Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lkxagUKMjHludqzcX95y3ttK60A.roa
File: lkxagUKMjHludqzcX95y3ttK60A.roa (raw, json)
Hash identifier: 2+XGrvUNM2viwYXheF5yJ3+2PKYb5M9/hqsLXTPa/RM=
Subject key identifier: 96:4C:5A:81:42:8C:8C:79:6E:76:AC:DC:5F:DE:72:DE:DB:4A:EB:40
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019098E888DBD4BA98CF01DE2A66F31C0FD5
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lkxagUKMjHludqzcX95y3ttK60A.roa
Signing time: Tue 09 Jul 2024 19:11:34 +0000
ROA not before: Tue 09 Jul 2024 19:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Jul 2024 20:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:98:e8:88:db:d4:ba:98:cf:01:de:2a:66:f3:1c:0f:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 9 19:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=964c5a81428c8c796e76acdc5fde72dedb4aeb40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b2:e7:57:dd:1a:e8:89:f1:fe:24:69:98:d7:
1d:6a:c5:e7:c1:23:5b:b2:79:a7:1a:6d:1c:dd:ef:
42:9f:31:1d:82:1f:14:ee:12:22:d0:63:ab:c8:e6:
e5:6f:0c:47:17:20:d7:c4:9a:15:18:c0:6d:9b:bc:
70:da:76:c5:bf:ef:db:9f:fd:1a:a1:28:4c:c7:32:
89:29:8a:54:13:35:b9:d5:6f:94:7e:9e:fc:f5:94:
95:1d:2b:e3:6d:7d:33:a7:83:d7:da:0f:0e:09:e5:
78:1f:95:16:55:d2:02:1c:bb:ff:76:0e:6b:7f:5a:
99:67:32:52:f4:3c:0d:9b:83:67:54:bb:07:6c:ec:
53:7c:d2:85:5c:54:0c:02:a1:40:7e:70:48:e9:c0:
0a:bd:ac:d3:26:cf:26:33:82:0e:e1:53:5f:d3:d0:
78:b8:4e:6d:78:80:68:97:ed:af:59:b8:11:64:7c:
08:f4:2f:ef:4b:88:4a:f7:1e:18:a3:0f:f8:4c:0b:
87:8e:bf:a5:41:a9:e6:11:c4:27:48:bf:57:1a:4d:
0b:df:1a:a7:eb:9a:53:cb:49:c3:1c:f0:31:23:19:
6b:74:13:3c:8a:35:84:b2:71:ff:d4:df:43:12:a7:
a5:0f:c1:96:b3:52:9c:d7:72:af:36:80:60:b4:4d:
db:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:4C:5A:81:42:8C:8C:79:6E:76:AC:DC:5F:DE:72:DE:DB:4A:EB:40
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lkxagUKMjHludqzcX95y3ttK60A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:f6:1c:f2:44:85:ac:04:52:f1:5f:c9:b6:8f:7d:5b:f1:48:
00:55:18:62:71:fc:9a:c7:07:41:be:83:e9:a8:35:16:a2:0a:
65:27:b1:c1:a3:44:44:19:bf:22:35:ca:c4:ff:d9:6e:d1:2a:
de:37:e4:7a:fa:c9:2b:21:00:59:a7:09:f4:d0:1c:ad:e1:78:
ac:45:01:cd:fa:13:b8:6f:91:f6:b5:e9:e8:2a:0f:92:1e:e0:
2f:c7:b4:46:33:f6:7a:ff:b3:dd:fe:8c:0c:c4:a3:d9:89:5f:
94:0e:3f:78:3f:6f:e8:30:3d:65:70:36:96:2b:7b:40:f8:15:
02:e4:2a:08:af:d1:98:15:b3:74:d1:c3:76:75:83:3a:7c:8c:
09:d7:c7:39:d5:10:9d:3b:d6:60:be:0c:6b:39:a9:05:37:99:
f0:f0:ad:be:dd:84:31:11:53:0c:63:21:49:c4:83:03:71:23:
a2:64:38:01:a1:65:b3:76:09:1a:84:15:c8:76:1a:87:4e:91:
4e:49:58:43:77:75:54:4a:74:6b:ff:81:3e:27:0f:e4:b2:43:
06:19:14:d1:23:f5:4b:19:30:3b:fa:c8:7a:71:1b:59:39:52:
78:37:3b:e2:72:db:7b:b5:e2:25:b3:0b:01:50:41:41:3d:2c:
41:f3:40:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCY6Ijb1LqYzwHeKmbzHA/VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA5MTkxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjRjNWE4MTQyOGM4Yzc5NmU3NmFjZGM1ZmRlNzJkZWRiNGFlYjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7LnV90a6Inx/iRpmNcdasXnwSNb
snmnGm0c3e9CnzEdgh8U7hIi0GOryOblbwxHFyDXxJoVGMBtm7xw2nbFv+/bn/0a
oShMxzKJKYpUEzW51W+Ufp789ZSVHSvjbX0zp4PX2g8OCeV4H5UWVdICHLv/dg5r
f1qZZzJS9DwNm4NnVLsHbOxTfNKFXFQMAqFAfnBI6cAKvazTJs8mM4IO4VNf09B4
uE5teIBol+2vWbgRZHwI9C/vS4hK9x4Yow/4TAuHjr+lQanmEcQnSL9XGk0L3xqn
65pTy0nDHPAxIxlrdBM8ijWEsnH/1N9DEqelD8GWs1Kc13KvNoBgtE3boQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJZMWoFCjIx5bnas3F/ect7bSutAMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbGt4YWdVS01qSGx1ZHF6Y1g5NXkzdHRLNjBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADT2HPJEhawEUvFfybaP
fVvxSABVGGJx/JrHB0G+g+moNRaiCmUnscGjREQZvyI1ysT/2W7RKt435Hr6ySsh
AFmnCfTQHK3heKxFAc36E7hvkfa16egqD5Ie4C/HtEYz9nr/s93+jAzEo9mJX5QO
P3g/b+gwPWVwNpYre0D4FQLkKgiv0ZgVs3TRw3Z1gzp8jAnXxznVEJ071mC+DGs5
qQU3mfDwrb7dhDERUwxjIUnEgwNxI6JkOAGhZbN2CRqEFch2GodOkU5JWEN3dVRK
dGv/gT4nD+SyQwYZFNEj9UsZMDv6yHpxG1k5Ung3O+Jy23u14iWzCwFQQUE9LEHz
QG0=
-----END CERTIFICATE-----
Generated at Tue Jul 9 21:15:23 2024 by rpki-client on console-fra.rpki-client.org