Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hoYxh9GKUVFc_EUozpWA2JZt4QI.roa
File: hoYxh9GKUVFc_EUozpWA2JZt4QI.roa (raw, json)
Hash identifier: prbc4rXc2ztY65kRoWDmAjdPW/McB9V18NNeIQ+tKZY=
Subject key identifier: 86:86:31:87:D1:8A:51:51:5C:FC:45:28:CE:95:80:D8:96:6D:E1:02
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01907510DFEF7E9130E8EAA9634E21DC8198
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hoYxh9GKUVFc_EUozpWA2JZt4QI.roa
Signing time: Tue 02 Jul 2024 20:09:18 +0000
ROA not before: Tue 02 Jul 2024 20:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jul 2024 21:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:75:10:df:ef:7e:91:30:e8:ea:a9:63:4e:21:dc:81:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 2 20:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86863187d18a51515cfc4528ce9580d8966de102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3f:fa:c9:7b:af:47:4e:3b:5e:1f:0b:4e:9d:
42:72:d2:e7:b7:14:df:de:48:28:ea:af:62:20:e5:
90:91:95:0d:9d:60:12:2c:8e:aa:86:7e:bf:9f:7c:
ac:9a:60:bd:c8:c0:2e:45:c7:a5:d5:ad:93:63:89:
86:41:a1:57:80:f1:8f:f4:73:2d:fc:41:7f:6e:6e:
13:bd:01:a9:8b:b7:c1:8b:14:a6:1a:76:1c:ef:4f:
7c:cd:c9:39:0b:47:d8:5c:a0:df:7f:c9:52:b2:04:
cd:17:ee:81:11:73:f3:9b:47:f0:2f:35:65:4d:1d:
7c:dc:62:54:34:6d:f5:1f:9a:81:bf:7a:94:10:bc:
bb:7d:32:f4:d1:57:a1:53:6f:17:c8:79:30:1a:1a:
f9:24:e0:56:5b:74:8b:ca:f9:b8:5b:ff:44:fe:3b:
f0:c6:34:65:05:48:6c:c8:2b:bb:5a:95:29:9d:7c:
ac:f4:d8:14:83:94:f6:3f:27:55:1d:cc:e4:6a:05:
6b:f6:ce:16:cf:62:16:c9:1d:e3:1e:02:56:d7:90:
d7:fe:82:ac:53:2e:ea:b6:03:db:c0:7c:6a:15:7c:
8f:cc:77:9d:2d:7b:2b:7d:95:1e:3e:42:9f:c2:77:
00:29:31:8e:8b:03:82:3e:d0:a1:05:46:2f:66:8b:
2c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:86:31:87:D1:8A:51:51:5C:FC:45:28:CE:95:80:D8:96:6D:E1:02
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hoYxh9GKUVFc_EUozpWA2JZt4QI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:88:8a:d8:19:50:77:4a:b1:68:f1:86:2e:89:a6:2d:a0:6e:
d8:00:30:3f:c4:53:74:85:0e:59:9f:0a:f0:4f:80:2a:2f:29:
db:06:3b:ab:02:47:d9:8a:d9:79:38:30:07:27:49:f5:59:f3:
75:ef:15:a6:4f:ff:d3:00:a2:11:b3:9a:03:82:08:67:93:58:
05:e4:33:46:13:91:ce:74:63:c2:17:dd:08:00:a4:4c:c9:a9:
45:36:60:a2:7a:bf:fa:3e:bf:8e:0d:d1:61:15:dd:45:da:0b:
6b:78:e3:ba:b5:3f:e1:3b:86:d4:0d:d9:51:55:29:67:3f:5a:
6a:93:78:9f:b1:af:2c:91:d9:01:d6:9f:c8:44:e7:f0:b0:e4:
c4:75:bb:f0:1d:e8:7f:dd:f9:96:19:cd:31:50:df:57:0c:00:
ad:d3:db:69:30:d3:eb:62:d6:22:3b:38:52:b6:90:67:11:31:
5c:89:f8:fa:9b:4a:e2:dc:33:2f:04:35:01:50:6b:61:26:0b:
6a:e8:c3:c5:a2:81:32:a2:6b:fe:f5:f4:0b:2e:e0:c7:f5:6e:
95:84:19:c2:f7:00:b2:1f:d5:d4:38:44:89:c0:6e:26:64:52:
aa:91:f5:12:ba:ba:56:5b:9b:b2:77:82:2f:af:cc:c7:32:37:
54:d1:a2:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZB1EN/vfpEw6OqpY04h3IGYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAyMjAwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njg2MzE4N2QxOGE1MTUxNWNmYzQ1MjhjZTk1ODBkODk2NmRlMTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD/6yXuvR047Xh8LTp1CctLntxTf
3kgo6q9iIOWQkZUNnWASLI6qhn6/n3ysmmC9yMAuRcel1a2TY4mGQaFXgPGP9HMt
/EF/bm4TvQGpi7fBixSmGnYc7098zck5C0fYXKDff8lSsgTNF+6BEXPzm0fwLzVl
TR183GJUNG31H5qBv3qUELy7fTL00VehU28XyHkwGhr5JOBWW3SLyvm4W/9E/jvw
xjRlBUhsyCu7WpUpnXys9NgUg5T2PydVHczkagVr9s4Wz2IWyR3jHgJW15DX/oKs
Uy7qtgPbwHxqFXyPzHedLXsrfZUePkKfwncAKTGOiwOCPtChBUYvZosswQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIaGMYfRilFRXPxFKM6VgNiWbeECMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaG9ZeGg5R0tVVkZjX0VVb3pwV0EySlp0NFFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIyIitgZUHdKsWjxhi6J
pi2gbtgAMD/EU3SFDlmfCvBPgCovKdsGO6sCR9mK2Xk4MAcnSfVZ83XvFaZP/9MA
ohGzmgOCCGeTWAXkM0YTkc50Y8IX3QgApEzJqUU2YKJ6v/o+v44N0WEV3UXaC2t4
47q1P+E7htQN2VFVKWc/WmqTeJ+xryyR2QHWn8hE5/Cw5MR1u/Ad6H/d+ZYZzTFQ
31cMAK3T22kw0+ti1iI7OFK2kGcRMVyJ+PqbSuLcMy8ENQFQa2EmC2row8WigTKi
a/719Asu4Mf1bpWEGcL3ALIf1dQ4RInAbiZkUqqR9RK6ulZbm7J3gi+vzMcyN1TR
oic=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:04 2025 by rpki-client