Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/g1MkdCnF5q7SYbIh5ugyC8ZKNCE.roa
File: g1MkdCnF5q7SYbIh5ugyC8ZKNCE.roa (raw, json)
Hash identifier: 1c5SdJoYsNvHeU/xoDx5az5BG1q72TocAjKJSSZ1tJI=
Subject key identifier: 83:53:24:74:29:C5:E6:AE:D2:61:B2:21:E6:E8:32:0B:C6:4A:34:21
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190A1EC93E47C96D474C58ACEDFBBF12210
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/g1MkdCnF5q7SYbIh5ugyC8ZKNCE.roa
Signing time: Thu 11 Jul 2024 13:12:34 +0000
ROA not before: Thu 11 Jul 2024 13:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jul 2024 14:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a1:ec:93:e4:7c:96:d4:74:c5:8a:ce:df:bb:f1:22:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 11 13:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8353247429c5e6aed261b221e6e8320bc64a3421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c5:67:b3:4b:c5:5e:63:bd:17:1f:75:22:c3:
86:51:d5:65:80:a7:82:4a:52:91:65:3c:a7:0f:64:
4f:b5:36:6a:c4:26:c8:65:04:7e:b0:4e:0d:b7:8e:
cb:49:a7:26:8b:93:41:ed:65:b7:25:d4:09:9a:4d:
14:58:5a:5f:f1:e1:ad:3b:dc:75:70:2a:cc:9a:73:
0f:17:13:a1:4b:6f:db:d6:41:9d:7f:da:57:1e:0e:
5a:67:d2:43:8f:fc:43:f6:fc:ff:b4:a3:93:f7:b4:
c6:b7:14:98:4c:6b:fe:e0:87:23:5a:5d:9c:4c:b7:
f8:4b:75:83:44:32:b2:62:eb:47:de:ef:49:f4:7c:
68:44:3d:7c:a5:7f:0a:e5:bf:c7:6a:63:e9:12:39:
30:85:91:59:ad:2c:8e:2e:78:36:a9:e6:83:6b:dd:
98:76:f1:98:cf:1c:f5:32:6b:e4:46:4f:15:67:76:
83:a0:4d:86:6b:f2:8d:ca:c2:27:c9:02:e0:24:23:
bf:1f:81:43:c3:1d:51:8b:61:3b:e9:c8:28:d0:bd:
9b:f8:e7:62:61:45:12:30:bb:8f:d3:15:95:89:96:
9e:8c:3c:47:b7:f0:ec:09:2d:2d:d2:08:03:4e:c8:
10:ce:32:2c:45:38:ac:32:35:f1:cb:0b:d4:ff:c2:
9e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:53:24:74:29:C5:E6:AE:D2:61:B2:21:E6:E8:32:0B:C6:4A:34:21
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/g1MkdCnF5q7SYbIh5ugyC8ZKNCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5d:ae:79:0d:85:c0:d4:62:ca:12:b8:4b:a4:72:76:ed:de:68:
f9:0d:9f:1f:2f:04:56:34:8b:a3:c7:45:60:e3:21:9d:7b:c2:
aa:9f:a6:69:4c:ad:b8:29:76:c7:9d:09:2d:01:06:d5:8d:48:
34:15:90:7e:20:67:67:b4:47:af:90:bc:20:1c:9f:54:0b:83:
5e:91:96:a7:cc:65:fc:04:a6:c8:05:ac:c7:34:be:f9:a6:e1:
23:4b:2d:a1:a2:3e:71:85:37:25:df:49:2e:d3:3b:d2:d2:bd:
5a:34:4f:99:16:fc:8d:56:91:63:2e:32:51:84:2d:c2:3b:48:
ca:97:3b:ab:9c:8d:54:f8:70:3b:a1:fb:ae:c9:c8:f7:8a:3e:
98:12:20:df:7e:d4:e6:f2:2d:b3:1a:e1:d8:fa:40:d0:07:f3:
2a:89:9d:a6:d2:3b:7e:5e:70:16:17:1b:db:ce:0d:ff:0c:0a:
af:fa:f3:2e:b6:3b:c1:c4:d3:c8:c5:49:20:8c:48:84:1f:4c:
e8:36:7d:62:9c:8e:99:d5:b5:cf:a3:d5:d9:54:9e:75:dc:76:
97:1e:48:3e:c1:1b:79:10:36:20:bc:2f:5c:e4:9e:f9:f7:62:
11:97:9a:ce:2e:24:ec:fc:82:7b:8a:81:4f:a0:2a:cf:43:00:
d4:e3:90:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCh7JPkfJbUdMWKzt+78SIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzExMTMxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzUzMjQ3NDI5YzVlNmFlZDI2MWIyMjFlNmU4MzIwYmM2NGEzNDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocVns0vFXmO9Fx91IsOGUdVlgKeC
SlKRZTynD2RPtTZqxCbIZQR+sE4Nt47LSacmi5NB7WW3JdQJmk0UWFpf8eGtO9x1
cCrMmnMPFxOhS2/b1kGdf9pXHg5aZ9JDj/xD9vz/tKOT97TGtxSYTGv+4IcjWl2c
TLf4S3WDRDKyYutH3u9J9HxoRD18pX8K5b/HamPpEjkwhZFZrSyOLng2qeaDa92Y
dvGYzxz1MmvkRk8VZ3aDoE2Ga/KNysInyQLgJCO/H4FDwx1Ri2E76cgo0L2b+Odi
YUUSMLuP0xWViZaejDxHt/DsCS0t0ggDTsgQzjIsRTisMjXxywvU/8Ke1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFINTJHQpxeau0mGyIeboMgvGSjQhMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZzFNa2RDbkY1cTdTWWJJaDV1Z3lDOFpLTkNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF2ueQ2FwNRiyhK4S6Ry
du3eaPkNnx8vBFY0i6PHRWDjIZ17wqqfpmlMrbgpdsedCS0BBtWNSDQVkH4gZ2e0
R6+QvCAcn1QLg16RlqfMZfwEpsgFrMc0vvmm4SNLLaGiPnGFNyXfSS7TO9LSvVo0
T5kW/I1WkWMuMlGELcI7SMqXO6ucjVT4cDuh+67JyPeKPpgSIN9+1ObyLbMa4dj6
QNAH8yqJnabSO35ecBYXG9vODf8MCq/68y62O8HE08jFSSCMSIQfTOg2fWKcjpnV
tc+j1dlUnnXcdpceSD7BG3kQNiC8L1zknvn3YhGXms4uJOz8gnuKgU+gKs9DANTj
kIM=
-----END CERTIFICATE-----
Generated at Thu Jul 11 16:30:17 2024 by rpki-client on console-fra.rpki-client.org