Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mF6nY2rDxrDcr-psgbUHkeiMm7s.roa
File: mF6nY2rDxrDcr-psgbUHkeiMm7s.roa (raw, json)
Hash identifier: VQ+Po1671vEHDdLmtGKdYav2ej+BRnHvTbVLxEG61jY=
Subject key identifier: 98:5E:A7:63:6A:C3:C6:B0:DC:AF:EA:6C:81:B5:07:91:E8:8C:9B:BB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019013DE0066DE9EE06314759F6B40B43F57
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mF6nY2rDxrDcr-psgbUHkeiMm7s.roa
Signing time: Thu 13 Jun 2024 23:10:34 +0000
ROA not before: Thu 13 Jun 2024 23:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 14 Jun 2024 00:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:13:de:00:66:de:9e:e0:63:14:75:9f:6b:40:b4:3f:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 13 23:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=985ea7636ac3c6b0dcafea6c81b50791e88c9bbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2a:3a:c7:62:ce:33:38:b3:dd:9a:60:81:26:
fa:b7:6f:2c:c5:8c:df:f0:e4:fd:64:8c:fd:ff:89:
c4:9c:9c:63:50:72:c3:70:06:5b:d9:ab:72:4c:1b:
7c:cc:0e:f7:c5:40:8a:d0:b2:22:bb:c3:79:b0:98:
57:d5:76:07:28:05:84:8c:27:2b:e6:b9:96:61:b3:
ca:31:9e:ed:78:66:63:33:3f:82:80:74:1e:a9:91:
5f:a2:79:c9:e8:69:14:6a:b8:28:3c:ca:62:55:3b:
44:ff:66:cd:a6:09:11:62:10:8c:20:3b:53:48:fc:
14:45:de:2d:79:82:33:d3:44:0c:c2:d8:b2:30:7f:
5f:9c:78:ee:94:f9:94:88:f2:7d:f0:07:73:8a:b6:
32:5d:53:bc:0c:1e:46:90:13:03:05:1e:1e:6f:e0:
91:b4:97:8d:e2:23:da:58:0b:7e:b4:9f:a8:7e:6f:
8c:bb:c0:b3:a0:ed:1d:fd:9e:d3:c2:74:1f:e9:fa:
d4:5b:b5:5f:3b:3d:70:3a:8a:b0:80:ab:58:66:ba:
ad:32:04:3e:4a:90:cc:e7:6f:9c:e9:49:a1:1e:36:
fe:30:7d:87:fe:c3:b9:27:90:f2:d1:35:2b:78:7e:
7e:68:c2:4b:a0:de:b2:16:69:39:1e:46:fd:87:ea:
10:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:5E:A7:63:6A:C3:C6:B0:DC:AF:EA:6C:81:B5:07:91:E8:8C:9B:BB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mF6nY2rDxrDcr-psgbUHkeiMm7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2f:39:98:82:6b:74:09:39:d5:f2:2f:6e:5c:b4:92:20:47:41:
0a:e4:a9:82:eb:06:aa:12:fd:ac:a3:7f:24:ac:1a:cd:b2:00:
6a:dd:0a:71:b0:bd:36:63:00:b0:3c:7f:f0:f0:18:77:18:7e:
b8:fd:e6:92:a6:62:9d:11:eb:f8:e3:93:ca:8e:12:c4:85:f2:
b1:e2:04:82:68:e1:15:c0:95:71:81:a1:b2:c2:44:a6:9b:09:
9b:b5:68:55:76:60:dd:f8:2e:b6:34:7f:46:84:a8:ea:11:ae:
8b:3d:65:c6:2e:9d:34:94:e8:fc:f7:29:0b:1a:b7:99:c6:d8:
68:13:c4:89:ee:0b:d3:51:3b:19:92:33:a3:4b:75:a0:d1:63:
b4:65:4c:d6:72:4a:f9:de:08:38:9b:50:24:8c:8b:44:a5:b9:
09:25:91:44:66:cf:1d:af:9e:88:74:d0:79:6c:bf:ff:94:8d:
2f:ee:49:7b:34:b1:09:6a:00:d7:22:d3:ab:5e:a9:43:81:05:
05:fb:db:cd:3c:1e:b6:fe:25:f3:28:33:1e:10:5b:e6:09:37:
c7:dc:de:2c:33:b6:f3:09:76:0f:21:01:29:c8:7f:c9:af:f8:
68:86:48:36:a8:3a:26:8e:73:04:5e:81:0e:c3:ab:bc:2c:bd:
dd:db:a5:88
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAT3gBm3p7gYxR1n2tAtD9XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjEzMjMxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODVlYTc2MzZhYzNjNmIwZGNhZmVhNmM4MWI1MDc5MWU4OGM5YmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCo6x2LOMziz3ZpggSb6t28sxYzf
8OT9ZIz9/4nEnJxjUHLDcAZb2atyTBt8zA73xUCK0LIiu8N5sJhX1XYHKAWEjCcr
5rmWYbPKMZ7teGZjMz+CgHQeqZFfonnJ6GkUargoPMpiVTtE/2bNpgkRYhCMIDtT
SPwURd4teYIz00QMwtiyMH9fnHjulPmUiPJ98AdzirYyXVO8DB5GkBMDBR4eb+CR
tJeN4iPaWAt+tJ+ofm+Mu8CzoO0d/Z7TwnQf6frUW7VfOz1wOoqwgKtYZrqtMgQ+
SpDM52+c6UmhHjb+MH2H/sO5J5Dy0TUreH5+aMJLoN6yFmk5Hkb9h+oQfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJhep2Nqw8aw3K/qbIG1B5HojJu7MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbUY2blkyckR4ckRjci1wc2diVUhrZWlNbTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC85mIJrdAk51fIvbly0
kiBHQQrkqYLrBqoS/ayjfySsGs2yAGrdCnGwvTZjALA8f/DwGHcYfrj95pKmYp0R
6/jjk8qOEsSF8rHiBIJo4RXAlXGBobLCRKabCZu1aFV2YN34LrY0f0aEqOoRros9
ZcYunTSU6Pz3KQsat5nG2GgTxInuC9NROxmSM6NLdaDRY7RlTNZySvneCDibUCSM
i0SluQklkURmzx2vnoh00Hlsv/+UjS/uSXs0sQlqANci06teqUOBBQX72808Hrb+
JfMoMx4QW+YJN8fc3iwztvMJdg8hASnIf8mv+GiGSDaoOiaOcwRegQ7Dq7wsvd3b
pYg=
-----END CERTIFICATE-----
Generated at Fri Jun 14 01:56:05 2024 by rpki-client on console-ams.rpki-client.org