Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hNsX4yYG4lfoHdD7Xfm-6Hsj9-s.roa
File: hNsX4yYG4lfoHdD7Xfm-6Hsj9-s.roa (raw, json)
Hash identifier: Z++Dj9Bhz1JoZ4RQlgJYTQLFsE+/DpLcYcrs3XklD+U=
Subject key identifier: 84:DB:17:E3:26:06:E2:57:E8:1D:D0:FB:5D:F9:BE:E8:7B:23:F7:EB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FAB9558A87E4AED529B82ECBA43FF9C56
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hNsX4yYG4lfoHdD7Xfm-6Hsj9-s.roa
Signing time: Fri 24 May 2024 17:10:42 +0000
ROA not before: Fri 24 May 2024 17:10:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 24 May 2024 18:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ab:95:58:a8:7e:4a:ed:52:9b:82:ec:ba:43:ff:9c:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 24 17:10:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84db17e32606e257e81dd0fb5df9bee87b23f7eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:91:89:09:af:6d:c9:09:8a:6d:0d:5f:90:17:
43:45:a4:1e:76:dc:79:0e:e3:df:d5:b7:67:01:37:
c8:ad:ff:e7:f2:08:cc:67:47:84:ee:47:4c:6b:21:
8c:eb:b4:81:0a:48:1d:7f:de:eb:11:31:a9:d2:ca:
02:a8:53:9a:83:1d:50:b6:20:a3:bb:c5:ba:7c:d0:
71:84:27:4b:63:2a:18:89:56:cd:b5:f0:7f:34:b9:
00:99:33:bb:5d:e7:39:84:5d:51:2d:5e:14:3c:a1:
41:e0:59:5c:08:c1:c6:f2:77:10:d1:85:5f:4d:72:
ab:0f:b5:7d:f5:8c:ab:a3:5f:0b:82:a4:6e:d2:01:
19:7a:07:94:1e:03:ca:ca:dd:a5:9e:21:06:05:5f:
51:68:af:43:14:f4:35:2a:f0:f5:72:27:47:0d:92:
66:c1:56:bd:1b:d9:65:7e:ed:6a:57:5f:0f:20:78:
4f:f2:3f:4a:54:e2:1e:a0:70:c9:11:af:28:c1:8b:
e1:5b:15:62:43:27:7b:16:b9:53:11:20:80:69:06:
1a:e3:7f:b4:53:3e:d4:ac:55:30:ac:e1:da:1f:30:
ab:8b:e0:01:99:8c:8b:15:95:28:20:85:3c:3a:24:
d8:5b:ad:59:d7:05:4a:47:49:5b:af:d7:af:6b:8e:
a3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:DB:17:E3:26:06:E2:57:E8:1D:D0:FB:5D:F9:BE:E8:7B:23:F7:EB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hNsX4yYG4lfoHdD7Xfm-6Hsj9-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5e:3a:70:e6:fa:8d:d7:94:67:36:bf:76:6c:57:39:cf:37:3b:
33:e7:c0:aa:d3:95:9d:26:35:f8:fd:a4:58:06:ab:09:ed:17:
ee:6d:ea:9d:7a:ee:d5:2c:66:d3:7b:5b:b5:90:ba:8c:a9:c7:
f3:a3:64:c0:0d:a1:22:bf:4e:64:0e:a7:48:48:94:b5:d0:c4:
55:7b:68:fa:54:ca:34:41:a0:78:96:55:d0:b5:3f:09:24:f8:
d7:49:5b:52:cd:29:f2:2d:9f:8d:31:fe:9d:3b:72:98:fa:4b:
7d:17:20:b5:df:9c:31:dc:e7:59:92:9a:f5:f8:36:60:eb:a6:
7f:28:10:dd:6b:a6:12:a7:30:4b:5f:3f:0a:4c:91:47:9e:cc:
70:e5:ef:e4:bc:6d:f2:ce:e7:aa:27:1f:ae:d4:41:60:e7:fd:
0f:05:f0:bf:d9:5d:07:31:07:60:d6:67:c9:fb:67:f3:86:65:
f3:ae:23:a2:a6:46:0e:5c:3a:40:71:09:57:76:23:27:f6:c5:
1d:2a:a3:36:c0:9a:cf:4b:05:5a:6b:0f:f0:87:b2:3f:df:bc:
e7:ed:1c:c3:95:eb:35:86:f7:d3:bb:60:06:1e:55:95:06:64:
26:fd:09:b9:02:2b:a9:dd:cc:18:eb:09:b0:20:da:ab:93:87:
58:7c:f2:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+rlViofkrtUpuC7LpD/5xWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI0MTcxMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGRiMTdlMzI2MDZlMjU3ZTgxZGQwZmI1ZGY5YmVlODdiMjNmN2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15GJCa9tyQmKbQ1fkBdDRaQedtx5
DuPf1bdnATfIrf/n8gjMZ0eE7kdMayGM67SBCkgdf97rETGp0soCqFOagx1QtiCj
u8W6fNBxhCdLYyoYiVbNtfB/NLkAmTO7Xec5hF1RLV4UPKFB4FlcCMHG8ncQ0YVf
TXKrD7V99Yyro18LgqRu0gEZegeUHgPKyt2lniEGBV9RaK9DFPQ1KvD1cidHDZJm
wVa9G9llfu1qV18PIHhP8j9KVOIeoHDJEa8owYvhWxViQyd7FrlTESCAaQYa43+0
Uz7UrFUwrOHaHzCri+ABmYyLFZUoIIU8OiTYW61Z1wVKR0lbr9eva46j5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFITbF+MmBuJX6B3Q+135vuh7I/frMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaE5zWDR5WUc0bGZvSGREN1hmbS02SHNqOS1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF46cOb6jdeUZza/dmxX
Oc83OzPnwKrTlZ0mNfj9pFgGqwntF+5t6p167tUsZtN7W7WQuoypx/OjZMANoSK/
TmQOp0hIlLXQxFV7aPpUyjRBoHiWVdC1Pwkk+NdJW1LNKfItn40x/p07cpj6S30X
ILXfnDHc51mSmvX4NmDrpn8oEN1rphKnMEtfPwpMkUeezHDl7+S8bfLO56onH67U
QWDn/Q8F8L/ZXQcxB2DWZ8n7Z/OGZfOuI6KmRg5cOkBxCVd2Iyf2xR0qozbAms9L
BVprD/CHsj/fvOftHMOV6zWG99O7YAYeVZUGZCb9CbkCK6ndzBjrCbAg2quTh1h8
8j8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:15 2024 by rpki-client on console-ams.rpki-client.org