Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/j98UelMLv5ZQ3XBBedNuqpQel_o.roa
File: j98UelMLv5ZQ3XBBedNuqpQel_o.roa (raw, json)
Hash identifier: 0a2GueB8iB/V5ZfEzdH/uxBUM9kG3RdAcT7riGbBj/s=
Subject key identifier: 8F:DF:14:7A:53:0B:BF:96:50:DD:70:41:79:D3:6E:AA:94:1E:97:FA
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FD15A00A9C34B277A8382C70F9A63CF90
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/j98UelMLv5ZQ3XBBedNuqpQel_o.roa
Signing time: Sat 01 Jun 2024 01:11:27 +0000
ROA not before: Sat 01 Jun 2024 01:11:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 01 Jun 2024 02:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d1:5a:00:a9:c3:4b:27:7a:83:82:c7:0f:9a:63:cf:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 1 01:11:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fdf147a530bbf9650dd704179d36eaa941e97fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:34:f4:14:30:72:63:45:3e:11:29:ed:13:2e:
ef:2e:2f:47:0f:eb:a0:a4:86:0e:fe:7c:6e:95:a8:
b7:97:06:cb:ef:e3:ad:be:56:1a:99:07:9e:bf:4c:
31:f0:e8:ae:ce:ef:9a:92:3c:03:97:db:68:4b:3e:
ce:96:cf:9b:b0:04:e6:1e:a4:64:7b:5e:c1:21:fd:
97:92:5c:6f:15:72:0a:22:23:af:ca:1b:3f:31:31:
68:38:3e:a8:64:a4:c5:5e:f1:95:5b:19:92:bb:e0:
9f:6a:6a:06:f4:cc:80:65:3d:88:76:0e:5d:d2:42:
6e:1a:42:1e:b6:8e:d3:39:6f:44:8f:ec:d5:1a:93:
a7:cf:9f:d1:32:dd:1e:9e:fc:5c:ee:aa:d5:80:94:
1b:31:ef:61:a3:0a:b1:9d:49:dd:38:af:0c:81:5c:
38:b3:f0:3f:55:c2:fa:0a:b0:08:f4:39:13:15:e4:
52:b3:88:b8:2b:7f:3f:76:5e:08:24:ea:17:a1:29:
55:39:9e:f7:6e:fa:89:03:53:da:d8:41:07:0c:e2:
bd:20:05:bd:e2:de:6a:67:2d:82:11:08:dd:60:e9:
cf:77:9a:37:ac:73:42:f5:c4:64:3a:44:1e:92:1a:
4c:fc:83:4b:f4:95:6b:57:64:32:10:ac:70:a3:ed:
0c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:DF:14:7A:53:0B:BF:96:50:DD:70:41:79:D3:6E:AA:94:1E:97:FA
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/j98UelMLv5ZQ3XBBedNuqpQel_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
29:1b:e5:cf:50:e3:3a:14:b7:84:7d:95:8b:d8:e1:da:33:a8:
c0:27:55:d9:0c:0b:a6:4d:be:f4:16:62:28:65:ff:86:99:c2:
37:e0:81:36:41:75:01:a7:62:dd:3c:35:af:aa:d1:d6:1c:e8:
a7:d1:24:a3:57:c2:d6:db:29:86:f8:47:77:0b:e3:a6:ed:88:
d5:25:c8:2e:29:09:d2:a8:71:e8:bd:a3:f9:08:a8:06:0d:11:
7e:02:bf:da:27:fc:56:6d:45:83:d9:04:fc:8a:cd:f6:ad:f9:
65:a9:20:18:df:d7:ce:61:1e:bc:22:d9:b0:e5:fa:ca:22:9a:
64:c2:19:bc:be:88:a6:98:12:e8:61:e6:f4:63:37:a7:b4:f0:
1c:3f:11:33:7a:8b:89:f0:6d:cd:63:a3:be:57:47:08:e1:9f:
84:da:a7:6a:01:56:02:f3:18:1f:ab:a2:b4:08:94:5d:e3:f7:
7c:c6:48:ab:c5:0b:6c:36:bb:6c:5c:10:f9:91:7e:8b:d9:33:
95:45:17:22:5f:c0:f5:6e:57:34:fc:49:ed:6d:4e:1d:c8:47:
e3:56:0b:7b:27:4c:a0:fc:2c:4e:7b:5e:b1:45:6a:2f:a2:56:
d8:e5:06:89:e6:9e:48:a2:6d:09:c7:a4:99:18:92:b6:d6:3b:
29:13:20:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/RWgCpw0sneoOCxw+aY8+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAxMDExMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmRmMTQ3YTUzMGJiZjk2NTBkZDcwNDE3OWQzNmVhYTk0MWU5N2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTT0FDByY0U+ESntEy7vLi9HD+ug
pIYO/nxulai3lwbL7+OtvlYamQeev0wx8Oiuzu+akjwDl9toSz7Ols+bsATmHqRk
e17BIf2XklxvFXIKIiOvyhs/MTFoOD6oZKTFXvGVWxmSu+CfamoG9MyAZT2Idg5d
0kJuGkIeto7TOW9Ej+zVGpOnz5/RMt0envxc7qrVgJQbMe9howqxnUndOK8MgVw4
s/A/VcL6CrAI9DkTFeRSs4i4K38/dl4IJOoXoSlVOZ73bvqJA1Pa2EEHDOK9IAW9
4t5qZy2CEQjdYOnPd5o3rHNC9cRkOkQekhpM/INL9JVrV2QyEKxwo+0MgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI/fFHpTC7+WUN1wQXnTbqqUHpf6MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvajk4VWVsTUx2NVpRM1hCQmVkTnVxcFFlbF9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACkb5c9Q4zoUt4R9lYvY
4dozqMAnVdkMC6ZNvvQWYihl/4aZwjfggTZBdQGnYt08Na+q0dYc6KfRJKNXwtbb
KYb4R3cL46btiNUlyC4pCdKocei9o/kIqAYNEX4Cv9on/FZtRYPZBPyKzfat+WWp
IBjf185hHrwi2bDl+soimmTCGby+iKaYEuhh5vRjN6e08Bw/ETN6i4nwbc1jo75X
Rwjhn4Tap2oBVgLzGB+rorQIlF3j93zGSKvFC2w2u2xcEPmRfovZM5VFFyJfwPVu
VzT8Se1tTh3IR+NWC3snTKD8LE57XrFFai+iVtjlBonmnkiibQnHpJkYkrbWOykT
INw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:25 2025 by rpki-client