Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kCmolJZbV5gbH85f-s-kg9Yflng.roa
File: kCmolJZbV5gbH85f-s-kg9Yflng.roa (raw, json)
Hash identifier: SQFi7PmC1mDPLT3admAo1cfNPRd04mHRdxVO/77nA5g=
Subject key identifier: 90:29:A8:94:96:5B:57:98:1B:1F:CE:5F:FA:CF:A4:83:D6:1F:96:78
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FC2532F8C0405FCB4832ED042CA86FCE4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kCmolJZbV5gbH85f-s-kg9Yflng.roa
Signing time: Wed 29 May 2024 03:09:42 +0000
ROA not before: Wed 29 May 2024 03:09:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 May 2024 04:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c2:53:2f:8c:04:05:fc:b4:83:2e:d0:42:ca:86:fc:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 29 03:09:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9029a894965b57981b1fce5ffacfa483d61f9678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ce:04:f4:2a:d6:2d:4c:6c:54:f9:af:8b:bd:
64:1c:8b:ea:c8:4b:a6:09:e3:11:d4:7d:b4:01:0e:
58:71:cb:08:d5:a3:1c:3d:0c:2d:45:76:f0:a9:bc:
74:97:26:91:63:a4:f1:03:5d:0f:db:0d:39:47:6a:
87:5c:a5:be:a7:85:31:96:99:93:7c:80:c6:ad:33:
8e:68:2d:0c:49:42:44:30:74:c5:18:67:b8:b6:e6:
51:42:3b:97:ba:f1:0d:e8:42:dd:74:a4:34:24:0c:
f0:4f:63:eb:78:35:67:84:fa:3e:ee:fc:dc:f1:85:
ce:05:c6:81:88:ef:45:18:03:1d:0e:07:4b:ab:ec:
3f:18:58:c0:81:ae:cc:03:c3:cf:80:16:09:f3:53:
d2:3b:d7:73:40:49:1c:92:18:a8:c9:0b:7e:5b:7c:
ce:2b:03:d2:37:59:99:f7:3a:6d:6b:91:e8:58:49:
5d:65:32:c5:e9:cb:58:17:53:af:3f:ad:23:7b:e0:
42:81:ea:9d:6f:c5:cd:42:f9:e2:3f:62:d4:47:1f:
fe:48:45:26:aa:9f:d0:fc:3a:be:fe:e0:10:b9:c9:
69:6d:8d:cb:4d:8f:fe:e7:69:62:5e:5f:88:0b:ac:
2d:de:c3:53:bf:1a:66:04:b4:c3:81:3e:09:22:88:
4c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:29:A8:94:96:5B:57:98:1B:1F:CE:5F:FA:CF:A4:83:D6:1F:96:78
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kCmolJZbV5gbH85f-s-kg9Yflng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
21:ca:8b:65:5f:2c:c5:b6:5a:c5:89:70:cd:35:d3:65:8f:fb:
4a:8c:e1:38:cf:80:c1:ce:ae:ec:c0:56:42:6f:4c:af:f7:e2:
bb:dc:7f:22:7c:e9:c7:77:f7:34:28:9c:e1:60:a8:b1:d4:11:
38:3e:c8:23:27:86:75:5c:a6:8d:0b:2b:df:e9:40:e7:f5:65:
01:a0:b6:77:ab:24:60:20:27:ac:65:3c:77:ed:ce:fe:a3:db:
1b:17:65:ad:24:1b:12:c5:bf:42:70:67:ea:06:2e:3b:ee:4b:
20:9e:90:0d:5c:23:52:48:4b:83:9b:dd:6c:50:de:fd:7f:33:
67:56:aa:3c:27:0e:05:ed:b6:fb:42:f9:34:17:f8:43:f6:2d:
ee:bf:1a:5f:41:c0:e6:06:21:18:f9:f9:fe:b0:c0:0d:24:cb:
51:b3:4e:59:2e:9e:85:4f:68:13:46:51:2f:5e:c2:a6:c2:5c:
22:9d:0d:8f:b1:11:4b:2b:9b:88:bc:f8:31:54:2d:93:a8:ab:
aa:86:9f:8f:fd:c3:06:16:be:2a:59:94:95:20:61:6b:6d:5b:
17:f1:9b:31:4e:36:2f:80:83:40:59:70:3f:86:55:19:dc:c5:
85:26:7f:91:cf:a5:44:07:c0:06:82:b4:b8:ee:1a:55:bd:13:
ea:e9:d2:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/CUy+MBAX8tIMu0ELKhvzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI5MDMwOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDI5YTg5NDk2NWI1Nzk4MWIxZmNlNWZmYWNmYTQ4M2Q2MWY5Njc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4M4E9CrWLUxsVPmvi71kHIvqyEum
CeMR1H20AQ5YccsI1aMcPQwtRXbwqbx0lyaRY6TxA10P2w05R2qHXKW+p4UxlpmT
fIDGrTOOaC0MSUJEMHTFGGe4tuZRQjuXuvEN6ELddKQ0JAzwT2PreDVnhPo+7vzc
8YXOBcaBiO9FGAMdDgdLq+w/GFjAga7MA8PPgBYJ81PSO9dzQEkckhioyQt+W3zO
KwPSN1mZ9zpta5HoWEldZTLF6ctYF1OvP60je+BCgeqdb8XNQvniP2LURx/+SEUm
qp/Q/Dq+/uAQuclpbY3LTY/+52liXl+IC6wt3sNTvxpmBLTDgT4JIohM4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJApqJSWW1eYGx/OX/rPpIPWH5Z4MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEva0Ntb2xKWmJWNWdiSDg1Zi1zLWtnOVlmbG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACHKi2VfLMW2WsWJcM01
02WP+0qM4TjPgMHOruzAVkJvTK/34rvcfyJ86cd39zQonOFgqLHUETg+yCMnhnVc
po0LK9/pQOf1ZQGgtnerJGAgJ6xlPHftzv6j2xsXZa0kGxLFv0JwZ+oGLjvuSyCe
kA1cI1JIS4Ob3WxQ3v1/M2dWqjwnDgXttvtC+TQX+EP2Le6/Gl9BwOYGIRj5+f6w
wA0ky1GzTlkunoVPaBNGUS9ewqbCXCKdDY+xEUsrm4i8+DFULZOoq6qGn4/9wwYW
vipZlJUgYWttWxfxmzFONi+Ag0BZcD+GVRncxYUmf5HPpUQHwAaCtLjuGlW9E+rp
0j8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org