Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kSDx1pX8HETa2gHs42yisrdVc3s.roa
File: kSDx1pX8HETa2gHs42yisrdVc3s.roa (raw, json)
Hash identifier: YoWN/ePPw5LMJfcanSsPb4pw0LPDxJ4TDulcDg63T54=
Subject key identifier: 91:20:F1:D6:95:FC:1C:44:DA:DA:01:EC:E3:6C:A2:B2:B7:55:73:7B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01900B11CD9B0F4F708232DBDD9E5E2A6150
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kSDx1pX8HETa2gHs42yisrdVc3s.roa
Signing time: Wed 12 Jun 2024 06:10:34 +0000
ROA not before: Wed 12 Jun 2024 06:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 12 Jun 2024 07:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0b:11:cd:9b:0f:4f:70:82:32:db:dd:9e:5e:2a:61:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 12 06:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9120f1d695fc1c44dada01ece36ca2b2b755737b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a1:9f:70:fc:d4:07:1f:3a:d3:f8:54:3a:57:
4c:f3:05:24:fe:2e:a9:7f:44:ee:a5:fa:2a:8a:53:
bd:1d:2d:5e:02:5a:8a:db:43:7c:07:8d:0f:5b:1c:
c7:e6:84:8a:48:ba:40:c2:b3:04:f9:01:b6:c4:1e:
b9:7a:1e:1e:61:79:30:04:09:50:cd:3a:c2:4d:74:
45:e4:79:a3:3e:84:a1:c8:8c:b3:90:10:3c:17:5e:
83:76:f6:69:ba:b2:ae:29:a7:b5:53:bf:89:a5:46:
b9:fd:1e:ef:02:0f:90:8c:6e:db:6a:8e:15:9a:ae:
b5:30:04:48:70:a8:c2:2a:cd:f2:39:44:24:f5:7b:
70:7a:a5:0e:db:d5:bf:3a:ae:76:15:0f:f9:63:2a:
12:a0:23:16:83:82:b5:cb:f2:e4:5e:51:e3:64:98:
b8:cc:d9:67:bf:97:a5:93:9d:47:cc:d9:9b:62:54:
9c:e6:f9:1b:79:8c:72:23:7b:f9:1d:c5:26:53:9d:
48:c2:5e:89:ad:1d:22:00:f8:c8:94:e7:57:50:7f:
05:2b:4a:7a:b6:ea:54:ff:9b:02:ce:ce:ea:4e:c0:
52:dc:08:a7:20:e8:ff:4e:05:d9:3b:5d:7e:96:4f:
8a:c8:76:e3:59:ca:b2:1d:ae:5c:2d:ce:8e:57:67:
61:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:20:F1:D6:95:FC:1C:44:DA:DA:01:EC:E3:6C:A2:B2:B7:55:73:7B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kSDx1pX8HETa2gHs42yisrdVc3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
14:f3:72:f2:46:76:cc:24:b5:5b:69:4a:21:5d:11:ea:c1:0a:
14:ea:7d:db:8e:f2:a7:ce:de:26:77:9c:a5:5e:96:b0:3c:65:
75:ba:c3:25:ce:17:7b:1c:6b:2c:ee:ec:1c:9b:31:e5:64:4e:
78:81:bc:25:f9:51:80:43:23:bd:9d:3d:85:92:10:c9:e6:6e:
b0:ef:11:96:a4:7e:0d:af:5a:9e:2d:44:85:99:cc:62:67:ff:
60:9f:09:84:fb:09:44:ce:de:91:40:16:d6:f5:fa:b7:57:9c:
3a:b3:ab:d3:77:ae:e3:20:d6:29:02:67:46:1a:51:28:e8:ba:
e6:15:cb:5f:db:4e:4f:f7:ef:5e:3a:9a:2e:1b:06:17:21:e0:
71:06:37:41:e0:bd:79:d7:5c:9a:c0:db:27:a1:82:4c:ea:63:
01:a1:45:b4:6d:f8:90:2d:86:ed:29:18:d9:84:86:fc:9c:de:
91:56:ea:1b:88:31:4a:6c:64:ec:72:39:07:23:6c:ad:c8:65:
bf:01:01:29:da:14:f6:73:0b:55:5e:c0:80:12:42:5d:31:6c:
a8:f4:28:3e:38:3c:4f:8a:bf:70:04:35:5f:2a:dc:34:63:9a:
81:79:7b:d4:f1:bd:be:78:aa:8c:9d:cd:9c:25:5e:72:3d:8e:
ed:cc:fe:c3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZALEc2bD09wgjLb3Z5eKmFQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjEyMDYxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTIwZjFkNjk1ZmMxYzQ0ZGFkYTAxZWNlMzZjYTJiMmI3NTU3MzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6GfcPzUBx860/hUOldM8wUk/i6p
f0TupfoqilO9HS1eAlqK20N8B40PWxzH5oSKSLpAwrME+QG2xB65eh4eYXkwBAlQ
zTrCTXRF5HmjPoShyIyzkBA8F16DdvZpurKuKae1U7+JpUa5/R7vAg+QjG7bao4V
mq61MARIcKjCKs3yOUQk9XtweqUO29W/Oq52FQ/5YyoSoCMWg4K1y/LkXlHjZJi4
zNlnv5elk51HzNmbYlSc5vkbeYxyI3v5HcUmU51Iwl6JrR0iAPjIlOdXUH8FK0p6
tupU/5sCzs7qTsBS3AinIOj/TgXZO11+lk+KyHbjWcqyHa5cLc6OV2dhQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJEg8daV/BxE2toB7ONsorK3VXN7MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEva1NEeDFwWDhIRVRhMmdIczQyeWlzcmRWYzNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABTzcvJGdswktVtpSiFd
EerBChTqfduO8qfO3iZ3nKVelrA8ZXW6wyXOF3scayzu7BybMeVkTniBvCX5UYBD
I72dPYWSEMnmbrDvEZakfg2vWp4tRIWZzGJn/2CfCYT7CUTO3pFAFtb1+rdXnDqz
q9N3ruMg1ikCZ0YaUSjouuYVy1/bTk/37146mi4bBhch4HEGN0HgvXnXXJrA2yeh
gkzqYwGhRbRt+JAthu0pGNmEhvyc3pFW6huIMUpsZOxyOQcjbK3IZb8BASnaFPZz
C1VewIASQl0xbKj0KD44PE+Kv3AENV8q3DRjmoF5e9Txvb54qoydzZwlXnI9ju3M
/sM=
-----END CERTIFICATE-----
Generated at Wed Jun 12 09:16:33 2024 by rpki-client on console-fra.rpki-client.org