Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kDOio0A7NFRdDUIv9uY7Zy46u8A.roa
File: kDOio0A7NFRdDUIv9uY7Zy46u8A.roa (raw, json)
Hash identifier: JzxaTHHcnS0uU+WW2/b33N5pM8UonUY4aenLSX71V2s=
Subject key identifier: 90:33:A2:A3:40:3B:34:54:5D:0D:42:2F:F6:E6:3B:67:2E:3A:BB:C0
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019097619A9644E4FDF32A725F8AA9956456
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kDOio0A7NFRdDUIv9uY7Zy46u8A.roa
Signing time: Tue 09 Jul 2024 12:04:34 +0000
ROA not before: Tue 09 Jul 2024 12:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:9761:48a0/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 09 Jul 2024 12:10:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:97:61:9a:96:44:e4:fd:f3:2a:72:5f:8a:a9:95:64:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 9 12:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9033a2a3403b34545d0d422ff6e63b672e3abbc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:cc:94:a9:aa:a5:82:46:ba:21:86:0f:a6:20:
91:08:94:f8:a3:12:78:38:b3:9e:ed:6c:1a:4d:17:
ec:e4:0f:7b:76:3a:02:2b:d2:7f:2a:b0:5b:fe:07:
10:86:35:ff:ac:d8:6e:72:b3:5d:76:de:95:d4:e0:
ec:26:33:2c:93:28:ec:42:1f:88:68:a6:2e:a1:26:
a3:aa:a7:53:e3:43:aa:6c:15:83:dd:35:34:fc:9e:
b1:3b:02:d3:90:5c:94:c5:c1:80:40:50:77:17:9c:
96:69:72:e6:89:5a:83:db:59:6e:d2:b4:57:c4:0a:
6f:a7:1a:b6:99:f6:69:52:12:d1:01:9a:52:37:a9:
52:ed:e7:bf:21:ee:04:21:e6:1c:56:9e:ed:f1:8d:
19:5c:28:9c:ae:08:0a:c3:3c:6f:24:09:cb:47:c5:
3f:17:b7:8d:28:57:15:c0:8c:11:58:99:4b:9e:86:
b3:8f:8d:f3:eb:fd:71:70:5e:c1:66:85:49:a3:60:
e2:ef:6c:71:20:f7:d1:6b:dd:b0:88:4f:0c:d5:84:
f6:0e:1b:e5:70:61:b4:e6:62:d4:d3:ec:03:37:01:
e5:28:f0:b6:f7:85:6e:28:ea:ae:62:08:62:04:0e:
85:b4:e6:39:26:51:8c:a2:47:64:8f:4c:13:e5:d4:
f1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:33:A2:A3:40:3B:34:54:5D:0D:42:2F:F6:E6:3B:67:2E:3A:BB:C0
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kDOio0A7NFRdDUIv9uY7Zy46u8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:9c:b8:5e:3b:89:58:cc:a6:28:26:44:59:c5:fe:5c:54:00:
09:5a:88:e9:2f:24:97:47:94:f2:30:fd:3a:97:ae:cc:71:3f:
b9:0f:bf:44:cc:59:6c:f6:18:a3:fb:1c:65:65:ee:2e:bc:be:
b3:25:57:21:3e:b8:7f:30:40:f7:8c:52:95:ee:df:96:0e:24:
50:85:8a:e8:0a:ec:35:4c:9b:85:f2:14:d7:5f:76:85:3e:cd:
59:4e:a8:b2:75:7f:d0:ea:e3:11:ac:15:61:df:33:72:0c:01:
e0:06:56:70:f5:41:71:70:95:3c:f8:bf:85:70:60:66:af:26:
c3:c4:7b:2f:c4:a9:61:d5:2c:b1:84:79:f9:cb:55:47:7a:11:
0d:92:b6:92:c2:28:90:f4:17:fc:e3:b9:82:d1:29:ec:e1:59:
62:19:2a:d9:14:b8:d0:54:95:44:10:f6:cf:72:de:43:90:f7:
aa:d6:1b:4f:35:97:98:e2:9d:d6:22:ce:1e:2e:44:d4:38:0a:
a0:e0:cf:6e:c8:83:c8:0b:11:c5:bc:f6:65:b0:6f:a2:1f:97:
a2:6f:8e:af:c3:0e:b4:9e:f0:76:06:54:eb:0f:fd:51:68:75:
9e:f5:ad:5d:67:fa:0d:0c:d5:89:aa:1c:e6:98:86:db:a6:bb:
80:e4:65:c1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCXYZqWROT98ypyX4qplWRWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA5MTIwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDMzYTJhMzQwM2IzNDU0NWQwZDQyMmZmNmU2M2I2NzJlM2FiYmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8yUqaqlgka6IYYPpiCRCJT4oxJ4
OLOe7WwaTRfs5A97djoCK9J/KrBb/gcQhjX/rNhucrNddt6V1ODsJjMskyjsQh+I
aKYuoSajqqdT40OqbBWD3TU0/J6xOwLTkFyUxcGAQFB3F5yWaXLmiVqD21lu0rRX
xApvpxq2mfZpUhLRAZpSN6lS7ee/Ie4EIeYcVp7t8Y0ZXCicrggKwzxvJAnLR8U/
F7eNKFcVwIwRWJlLnoazj43z6/1xcF7BZoVJo2Di72xxIPfRa92wiE8M1YT2Dhvl
cGG05mLU0+wDNwHlKPC294VuKOquYghiBA6FtOY5JlGMokdkj0wT5dTxhwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJAzoqNAOzRUXQ1CL/bmO2cuOrvAMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEva0RPaW8wQTdORlJkRFVJdjl1WTdaeTQ2dThBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAKcuF47iVjMpigmRFnF
/lxUAAlaiOkvJJdHlPIw/TqXrsxxP7kPv0TMWWz2GKP7HGVl7i68vrMlVyE+uH8w
QPeMUpXu35YOJFCFiugK7DVMm4XyFNdfdoU+zVlOqLJ1f9Dq4xGsFWHfM3IMAeAG
VnD1QXFwlTz4v4VwYGavJsPEey/EqWHVLLGEefnLVUd6EQ2StpLCKJD0F/zjuYLR
KezhWWIZKtkUuNBUlUQQ9s9y3kOQ96rWG081l5jindYizh4uRNQ4CqDgz27Ig8gL
EcW89mWwb6Ifl6Jvjq/DDrSe8HYGVOsP/VFodZ71rV1n+g0M1YmqHOaYhtumu4Dk
ZcE=
-----END CERTIFICATE-----
Generated at Tue Jul 9 15:52:58 2024 by rpki-client on console-ams.rpki-client.org