Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kc-gwH1abU3-wMPCCq9jXV7W4RQ.roa
File: kc-gwH1abU3-wMPCCq9jXV7W4RQ.roa (raw, json)
Hash identifier: CgTi6TQrCUpvT4+eQvGhpTqVyY5iIg0/8/LN2jJnBCE=
Subject key identifier: 91:CF:A0:C0:7D:5A:6D:4D:FE:C0:C3:C2:0A:AF:63:5D:5E:D6:E1:14
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190B31630C0F4550B5D4907DAA029DC7D38
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kc-gwH1abU3-wMPCCq9jXV7W4RQ.roa
Signing time: Sun 14 Jul 2024 21:11:34 +0000
ROA not before: Sun 14 Jul 2024 21:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 14 Jul 2024 22:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b3:16:30:c0:f4:55:0b:5d:49:07:da:a0:29:dc:7d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 14 21:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91cfa0c07d5a6d4dfec0c3c20aaf635d5ed6e114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:53:f6:24:6b:9b:02:0d:f7:10:7c:88:51:5b:
62:0a:81:b1:88:8e:b6:15:fa:d4:1d:74:f7:06:3a:
5f:7c:4b:c2:60:23:d3:5c:46:08:13:58:59:c0:dc:
da:a4:88:b0:bd:49:53:eb:52:e9:de:bd:48:04:1a:
15:d0:3c:90:b1:96:41:34:9e:9d:4c:4f:3a:77:92:
12:4d:fb:61:50:26:88:2a:f8:94:ee:c5:47:7f:97:
a0:eb:50:3d:bc:4e:03:7e:e3:f9:bf:7a:9d:4c:ba:
07:e0:33:1d:17:ae:ee:d0:80:02:db:d2:20:64:99:
f6:fc:73:07:f7:53:6b:3d:fe:54:af:ba:8f:f6:e2:
db:65:b6:35:80:f5:a6:cb:83:cd:7c:fc:7b:13:c3:
9d:a2:dc:ea:ba:99:e6:80:37:fe:fc:6f:4a:46:c0:
d7:3f:50:7e:63:70:70:1d:f9:52:6b:fa:0d:75:eb:
2f:a1:c8:1f:6a:a0:13:7e:3c:57:6c:a6:0a:5d:9b:
1c:28:97:d5:78:5a:60:08:b4:77:c5:ae:09:11:72:
8e:65:48:7b:bb:a9:40:02:c6:7d:f2:2e:2f:2b:c1:
56:47:4f:01:86:c4:4f:e7:74:89:45:52:65:ab:6e:
3c:e3:2e:fe:e3:0e:5d:27:54:1d:c7:83:7c:85:13:
09:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:CF:A0:C0:7D:5A:6D:4D:FE:C0:C3:C2:0A:AF:63:5D:5E:D6:E1:14
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kc-gwH1abU3-wMPCCq9jXV7W4RQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2b:e8:a6:30:20:9f:85:b8:3e:95:5f:25:64:2a:22:0b:38:b9:
80:c7:7e:d3:17:29:6e:a3:d0:6a:c3:45:c5:3a:14:25:ea:a6:
f4:21:26:e2:04:f3:0b:8c:67:75:86:d5:61:b3:96:f8:5d:3e:
cf:ae:e9:60:8b:35:89:03:9b:c6:1d:ac:9f:1b:6e:ff:94:cd:
27:cc:5c:91:88:07:9a:1e:d2:1c:1a:17:71:7e:5f:28:a7:d1:
67:bc:72:ad:36:eb:49:23:4a:4f:a3:e0:d4:99:eb:a4:8d:57:
18:95:d4:16:37:0b:39:e9:d8:b9:89:e1:26:b9:ec:dd:0a:c1:
88:3a:83:6d:7b:da:e3:13:32:09:e3:a7:d3:55:cc:03:a5:97:
82:4b:86:38:b2:98:cd:60:89:c3:7e:77:f9:ce:3a:5c:8a:b8:
47:7c:3c:ce:60:1f:e2:32:96:bb:b4:5a:2b:14:eb:9e:1d:3a:
48:a7:1c:ef:87:0e:d0:6e:f8:3e:0c:0d:03:1c:15:35:9d:bf:
72:2d:ef:bc:b4:3d:a3:d2:ad:c8:81:c6:cb:af:da:eb:0b:ba:
37:df:a7:4a:ff:ac:31:d8:6f:75:eb:39:97:06:40:c7:7b:fe:
e6:94:49:07:f0:48:5a:78:4c:e1:98:15:47:59:39:f4:da:be:
39:b1:fa:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCzFjDA9FULXUkH2qAp3H04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzE0MjExMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWNmYTBjMDdkNWE2ZDRkZmVjMGMzYzIwYWFmNjM1ZDVlZDZlMTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lP2JGubAg33EHyIUVtiCoGxiI62
FfrUHXT3BjpffEvCYCPTXEYIE1hZwNzapIiwvUlT61Lp3r1IBBoV0DyQsZZBNJ6d
TE86d5ISTfthUCaIKviU7sVHf5eg61A9vE4DfuP5v3qdTLoH4DMdF67u0IAC29Ig
ZJn2/HMH91NrPf5Ur7qP9uLbZbY1gPWmy4PNfPx7E8OdotzqupnmgDf+/G9KRsDX
P1B+Y3BwHflSa/oNdesvocgfaqATfjxXbKYKXZscKJfVeFpgCLR3xa4JEXKOZUh7
u6lAAsZ98i4vK8FWR08BhsRP53SJRVJlq2484y7+4w5dJ1Qdx4N8hRMJOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJHPoMB9Wm1N/sDDwgqvY11e1uEUMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEva2MtZ3dIMWFiVTMtd01QQ0NxOWpYVjdXNFJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACvopjAgn4W4PpVfJWQq
Igs4uYDHftMXKW6j0GrDRcU6FCXqpvQhJuIE8wuMZ3WG1WGzlvhdPs+u6WCLNYkD
m8YdrJ8bbv+UzSfMXJGIB5oe0hwaF3F+Xyin0We8cq0260kjSk+j4NSZ66SNVxiV
1BY3Cznp2LmJ4Sa57N0KwYg6g2172uMTMgnjp9NVzAOll4JLhjiymM1gicN+d/nO
OlyKuEd8PM5gH+Iylru0WisU654dOkinHO+HDtBu+D4MDQMcFTWdv3It77y0PaPS
rciBxsuv2usLujffp0r/rDHYb3XrOZcGQMd7/uaUSQfwSFp4TOGYFUdZOfTavjmx
+ic=
-----END CERTIFICATE-----
Generated at Sun Jul 14 23:20:24 2024 by rpki-client on console-fra.rpki-client.org