Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mU4x5FGW8KF654W3MPXssacFiHg.roa
File: mU4x5FGW8KF654W3MPXssacFiHg.roa (raw, json)
Hash identifier: iSZol8CqdkGJXpngQb+XRVpTEb+XXFGECTzUowHz/80=
Subject key identifier: 99:4E:31:E4:51:96:F0:A1:7A:E7:85:B7:30:F5:EC:B1:A7:05:88:78
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01903CA3EDE478B1392F079AE6F2ECE044A3
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mU4x5FGW8KF654W3MPXssacFiHg.roa
Signing time: Fri 21 Jun 2024 21:11:34 +0000
ROA not before: Fri 21 Jun 2024 21:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Jun 2024 22:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3c:a3:ed:e4:78:b1:39:2f:07:9a:e6:f2:ec:e0:44:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 21 21:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=994e31e45196f0a17ae785b730f5ecb1a7058878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:01:8a:17:16:7c:c2:70:c5:53:a2:73:e6:43:
03:0b:63:c8:aa:64:31:b9:79:7c:92:5f:a8:7d:05:
b7:16:c8:78:c4:55:56:a5:dd:33:37:00:bc:e7:0d:
2c:f8:c9:02:09:04:b5:29:22:8c:d6:e0:39:9e:8e:
11:f7:a0:ca:ba:48:27:16:f7:49:4c:11:f2:70:a3:
1d:ac:cd:f1:3b:4b:7e:40:58:24:80:88:73:4c:3f:
0e:b7:f6:b0:2b:7f:61:c6:ba:ac:e2:71:f8:fc:03:
6f:3b:6b:df:2c:53:d2:36:a3:2f:06:e2:9c:df:0a:
33:80:25:04:c4:bc:91:b9:b4:3f:cb:f0:e7:fb:0e:
29:d8:b5:8b:01:93:22:c5:42:9d:02:bd:c5:0c:ca:
38:84:b5:26:24:52:f3:ff:37:4c:3e:25:06:69:1c:
56:5e:9e:bd:aa:40:b1:7d:3c:4c:9b:f0:d6:b7:df:
61:1b:36:b8:d6:08:be:ab:13:22:9b:fd:42:25:70:
c8:82:6b:c2:b3:95:c0:35:e8:fa:f4:ba:bd:25:ef:
5e:f1:07:60:a1:f2:a8:2c:8e:d3:35:b2:34:2d:30:
61:5f:6f:f2:5f:62:05:40:bf:20:0f:cc:75:d5:4b:
43:c1:67:29:2d:67:8c:53:9a:97:44:01:0e:5b:23:
7c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:4E:31:E4:51:96:F0:A1:7A:E7:85:B7:30:F5:EC:B1:A7:05:88:78
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mU4x5FGW8KF654W3MPXssacFiHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
06:56:42:77:e4:b8:9f:8c:93:c3:f0:06:bc:b5:4e:e5:73:d9:
d5:0c:f0:5f:80:eb:d7:b0:ec:c8:49:d0:4c:ae:c9:c4:7c:0e:
97:72:3a:b7:ce:c1:0c:ad:8a:10:33:95:2a:5c:6e:4c:d0:4a:
5c:05:53:3d:d3:d7:68:53:89:b4:27:e9:75:fe:58:b2:9c:a7:
54:c2:12:57:24:e1:22:86:6c:5a:03:63:6a:5c:70:04:b3:d9:
96:bb:f7:d9:7a:a4:68:a0:37:a8:9c:1c:92:7e:55:96:79:76:
72:7a:8d:e6:28:44:72:29:f8:bb:59:4c:61:60:cd:d0:66:4e:
8d:36:41:19:b7:b0:f8:e8:5c:bb:19:20:47:6c:7f:be:3e:ac:
c5:2e:c1:9e:18:71:1d:8e:d2:5c:7f:b3:1b:f9:da:75:bc:27:
17:a2:02:1a:56:b3:d9:8a:35:fc:3b:83:fc:9a:a2:a3:74:b0:
91:3b:c0:fb:6a:ac:bd:cd:10:8e:63:82:16:1b:f0:57:15:cb:
74:9d:e8:57:76:43:da:12:d7:39:e8:7f:47:b8:70:af:23:42:
03:cc:15:2b:51:99:c0:b2:54:16:56:3a:b2:1c:97:44:31:df:
9f:07:3d:b0:31:92:68:42:25:00:f5:b0:2a:6b:43:be:16:96:
78:fb:8d:f2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZA8o+3keLE5Lwea5vLs4ESjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIxMjExMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTRlMzFlNDUxOTZmMGExN2FlNzg1YjczMGY1ZWNiMWE3MDU4ODc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAGKFxZ8wnDFU6Jz5kMDC2PIqmQx
uXl8kl+ofQW3Fsh4xFVWpd0zNwC85w0s+MkCCQS1KSKM1uA5no4R96DKukgnFvdJ
TBHycKMdrM3xO0t+QFgkgIhzTD8Ot/awK39hxrqs4nH4/ANvO2vfLFPSNqMvBuKc
3wozgCUExLyRubQ/y/Dn+w4p2LWLAZMixUKdAr3FDMo4hLUmJFLz/zdMPiUGaRxW
Xp69qkCxfTxMm/DWt99hGza41gi+qxMim/1CJXDIgmvCs5XANej69Lq9Je9e8Qdg
ofKoLI7TNbI0LTBhX2/yX2IFQL8gD8x11UtDwWcpLWeMU5qXRAEOWyN8RQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJlOMeRRlvCheueFtzD17LGnBYh4MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbVU0eDVGR1c4S0Y2NTRXM01QWHNzYWNGaUhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAZWQnfkuJ+Mk8PwBry1
TuVz2dUM8F+A69ew7MhJ0EyuycR8DpdyOrfOwQytihAzlSpcbkzQSlwFUz3T12hT
ibQn6XX+WLKcp1TCElck4SKGbFoDY2pccASz2Za799l6pGigN6icHJJ+VZZ5dnJ6
jeYoRHIp+LtZTGFgzdBmTo02QRm3sPjoXLsZIEdsf74+rMUuwZ4YcR2O0lx/sxv5
2nW8JxeiAhpWs9mKNfw7g/yaoqN0sJE7wPtqrL3NEI5jghYb8FcVy3Sd6Fd2Q9oS
1znof0e4cK8jQgPMFStRmcCyVBZWOrIcl0Qx358HPbAxkmhCJQD1sCprQ74Wlnj7
jfI=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:58:54 2025 by rpki-client