:5f:5a:c1:dd:88:88:29:83:d9:4b:cd:
be:44:c3:ef:06:69:33:af:25:5d:1e:ae:2e:75:dd:
f1:50:20:7b:b7:4c:d8:69:70:b6:df:6a:a2:ee:d6:
88:b8:75:f5:27:68:07:38:a0:8f:7e:a9:1a:f4:7e:
01:58:d3:ed:62:33:18:07:e2:61:ce:95:c9:39:c1:
51:c1:4f:46:87:95:04:21:14:1e:86:7e:85:17:dc:
6e:83:ef:8a:5a:88:44:f0:61:fe:9b:1c:f7:be:2d:
ca:82:8b:b8:1f:d8:fb:94:eb:27:29:b5:49:92:52:
48:40:60:51:4d:fa:29:2c:f1:48:c2:49:2b:19:fa:
88:3e:07:3e:13:a1:e9:4e:7b:c8:de:f9:0d:e0:0d:
6d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:43:CA:ED:38:8E:C8:8E:1B:5A:FC:ED:7A:C8:35:0D:D7:BF:DD:EB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/f0PK7TiOyI4bWvztesg1Dde_3es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:4f:25:a4:11:54:4e:78:bc:29:6e:b1:39:85:a5:a6:d7:e8:
51:bf:b1:35:fc:97:9f:96:07:db:a2:61:09:03:8d:2c:50:c4:
5c:28:4c:ed:5e:98:dd:6a:89:67:d3:61:32:88:0d:00:80:73:
b6:7e:bc:8c:4b:d4:b5:99:2b:3a:15:cc:07:b8:94:98:55:c7:
91:1a:6c:78:fd:5c:e9:ef:4d:6d:0c:48:ab:1d:d3:5a:bb:e3:
a4:7b:f2:96:90:9c:7b:54:a5:4b:7a:95:14:dd:41:6d:d1:24:
9d:a9:d6:eb:bb:a2:56:07:d9:e3:d8:38:80:da:ea:bc:bb:ce:
c6:a5:6d:94:64:ca:76:2d:d2:a3:28:05:3e:bb:b5:cf:7b:69:
d6:94:bf:66:8b:dc:d2:00:6a:25:35:4b:7c:7d:a3:7e:2b:a3:
d4:f7:7e:d6:98:91:13:eb:16:1d:ac:b8:49:a4:9e:0e:b8:40:
a2:a2:cc:79:d6:33:92:77:a7:9c:6f:8d:83:d7:3c:94:72:45:
b3:57:80:17:fc:59:90:4e:25:48:1b:da:1b:a6:6e:9c:75:31:
4e:ba:90:ae:ed:5c:cf:87:8d:33:f8:21:60:12:fd:71:00:f9:
3d:1c:32:06:34:4f:fe:5b:87:05:0c:62:b1:ef:37:99:91:dc:
7f:aa:33:9b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCNwMLZNYHT0QxklfFX22B9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA3MTUxMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjQzY2FlZDM4OGVjODhlMWI1YWZjZWQ3YWM4MzUwZGQ3YmZkZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDtkfcDb/vyDSxMZMGhQVCLBN3AZ
OATbXHOZGtICWslDP9QuiqctN0lOQxM8o2dR3QrjnD8G4ImDyGDDsEcDydibhBQ0
q9gWbnVVROVA+/9qdE9Tuw/4O8QbfRBEeLLsbbHar4J9l3cibXhhX1rB3YiIKYPZ
S82+RMPvBmkzryVdHq4udd3xUCB7t0zYaXC232qi7taIuHX1J2gHOKCPfqka9H4B
WNPtYjMYB+JhzpXJOcFRwU9Gh5UEIRQehn6FF9xug++KWohE8GH+mxz3vi3Kgou4
H9j7lOsnKbVJklJIQGBRTfopLPFIwkkrGfqIPgc+E6HpTnvI3vkN4A1tqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH9Dyu04jsiOG1r87XrINQ3Xv93rMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZjBQSzdUaU95STRiV3Z6dGVzZzFEZGVfM2VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGFPJaQRVE54vClusTmF
pabX6FG/sTX8l5+WB9uiYQkDjSxQxFwoTO1emN1qiWfTYTKIDQCAc7Z+vIxL1LWZ
KzoVzAe4lJhVx5EabHj9XOnvTW0MSKsd01q746R78paQnHtUpUt6lRTdQW3RJJ2p
1uu7olYH2ePYOIDa6ry7zsalbZRkynYt0qMoBT67tc97adaUv2aL3NIAaiU1S3x9
o34ro9T3ftaYkRPrFh2suEmkng64QKKizHnWM5J3p5xvjYPXPJRyRbNXgBf8WZBO
JUgb2humbpx1MU66kK7tXM+HjTP4IWAS/XEA+T0cMgY0T/5bhwUMYrHvN5mR3H+q
M5s=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:51 2025 by rpki-client