Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lG9CAviSqB_63QNR5UQgEyYok8s.roa
File: lG9CAviSqB_63QNR5UQgEyYok8s.roa (raw, json)
Hash identifier: DmLPZwHfO2zyKy03YAjLZ4QrmvJd926XhRof8piBEzw=
Subject key identifier: 94:6F:42:02:F8:92:A8:1F:FA:DD:03:51:E5:44:20:13:26:28:93:CB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190396C324DB29701428B55380C8EA9E1CB
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lG9CAviSqB_63QNR5UQgEyYok8s.roa
Signing time: Fri 21 Jun 2024 06:11:50 +0000
ROA not before: Fri 21 Jun 2024 06:11:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Jun 2024 07:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:39:6c:32:4d:b2:97:01:42:8b:55:38:0c:8e:a9:e1:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 21 06:11:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=946f4202f892a81ffadd0351e5442013262893cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:11:7c:72:22:02:11:92:18:75:60:61:d2:b4:
23:b6:a9:63:5d:72:ef:0e:29:41:2c:c6:37:08:96:
2b:27:1e:e8:88:11:58:10:ea:c7:1c:0b:c6:06:09:
85:36:ab:10:89:f0:97:fa:82:53:59:70:05:d6:7a:
e4:e7:66:48:57:91:74:48:1a:1c:d8:0a:a1:20:e7:
9d:8f:d7:34:77:37:0f:46:77:9c:a4:45:c3:d5:24:
df:07:b9:12:41:99:12:89:55:41:43:f3:f0:f7:17:
c7:85:23:50:93:bb:b4:00:48:50:3e:42:33:51:08:
14:04:ac:97:0b:01:dd:cd:ce:ea:e8:da:39:1d:dd:
4f:91:2f:65:54:0f:23:53:b9:6d:00:fe:7d:72:55:
1f:51:ff:f9:57:c4:76:2a:97:4f:74:de:14:1d:e4:
8f:9b:ad:64:a7:a2:e3:36:47:dc:6c:fc:fb:4f:c1:
32:cc:e5:26:17:da:26:88:04:5c:3c:41:0e:04:87:
1e:c3:9b:08:40:d7:6a:99:21:a6:7f:33:40:11:2b:
a0:96:7a:b5:e3:5b:a4:b9:34:bd:6a:f5:af:c3:70:
aa:80:47:1d:49:ef:db:af:14:63:1c:d9:ac:6c:d0:
a4:38:ae:60:d8:20:6a:2f:37:d9:e3:87:87:c4:23:
84:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:6F:42:02:F8:92:A8:1F:FA:DD:03:51:E5:44:20:13:26:28:93:CB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lG9CAviSqB_63QNR5UQgEyYok8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:2d:ee:34:69:77:7d:ac:ab:36:df:f0:82:b3:2c:53:39:d9:
2c:24:85:35:d3:73:c0:0d:ba:c9:9b:dd:2e:b3:2e:99:9e:e7:
e5:13:c5:3d:d3:93:11:33:9f:b6:bd:ad:a6:a8:81:a2:a2:46:
7c:05:dd:3d:5b:fd:ac:14:8c:14:36:51:cf:f2:02:5c:17:42:
a7:f0:00:33:d1:6e:d4:9a:2c:b8:78:ee:3c:a9:9b:2b:4a:c6:
bc:c1:31:c5:7c:bb:bc:a2:38:8f:68:97:dd:e5:a1:56:28:7e:
6f:3a:d2:78:64:88:a1:6b:26:4d:af:22:97:9e:97:9a:a9:a1:
8e:06:93:8d:e3:90:c4:f3:50:2f:a7:20:4c:60:f7:76:70:ca:
d3:40:40:a2:ca:7e:31:fb:89:c2:94:67:a2:fd:e3:07:58:13:
4c:e5:fb:b7:76:a6:c1:18:30:ed:e0:9d:d4:17:f1:01:68:fc:
23:8b:6d:d7:59:83:c3:c6:fb:1d:68:ae:d0:8a:86:d5:d4:30:
32:b6:48:58:c8:8e:aa:d9:60:98:bd:e6:0d:66:a4:e6:ac:37:
58:8e:c5:c0:e0:15:bf:87:de:a6:4b:13:0f:a7:f8:6d:62:74:
0a:6a:e6:fa:b8:19:36:4f:23:08:a9:f9:31:3b:a3:38:fd:33:
9a:c4:ad:82
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZA5bDJNspcBQotVOAyOqeHLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIxMDYxMTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDZmNDIwMmY4OTJhODFmZmFkZDAzNTFlNTQ0MjAxMzI2Mjg5M2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhF8ciICEZIYdWBh0rQjtqljXXLv
DilBLMY3CJYrJx7oiBFYEOrHHAvGBgmFNqsQifCX+oJTWXAF1nrk52ZIV5F0SBoc
2AqhIOedj9c0dzcPRnecpEXD1STfB7kSQZkSiVVBQ/Pw9xfHhSNQk7u0AEhQPkIz
UQgUBKyXCwHdzc7q6No5Hd1PkS9lVA8jU7ltAP59clUfUf/5V8R2KpdPdN4UHeSP
m61kp6LjNkfcbPz7T8EyzOUmF9omiARcPEEOBIcew5sIQNdqmSGmfzNAESuglnq1
41ukuTS9avWvw3CqgEcdSe/brxRjHNmsbNCkOK5g2CBqLzfZ44eHxCOEJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJRvQgL4kqgf+t0DUeVEIBMmKJPLMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbEc5Q0F2aVNxQl82M1FOUjVVUWdFeVlvazhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADot7jRpd32sqzbf8IKz
LFM52SwkhTXTc8ANusmb3S6zLpme5+UTxT3TkxEzn7a9raaogaKiRnwF3T1b/awU
jBQ2Uc/yAlwXQqfwADPRbtSaLLh47jypmytKxrzBMcV8u7yiOI9ol93loVYofm86
0nhkiKFrJk2vIpeel5qpoY4Gk43jkMTzUC+nIExg93ZwytNAQKLKfjH7icKUZ6L9
4wdYE0zl+7d2psEYMO3gndQX8QFo/COLbddZg8PG+x1ortCKhtXUMDK2SFjIjqrZ
YJi95g1mpOasN1iOxcDgFb+H3qZLEw+n+G1idApq5vq4GTZPIwip+TE7ozj9M5rE
rYI=
-----END CERTIFICATE-----
Generated at Fri Jun 21 11:03:51 2024 by rpki-client on console-fra.rpki-client.org