Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/fYrmZ39hJIpneQuCWZ9GjVfL0bo.roa
File: fYrmZ39hJIpneQuCWZ9GjVfL0bo.roa (raw, json)
Hash identifier: JFwBa5wouqpAqeQlnNj5nYn91PCHUnepREklb78ZHXU=
Subject key identifier: 7D:8A:E6:67:7F:61:24:8A:67:79:0B:82:59:9F:46:8D:57:CB:D1:BA
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190B7CDC590888F87E7E310AF5CE2DDD140
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/fYrmZ39hJIpneQuCWZ9GjVfL0bo.roa
Signing time: Mon 15 Jul 2024 19:10:34 +0000
ROA not before: Mon 15 Jul 2024 19:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 Jul 2024 20:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b7:cd:c5:90:88:8f:87:e7:e3:10:af:5c:e2:dd:d1:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 15 19:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d8ae6677f61248a67790b82599f468d57cbd1ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:66:04:3c:5e:fa:1c:57:f6:d5:50:46:6d:67:
6d:49:a3:a8:df:79:b0:8e:29:57:9e:e0:37:5f:ff:
e1:a5:ad:90:c6:1c:70:6e:fa:49:b7:e0:7b:ab:00:
ae:4e:33:30:94:db:e6:c0:88:64:95:5d:b6:52:3a:
27:60:1e:99:12:40:21:26:16:9d:49:48:3d:eb:93:
3f:00:c1:fd:90:95:0c:04:61:cb:48:b2:58:65:ac:
cb:f4:d5:93:87:53:0c:09:6f:17:ac:20:37:6b:e3:
31:5e:a1:ea:0f:f6:9f:74:e8:e6:c1:d4:35:9a:a8:
02:af:37:cc:8c:dd:85:d9:69:67:d0:f2:d3:cc:68:
02:41:e0:7d:87:e9:f3:21:c1:0b:d9:3a:a2:2b:a8:
f7:16:b4:7e:52:bd:73:9e:fc:99:f8:e4:e4:5e:52:
e7:68:dc:74:d3:31:a3:ce:64:7c:75:bc:bd:4e:31:
f8:ed:c8:cc:39:ee:ec:50:0c:20:44:19:4b:51:77:
48:da:30:21:87:5d:94:31:ed:10:b9:7b:e8:9e:57:
33:7f:79:35:fb:b9:42:27:b5:74:0a:a9:95:47:10:
f3:f7:26:21:92:0d:21:34:49:2b:f4:da:69:33:fa:
d8:0e:b7:89:08:b3:1e:8f:71:3c:3e:81:c7:34:c8:
2d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:8A:E6:67:7F:61:24:8A:67:79:0B:82:59:9F:46:8D:57:CB:D1:BA
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/fYrmZ39hJIpneQuCWZ9GjVfL0bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:ba:e4:5f:92:63:c8:14:91:11:4f:bb:bc:08:de:ff:cf:61:
03:5f:7a:ec:f5:07:bf:b8:de:84:e7:e3:86:fe:64:1c:92:3b:
28:d8:d9:5c:1c:2c:0d:39:c5:e5:3f:1e:5f:92:50:34:c9:5c:
f0:a1:79:25:36:db:87:b3:b3:a9:33:f9:4f:0c:7d:91:95:8d:
85:76:6f:23:a2:02:58:f0:10:8e:2c:2f:11:48:95:4f:20:13:
e5:0b:40:5b:6d:c2:c6:51:f1:b0:17:c3:cb:e6:19:d3:59:95:
9f:92:69:88:3e:c8:9d:1d:ac:80:35:2a:2b:c0:84:23:ca:76:
c2:3f:05:9e:76:23:7d:66:5c:d9:21:40:fc:ee:9c:d2:f8:a1:
5e:6e:ff:4d:69:67:e2:b3:f8:ad:f9:11:80:78:7d:df:8c:5b:
5e:c6:b8:3c:4d:80:e7:92:e8:d6:fb:b6:d0:1e:3d:2a:37:90:
fb:d8:24:4a:80:82:82:aa:ae:68:22:cb:55:c9:bd:19:1e:f1:
fa:d2:59:e3:0f:bc:c3:f7:32:03:25:83:a9:b4:02:40:8d:71:
09:61:07:1e:3b:34:7d:b1:45:ed:79:fb:73:b8:5d:b1:d1:39:
be:23:dd:56:b9:c6:58:e1:f3:f1:1e:46:f7:82:6e:54:b9:d7:
b3:a9:f5:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZC3zcWQiI+H5+MQr1zi3dFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzE1MTkxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDhhZTY2NzdmNjEyNDhhNjc3OTBiODI1OTlmNDY4ZDU3Y2JkMWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGYEPF76HFf21VBGbWdtSaOo33mw
jilXnuA3X//hpa2QxhxwbvpJt+B7qwCuTjMwlNvmwIhklV22UjonYB6ZEkAhJhad
SUg965M/AMH9kJUMBGHLSLJYZazL9NWTh1MMCW8XrCA3a+MxXqHqD/afdOjmwdQ1
mqgCrzfMjN2F2Wln0PLTzGgCQeB9h+nzIcEL2TqiK6j3FrR+Ur1znvyZ+OTkXlLn
aNx00zGjzmR8dby9TjH47cjMOe7sUAwgRBlLUXdI2jAhh12UMe0QuXvonlczf3k1
+7lCJ7V0CqmVRxDz9yYhkg0hNEkr9NppM/rYDreJCLMej3E8PoHHNMgtdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH2K5md/YSSKZ3kLglmfRo1Xy9G6MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZllybVozOWhKSXBuZVF1Q1daOUdqVmZMMGJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA665F+SY8gUkRFPu7wI
3v/PYQNfeuz1B7+43oTn44b+ZBySOyjY2VwcLA05xeU/Hl+SUDTJXPCheSU224ez
s6kz+U8MfZGVjYV2byOiAljwEI4sLxFIlU8gE+ULQFttwsZR8bAXw8vmGdNZlZ+S
aYg+yJ0drIA1KivAhCPKdsI/BZ52I31mXNkhQPzunNL4oV5u/01pZ+Kz+K35EYB4
fd+MW17GuDxNgOeS6Nb7ttAePSo3kPvYJEqAgoKqrmgiy1XJvRke8frSWeMPvMP3
MgMlg6m0AkCNcQlhBx47NH2xRe15+3O4XbHROb4j3Va5xljh8/EeRveCblS517Op
9Uo=
-----END CERTIFICATE-----
Generated at Mon Jul 15 23:11:10 2024 by rpki-client on console-fra.rpki-client.org