Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/l4CEO5MzNoIwv4yo8RBhczg9Zc0.roa
File: l4CEO5MzNoIwv4yo8RBhczg9Zc0.roa (raw, json)
Hash identifier: AQtghXi2vYK1SoKyfQ976eAqf7LUoJyrjSIvcj+N4u8=
Subject key identifier: 97:80:84:3B:93:33:36:82:30:BF:8C:A8:F1:10:61:73:38:3D:65:CD
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190B0F0E007E9BF3A5BD4109B6E75B2EC5D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/l4CEO5MzNoIwv4yo8RBhczg9Zc0.roa
Signing time: Sun 14 Jul 2024 11:11:34 +0000
ROA not before: Sun 14 Jul 2024 11:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 14 Jul 2024 12:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b0:f0:e0:07:e9:bf:3a:5b:d4:10:9b:6e:75:b2:ec:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 14 11:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9780843b9333368230bf8ca8f1106173383d65cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:69:8c:96:06:05:28:af:35:e8:36:72:0b:14:
65:3e:50:ea:d6:71:7c:cf:0b:d3:4d:4e:88:78:63:
c2:c4:b5:5a:3e:5c:a2:f1:45:05:a5:84:16:06:a6:
14:08:32:7d:d7:9c:57:a5:3f:84:41:54:4b:09:45:
e5:78:d0:41:34:07:72:d4:96:60:79:3c:6f:94:b9:
0f:54:72:e7:82:37:07:67:42:dc:df:6b:19:11:05:
63:ab:7c:94:17:68:2a:56:b8:87:ce:a7:84:f5:49:
ef:f7:87:11:1a:0d:e0:ff:72:9f:4e:ec:1e:e5:28:
e6:fa:db:a6:c2:f7:47:23:65:fc:d8:87:18:2f:ef:
b6:e7:a3:a1:8a:81:e6:08:8c:54:73:fb:79:26:a4:
ae:42:9f:71:85:41:a0:4d:ff:c1:0f:07:dd:1e:e8:
65:cd:ff:61:56:06:31:f0:8c:b7:5e:14:c0:ee:64:
ab:6c:ff:fb:33:48:33:67:ee:dd:07:9b:ed:25:f3:
46:8e:74:14:5f:c2:c3:fc:86:ac:b6:46:de:9f:de:
70:8d:4b:23:45:2a:55:f6:b8:cd:04:cd:c7:bd:2e:
62:07:b2:f9:86:d8:96:a4:b9:94:39:37:a3:c5:28:
8b:d5:89:31:1e:b0:cd:ab:63:00:3c:4c:cd:08:35:
19:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:80:84:3B:93:33:36:82:30:BF:8C:A8:F1:10:61:73:38:3D:65:CD
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/l4CEO5MzNoIwv4yo8RBhczg9Zc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6c:ca:1e:59:55:1e:d7:d3:93:7d:87:4b:1f:c1:d1:1a:92:6d:
19:30:15:29:d0:20:ff:69:52:0f:49:76:5c:3c:0e:a6:d6:f8:
e2:12:85:86:7f:aa:b5:b0:a6:93:e5:19:b3:6e:1e:c9:dc:93:
de:1e:31:35:61:6d:cb:8e:7f:61:39:19:54:6f:1f:47:d6:29:
13:89:93:30:c6:f6:7d:40:6d:2d:00:65:bb:4d:3a:ba:fd:75:
82:42:a2:44:8c:a6:87:90:aa:5a:65:e1:40:aa:f3:4c:86:11:
56:d7:01:ea:27:d2:fc:81:de:af:c9:06:9b:b7:b0:23:60:70:
5d:44:f4:0d:76:01:c1:e8:09:b6:0b:eb:f3:00:89:c6:78:44:
ee:70:68:2f:e4:d3:03:ef:a6:5f:6e:88:b1:4e:4c:8a:a9:44:
49:b2:73:4a:4d:cb:90:15:d4:f4:02:16:2f:09:e9:18:4c:ad:
5f:1f:b0:b8:66:d4:3f:9d:7c:76:2a:e0:1c:13:19:0d:a4:9c:
8c:a9:c8:cd:ff:44:7f:d1:ef:46:9a:7b:b5:32:db:9a:90:d1:
d2:50:b8:1a:2b:5a:fb:54:df:f4:57:44:13:7b:78:ee:12:bb:
26:3a:33:74:60:16:43:d1:58:e1:11:15:8f:67:25:7b:1c:da:
53:52:f6:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCw8OAH6b86W9QQm251suxdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzE0MTExMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzgwODQzYjkzMzMzNjgyMzBiZjhjYThmMTEwNjE3MzM4M2Q2NWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmmMlgYFKK816DZyCxRlPlDq1nF8
zwvTTU6IeGPCxLVaPlyi8UUFpYQWBqYUCDJ915xXpT+EQVRLCUXleNBBNAdy1JZg
eTxvlLkPVHLngjcHZ0Lc32sZEQVjq3yUF2gqVriHzqeE9Unv94cRGg3g/3KfTuwe
5Sjm+tumwvdHI2X82IcYL++256OhioHmCIxUc/t5JqSuQp9xhUGgTf/BDwfdHuhl
zf9hVgYx8Iy3XhTA7mSrbP/7M0gzZ+7dB5vtJfNGjnQUX8LD/Iastkben95wjUsj
RSpV9rjNBM3HvS5iB7L5htiWpLmUOTejxSiL1YkxHrDNq2MAPEzNCDUZ2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJeAhDuTMzaCML+MqPEQYXM4PWXNMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbDRDRU81TXpOb0l3djR5bzhSQmhjemc5WmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGzKHllVHtfTk32HSx/B
0RqSbRkwFSnQIP9pUg9Jdlw8DqbW+OIShYZ/qrWwppPlGbNuHsnck94eMTVhbcuO
f2E5GVRvH0fWKROJkzDG9n1AbS0AZbtNOrr9dYJCokSMpoeQqlpl4UCq80yGEVbX
Aeon0vyB3q/JBpu3sCNgcF1E9A12AcHoCbYL6/MAicZ4RO5waC/k0wPvpl9uiLFO
TIqpREmyc0pNy5AV1PQCFi8J6RhMrV8fsLhm1D+dfHYq4BwTGQ2knIypyM3/RH/R
70aae7Uy25qQ0dJQuBorWvtU3/RXRBN7eO4SuyY6M3RgFkPRWOERFY9nJXsc2lNS
9mk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:02 2025 by rpki-client