Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/meLduZ2G4aLYMr3q2iAknnNoAm0.roa
File: meLduZ2G4aLYMr3q2iAknnNoAm0.roa (raw, json)
Hash identifier: fenymxXHIf9EFl599lODGa7fQ3HXlpDr+Tp+vJxnrok=
Subject key identifier: 99:E2:DD:B9:9D:86:E1:A2:D8:32:BD:EA:DA:20:24:9E:73:68:02:6D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FAFE0E52F1668ED07991F8316DC970EDA
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/meLduZ2G4aLYMr3q2iAknnNoAm0.roa
Signing time: Sat 25 May 2024 13:11:42 +0000
ROA not before: Sat 25 May 2024 13:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 25 May 2024 14:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:af:e0:e5:2f:16:68:ed:07:99:1f:83:16:dc:97:0e:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 25 13:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99e2ddb99d86e1a2d832bdeada20249e7368026d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:30:0e:3c:84:43:75:7a:8f:6e:59:a5:83:53:
38:a2:c7:9f:15:32:87:96:76:99:c6:b0:5f:c6:c4:
5f:69:5a:04:cb:5b:eb:78:15:f5:8c:41:85:59:31:
e1:f8:0f:3c:fa:00:65:e9:5c:cd:6a:f0:a1:a4:bf:
f4:41:02:25:e2:06:32:13:fe:e2:05:06:af:00:08:
fc:92:88:f1:8b:18:4f:1f:6b:63:eb:8d:b7:8e:e7:
21:94:45:1e:25:27:03:9a:55:6a:da:1b:bb:8b:de:
e7:6e:43:99:a7:b0:d9:80:55:30:98:63:cb:49:7f:
8c:1f:c4:20:37:5d:2a:4b:65:94:c8:00:64:18:e1:
c5:5b:a1:41:7f:42:a7:e5:3c:6e:4b:77:fa:71:62:
df:e4:66:8e:5b:61:11:10:d2:61:0c:1d:2b:3c:f6:
24:1a:41:e2:36:5f:73:c4:62:5e:bd:5e:59:5c:e4:
86:82:7a:dc:36:42:c1:36:de:56:de:49:36:85:3c:
42:e2:79:7a:63:64:57:ec:e1:9b:01:31:c6:b6:1e:
44:9a:96:ee:3c:a0:c2:1e:97:2f:0f:77:2d:61:01:
27:7f:20:ce:10:97:52:5d:92:b1:46:20:42:90:bf:
31:a8:8c:9b:24:fa:c5:18:ea:57:d8:26:29:e4:98:
c0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:E2:DD:B9:9D:86:E1:A2:D8:32:BD:EA:DA:20:24:9E:73:68:02:6D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/meLduZ2G4aLYMr3q2iAknnNoAm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8b:b5:e9:e6:20:4f:86:32:64:f8:42:6b:63:e3:88:b5:4c:4b:
c5:42:61:93:94:b0:5e:86:8f:8b:35:5c:73:e1:5e:b1:ea:97:
5c:c6:b6:af:30:80:8e:ad:db:42:a9:3a:96:33:b0:d0:3d:27:
28:56:6e:7b:49:d2:51:c9:95:7b:48:d0:7e:95:5b:f9:43:2f:
d3:5d:e3:b4:26:86:a2:f9:ef:0f:0c:d2:d4:64:32:f2:d1:71:
8d:49:99:c4:e4:df:dc:38:3c:72:09:3c:bb:66:1f:bc:38:d7:
11:0b:c0:6e:a4:d3:a3:9b:0e:5b:fe:dc:dc:d9:06:be:51:e0:
9f:bd:2e:70:32:53:78:5c:90:14:4f:51:d8:fe:e9:1b:1b:43:
c8:4f:2e:2b:2b:87:7e:84:95:d6:38:a4:ab:1d:09:0d:06:ff:
28:06:e0:a0:c2:13:6f:f0:7f:d1:75:9d:97:17:45:30:a8:2a:
88:c9:56:3b:72:1c:23:09:5a:92:af:06:fa:00:ec:e8:9f:f1:
21:16:df:d0:cf:61:eb:75:c1:a8:f7:ab:be:62:f2:e2:0b:b4:
d6:90:89:d9:6e:6e:cd:3a:c6:53:b0:53:64:b0:81:21:86:cd:
c4:b0:15:cd:6b:11:58:7d:f9:c2:6a:91:5d:f0:17:7e:12:4c:
8e:22:89:a6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+v4OUvFmjtB5kfgxbclw7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI1MTMxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWUyZGRiOTlkODZlMWEyZDgzMmJkZWFkYTIwMjQ5ZTczNjgwMjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjAOPIRDdXqPblmlg1M4osefFTKH
lnaZxrBfxsRfaVoEy1vreBX1jEGFWTHh+A88+gBl6VzNavChpL/0QQIl4gYyE/7i
BQavAAj8kojxixhPH2tj6423juchlEUeJScDmlVq2hu7i97nbkOZp7DZgFUwmGPL
SX+MH8QgN10qS2WUyABkGOHFW6FBf0Kn5TxuS3f6cWLf5GaOW2ERENJhDB0rPPYk
GkHiNl9zxGJevV5ZXOSGgnrcNkLBNt5W3kk2hTxC4nl6Y2RX7OGbATHGth5Empbu
PKDCHpcvD3ctYQEnfyDOEJdSXZKxRiBCkL8xqIybJPrFGOpX2CYp5JjABwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJni3bmdhuGi2DK96togJJ5zaAJtMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbWVMZHVaMkc0YUxZTXIzcTJpQWtubk5vQW0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIu16eYgT4YyZPhCa2Pj
iLVMS8VCYZOUsF6Gj4s1XHPhXrHql1zGtq8wgI6t20KpOpYzsNA9JyhWbntJ0lHJ
lXtI0H6VW/lDL9Nd47QmhqL57w8M0tRkMvLRcY1JmcTk39w4PHIJPLtmH7w41xEL
wG6k06ObDlv+3NzZBr5R4J+9LnAyU3hckBRPUdj+6RsbQ8hPLisrh36EldY4pKsd
CQ0G/ygG4KDCE2/wf9F1nZcXRTCoKojJVjtyHCMJWpKvBvoA7Oif8SEW39DPYet1
waj3q75i8uILtNaQidlubs06xlOwU2SwgSGGzcSwFc1rEVh9+cJqkV3wF34STI4i
iaY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:47 2025 by rpki-client