Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/g7cvT-jvJpHEIWiPLPQtB04UZT8.roa
File: g7cvT-jvJpHEIWiPLPQtB04UZT8.roa (raw, json)
Hash identifier: FAwoXTnTrU7/vsro1122qM7tkkK605Q0Mf/kBsjnUZM=
Subject key identifier: 83:B7:2F:4F:E8:EF:26:91:C4:21:68:8F:2C:F4:2D:07:4E:14:65:3F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190A3D837170477CFAF3C24418BF0D5F2CC
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/g7cvT-jvJpHEIWiPLPQtB04UZT8.roa
Signing time: Thu 11 Jul 2024 22:09:34 +0000
ROA not before: Thu 11 Jul 2024 22:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jul 2024 23:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a3:d8:37:17:04:77:cf:af:3c:24:41:8b:f0:d5:f2:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 11 22:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83b72f4fe8ef2691c421688f2cf42d074e14653f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e4:fc:64:62:f1:ab:63:9b:88:81:94:9a:3f:
0b:3a:17:bf:b3:44:73:1c:27:0b:32:de:f6:c7:4a:
7b:4e:d5:e8:af:10:9a:fe:4f:fc:58:e6:1a:bd:c9:
8a:6a:d0:6d:9c:42:f0:6d:50:88:63:a4:6c:12:8b:
4f:3c:6c:58:1f:52:f3:9a:c2:2a:9b:88:40:5d:d2:
80:1a:f5:52:a8:08:08:e2:5b:9f:d5:5c:ed:5b:1b:
7d:7e:af:48:1c:71:3a:18:a0:cc:b1:47:72:57:19:
04:cd:e1:50:f8:04:03:86:30:96:80:34:fd:1b:1e:
02:69:80:f9:44:2b:5f:11:1c:b3:99:a2:14:4d:37:
14:a2:02:f4:db:f8:20:f5:36:6d:53:ba:86:f6:17:
30:b5:9c:23:be:cd:45:b1:22:a8:ac:47:cd:4c:e7:
0c:3b:26:8e:87:4f:99:22:02:8b:b3:b1:6e:2e:73:
11:4d:5f:6b:99:dd:e5:f3:b0:73:b2:12:01:96:1d:
37:7a:63:e8:5e:c7:df:34:d9:09:d5:bc:af:ef:21:
5e:59:39:2c:1c:5f:a5:f5:82:80:fe:0c:59:b1:1c:
7b:20:0d:89:3e:ae:02:c1:7f:98:17:ae:9b:49:c6:
ad:0e:0f:4b:c1:b4:56:6b:d8:7b:b5:6f:35:78:50:
ca:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:B7:2F:4F:E8:EF:26:91:C4:21:68:8F:2C:F4:2D:07:4E:14:65:3F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/g7cvT-jvJpHEIWiPLPQtB04UZT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:31:1c:9c:a8:02:e5:bb:fa:d9:24:cf:1d:0b:2f:ad:3e:dc:
92:0f:a7:d0:29:ca:33:74:cf:02:8e:08:f4:85:12:4b:11:40:
5e:27:6a:26:36:9f:96:b9:a1:29:ef:f8:56:18:85:7b:77:93:
d2:a4:71:b7:6b:97:c0:47:bd:11:8a:66:66:28:5a:64:e9:47:
3c:15:d0:3d:84:d5:bc:7c:c7:fa:fb:63:8a:9f:39:55:3e:f5:
e9:9d:6d:cd:ee:ad:b5:dc:53:7e:a4:89:48:a7:35:2a:b0:dc:
d7:25:4c:dd:f6:d0:a1:0e:26:85:a6:c0:54:f1:8e:bd:91:88:
7c:df:ce:4b:2d:ae:a7:e0:0c:95:bb:77:a0:36:e6:a8:3f:82:
8e:47:25:7f:cb:73:54:99:c2:13:de:10:7d:e5:08:c1:e4:24:
05:13:98:69:56:28:31:70:2f:90:6f:9f:2a:cc:a5:d3:94:cc:
a7:2a:8b:91:e8:ba:e6:76:39:2b:68:47:33:50:c3:86:21:ee:
a3:a1:7a:c3:83:d2:fa:3a:38:70:98:48:01:f4:56:2b:09:f2:
aa:f3:99:a7:b1:11:9a:41:dc:22:ee:bf:3c:6d:09:77:c6:67:
ce:d4:be:fb:83:36:9d:49:31:35:84:ae:59:bd:d7:d6:a2:ad:
72:3b:36:20
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCj2DcXBHfPrzwkQYvw1fLMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzExMjIwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2I3MmY0ZmU4ZWYyNjkxYzQyMTY4OGYyY2Y0MmQwNzRlMTQ2NTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuT8ZGLxq2ObiIGUmj8LOhe/s0Rz
HCcLMt72x0p7TtXorxCa/k/8WOYavcmKatBtnELwbVCIY6RsEotPPGxYH1LzmsIq
m4hAXdKAGvVSqAgI4luf1VztWxt9fq9IHHE6GKDMsUdyVxkEzeFQ+AQDhjCWgDT9
Gx4CaYD5RCtfERyzmaIUTTcUogL02/gg9TZtU7qG9hcwtZwjvs1FsSKorEfNTOcM
OyaOh0+ZIgKLs7FuLnMRTV9rmd3l87BzshIBlh03emPoXsffNNkJ1byv7yFeWTks
HF+l9YKA/gxZsRx7IA2JPq4CwX+YF66bScatDg9LwbRWa9h7tW81eFDK5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIO3L0/o7yaRxCFojyz0LQdOFGU/MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZzdjdlQtanZKcEhFSVdpUExQUXRCMDRVWlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJcxHJyoAuW7+tkkzx0L
L60+3JIPp9ApyjN0zwKOCPSFEksRQF4naiY2n5a5oSnv+FYYhXt3k9Kkcbdrl8BH
vRGKZmYoWmTpRzwV0D2E1bx8x/r7Y4qfOVU+9emdbc3urbXcU36kiUinNSqw3Ncl
TN320KEOJoWmwFTxjr2RiHzfzkstrqfgDJW7d6A25qg/go5HJX/Lc1SZwhPeEH3l
CMHkJAUTmGlWKDFwL5BvnyrMpdOUzKcqi5HouuZ2OStoRzNQw4Yh7qOhesOD0vo6
OHCYSAH0VisJ8qrzmaexEZpB3CLuvzxtCXfGZ87UvvuDNp1JMTWErlm919airXI7
NiA=
-----END CERTIFICATE-----
Generated at Fri Jul 12 01:37:23 2024 by rpki-client on console-fra.rpki-client.org