Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hzRw-1jg4E9zfkaWWHBaJVpkrXM.roa
File: hzRw-1jg4E9zfkaWWHBaJVpkrXM.roa (raw, json)
Hash identifier: mro+DehvfT4UVHt6Q+5WP100mJ42nqEHk5fB+dyedlo=
Subject key identifier: 87:34:70:FB:58:E0:E0:4F:73:7E:46:96:58:70:5A:25:5A:64:AD:73
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FCE8E0FEE285A21520479CB1F724D8783
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hzRw-1jg4E9zfkaWWHBaJVpkrXM.roa
Signing time: Fri 31 May 2024 12:09:27 +0000
ROA not before: Fri 31 May 2024 12:09:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 31 May 2024 13:04:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ce:8e:0f:ee:28:5a:21:52:04:79:cb:1f:72:4d:87:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 31 12:09:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=873470fb58e0e04f737e469658705a255a64ad73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c5:e0:bd:ca:ae:ef:32:52:a7:9c:8c:d4:ac:
82:57:df:22:98:41:5b:d6:0c:69:bb:af:92:87:67:
19:65:f9:29:c9:f6:a4:48:d3:45:cf:24:de:1f:82:
1d:39:b7:db:76:10:f8:d3:90:64:1b:41:5b:f9:36:
de:08:2c:1b:e7:b2:3b:be:47:bb:16:43:cf:42:74:
d0:cb:b9:2a:4a:46:0c:5c:b0:ff:d4:c4:1c:ba:77:
af:71:a4:b5:0f:8c:d3:91:76:2b:58:0f:0b:8c:cc:
7c:01:a6:60:7d:b8:9e:bc:30:d2:f4:d0:56:d8:d7:
ba:82:80:8c:6c:37:43:9d:f8:47:60:ab:be:70:68:
47:5d:23:e2:d3:b1:35:1a:6c:ac:3f:fb:3b:1b:06:
18:c5:89:ee:80:be:1b:2b:fb:24:41:d3:4b:0c:38:
d2:ad:d6:79:73:6b:8e:80:db:3b:06:b2:f9:82:2d:
18:84:98:af:b6:8e:9f:49:6f:c5:49:7b:94:63:1d:
f9:e2:9a:1d:04:a5:39:90:76:98:02:f8:b9:b0:ce:
ce:10:dc:d3:3d:2f:e4:21:5e:de:db:15:25:c2:1c:
99:1f:ac:25:62:ce:27:d0:6e:e7:70:e1:dc:e5:9f:
3a:24:aa:cf:77:db:c9:88:6d:0f:0c:27:60:14:96:
c7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:34:70:FB:58:E0:E0:4F:73:7E:46:96:58:70:5A:25:5A:64:AD:73
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hzRw-1jg4E9zfkaWWHBaJVpkrXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
82:8d:1f:a2:77:bd:e7:55:2c:a9:1e:3a:00:8c:ed:5f:c8:52:
e1:bf:95:0e:2c:ff:2a:80:4e:3e:7a:f4:6a:ce:30:9c:d2:56:
84:97:8f:a7:44:b5:51:5f:f7:32:c8:e2:b0:fc:8a:d3:3f:1b:
52:35:77:c1:97:96:14:db:78:04:94:93:a3:b0:ca:27:c7:f9:
29:09:b3:28:be:89:2b:56:9e:f2:93:51:34:ee:ba:31:e0:d9:
46:89:b6:89:dd:ea:dd:51:3b:b2:ea:6b:10:82:65:4b:b3:2a:
26:ba:f5:38:a8:29:e6:24:1c:cf:ba:f9:26:85:70:33:29:d3:
76:2d:1c:41:c4:4f:07:ee:70:47:fd:a5:85:d8:3d:a2:1e:3e:
be:07:fc:7a:a9:47:8d:ad:b4:a3:d8:bc:46:cc:d3:11:b0:2d:
55:d3:87:85:c5:8c:c5:dc:8d:ee:60:29:f4:09:4a:8d:16:49:
7b:d4:a4:7d:69:09:06:dd:a6:02:d6:3c:49:c7:b5:b8:6a:28:
f7:c7:8b:7d:73:24:6c:93:c1:09:3d:a6:99:41:78:dd:16:e3:
ed:2c:ba:65:55:6d:e7:03:1a:d3:74:25:99:23:c1:9d:87:3f:
35:c6:0c:e2:2c:6a:f1:1c:57:32:03:f3:88:ac:57:8b:09:87:
41:5f:7a:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/Ojg/uKFohUgR5yx9yTYeDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTMxMTIwOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzM0NzBmYjU4ZTBlMDRmNzM3ZTQ2OTY1ODcwNWEyNTVhNjRhZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8Xgvcqu7zJSp5yM1KyCV98imEFb
1gxpu6+Sh2cZZfkpyfakSNNFzyTeH4IdObfbdhD405BkG0Fb+TbeCCwb57I7vke7
FkPPQnTQy7kqSkYMXLD/1MQcunevcaS1D4zTkXYrWA8LjMx8AaZgfbievDDS9NBW
2Ne6goCMbDdDnfhHYKu+cGhHXSPi07E1GmysP/s7GwYYxYnugL4bK/skQdNLDDjS
rdZ5c2uOgNs7BrL5gi0YhJivto6fSW/FSXuUYx354podBKU5kHaYAvi5sM7OENzT
PS/kIV7e2xUlwhyZH6wlYs4n0G7ncOHc5Z86JKrPd9vJiG0PDCdgFJbHqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIc0cPtY4OBPc35GllhwWiVaZK1zMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaHpSdy0xamc0RTl6ZmthV1dIQmFKVnBrclhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIKNH6J3vedVLKkeOgCM
7V/IUuG/lQ4s/yqATj569GrOMJzSVoSXj6dEtVFf9zLI4rD8itM/G1I1d8GXlhTb
eASUk6OwyifH+SkJsyi+iStWnvKTUTTuujHg2UaJtond6t1RO7LqaxCCZUuzKia6
9TioKeYkHM+6+SaFcDMp03YtHEHETwfucEf9pYXYPaIePr4H/HqpR42ttKPYvEbM
0xGwLVXTh4XFjMXcje5gKfQJSo0WSXvUpH1pCQbdpgLWPEnHtbhqKPfHi31zJGyT
wQk9pplBeN0W4+0sumVVbecDGtN0JZkjwZ2HPzXGDOIsavEcVzID84isV4sJh0Ff
enc=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:17 2025 by rpki-client