Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/gHI7FuuhlT26jWbKrhPkfnerPiM.roa
File: gHI7FuuhlT26jWbKrhPkfnerPiM.roa (raw, json)
Hash identifier: UNZRbXPVQY4a6Vp65t7HO610VKbwALMxz1B3gQzkcV4=
Subject key identifier: 80:72:3B:16:EB:A1:95:3D:BA:8D:66:CA:AE:13:E4:7E:77:AB:3E:23
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01909166992E6D1E5B7F0DC98C4868F8DB75
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/gHI7FuuhlT26jWbKrhPkfnerPiM.roa
Signing time: Mon 08 Jul 2024 08:12:18 +0000
ROA not before: Mon 08 Jul 2024 08:12:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 08 Jul 2024 09:19:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:91:66:99:2e:6d:1e:5b:7f:0d:c9:8c:48:68:f8:db:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 8 08:12:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80723b16eba1953dba8d66caae13e47e77ab3e23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d2:14:82:b2:b9:c7:02:2b:79:f1:ca:42:1d:
5e:f6:63:00:42:99:af:e4:82:80:a3:08:a9:3b:85:
cb:e9:e9:6a:b0:ac:a3:a2:51:29:8c:7a:34:ce:03:
dc:12:a8:b9:13:4f:36:a4:7c:0a:5c:f1:ac:ec:e5:
bc:71:cb:21:9d:9a:c0:27:b1:d6:b1:6d:a7:6f:0e:
52:bf:0e:f3:92:5c:66:fd:c4:69:39:af:ac:11:46:
56:66:23:ed:db:37:81:79:26:29:55:33:be:9b:f7:
c3:79:07:7f:6c:6a:9f:af:47:8a:19:4d:71:25:65:
a2:d9:28:75:44:8e:94:3f:30:89:cb:e5:c6:de:ca:
c9:79:ed:ce:4c:2e:eb:7a:a9:a1:d5:5d:b2:1c:83:
41:79:54:0f:f7:73:6c:09:05:fa:df:2c:43:a9:df:
21:40:65:49:18:e4:53:db:1f:f1:e9:3b:50:85:98:
48:14:30:7a:31:3a:d2:fb:8f:de:16:3a:3f:e4:ff:
18:55:83:93:77:3e:b6:27:a3:d0:f8:70:55:f7:85:
17:7f:39:e7:f6:a2:0b:e0:a9:c9:ec:c7:3e:13:bb:
76:1e:7e:0f:69:d2:ba:b8:ee:0d:e5:96:f6:a0:60:
62:3f:eb:96:ec:35:32:22:a4:65:7c:43:0e:d0:f8:
50:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:72:3B:16:EB:A1:95:3D:BA:8D:66:CA:AE:13:E4:7E:77:AB:3E:23
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/gHI7FuuhlT26jWbKrhPkfnerPiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1f:96:2d:16:f9:7c:36:5e:8d:b7:ce:7b:ab:33:b4:d0:16:82:
29:2c:19:23:52:6d:49:c0:e6:74:57:69:00:5b:75:74:f5:d9:
7f:10:83:21:f9:65:68:64:d9:88:96:96:db:49:95:c2:d2:f7:
85:45:69:d8:13:88:f2:35:e1:50:77:df:52:ae:b4:2c:b4:45:
9e:dd:40:08:ea:65:55:66:59:a1:91:59:30:ef:dd:33:58:ca:
a1:5e:73:6c:01:93:69:b0:06:94:2a:81:0b:82:5e:d5:3a:f3:
52:8c:51:2f:1c:57:8b:96:db:05:b1:8f:d3:be:fd:dd:bf:97:
0a:7d:c6:a4:10:4f:87:bf:55:fe:7d:55:18:5f:98:ee:c9:d1:
67:1f:28:d9:d1:24:40:8d:c2:51:24:b4:a1:bb:b0:63:8f:f5:
7c:63:04:ea:1d:e2:24:44:d9:23:3c:0b:eb:bd:04:d5:a3:a6:
15:24:4c:8d:fb:fe:ba:73:bd:06:5d:12:7c:8e:1e:d8:80:7a:
a4:49:89:a1:ea:66:6e:99:bf:93:04:cf:d8:5b:a2:4e:b7:3f:
3d:b3:f4:f8:75:00:64:e7:f9:25:ca:6a:91:b3:5a:b5:8b:9a:
2f:02:e1:b4:f9:67:4e:7b:d3:b7:d1:1e:86:bf:a5:ac:fb:ee:
2b:a4:c0:bc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCRZpkubR5bfw3JjEho+Nt1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA4MDgxMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDcyM2IxNmViYTE5NTNkYmE4ZDY2Y2FhZTEzZTQ3ZTc3YWIzZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtIUgrK5xwIrefHKQh1e9mMAQpmv
5IKAowipO4XL6elqsKyjolEpjHo0zgPcEqi5E082pHwKXPGs7OW8ccshnZrAJ7HW
sW2nbw5Svw7zklxm/cRpOa+sEUZWZiPt2zeBeSYpVTO+m/fDeQd/bGqfr0eKGU1x
JWWi2Sh1RI6UPzCJy+XG3srJee3OTC7reqmh1V2yHINBeVQP93NsCQX63yxDqd8h
QGVJGORT2x/x6TtQhZhIFDB6MTrS+4/eFjo/5P8YVYOTdz62J6PQ+HBV94UXfznn
9qIL4KnJ7Mc+E7t2Hn4PadK6uO4N5Zb2oGBiP+uW7DUyIqRlfEMO0PhQgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIByOxbroZU9uo1myq4T5H53qz4jMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZ0hJN0Z1dWhsVDI2aldiS3JoUGtmbmVyUGlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB+WLRb5fDZejbfOe6sz
tNAWgiksGSNSbUnA5nRXaQBbdXT12X8QgyH5ZWhk2YiWlttJlcLS94VFadgTiPI1
4VB331KutCy0RZ7dQAjqZVVmWaGRWTDv3TNYyqFec2wBk2mwBpQqgQuCXtU681KM
US8cV4uW2wWxj9O+/d2/lwp9xqQQT4e/Vf59VRhfmO7J0WcfKNnRJECNwlEktKG7
sGOP9XxjBOod4iRE2SM8C+u9BNWjphUkTI37/rpzvQZdEnyOHtiAeqRJiaHqZm6Z
v5MEz9hbok63Pz2z9Ph1AGTn+SXKapGzWrWLmi8C4bT5Z05707fRHoa/paz77iuk
wLw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:33 2025 by rpki-client