Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/n1fBSeVorzzwMJErtd2_BVuvzJk.roa
File: n1fBSeVorzzwMJErtd2_BVuvzJk.roa (raw, json)
Hash identifier: v94NHWUpFciDAx9jfnCzdy5vQ+Ye0Ngf9YM56DBMrTU=
Subject key identifier: 9F:57:C1:49:E5:68:AF:3C:F0:30:91:2B:B5:DD:BF:05:5B:AF:CC:99
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190B75FE9BF75D5CD27BB3B314A421B07BC
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/n1fBSeVorzzwMJErtd2_BVuvzJk.roa
Signing time: Mon 15 Jul 2024 17:10:34 +0000
ROA not before: Mon 15 Jul 2024 17:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 Jul 2024 18:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b7:5f:e9:bf:75:d5:cd:27:bb:3b:31:4a:42:1b:07:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 15 17:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f57c149e568af3cf030912bb5ddbf055bafcc99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4d:4f:a7:b2:7c:40:91:2d:f8:e8:b5:b0:80:
21:6b:5d:f1:94:3c:64:b6:0a:35:b5:2b:b5:92:72:
aa:0d:88:b5:95:bd:f4:06:ab:e9:58:94:6c:f0:33:
91:7a:12:c5:bf:60:bb:97:f9:27:e9:11:b5:3d:28:
38:e7:47:96:ad:1b:de:8a:35:74:b8:57:6a:c5:c8:
99:0f:1f:10:c0:35:28:47:d3:0e:44:94:cc:1e:fe:
75:02:ab:7b:f0:3b:ff:e3:07:b1:f6:42:b9:b9:42:
58:62:a9:56:c5:60:41:1a:11:88:5d:7e:1e:a9:43:
55:56:9a:83:4d:32:e6:49:8e:91:eb:d0:5d:74:0a:
4e:96:36:b4:62:49:8c:eb:52:51:0f:26:c7:7b:12:
39:7f:79:35:fd:42:7e:7a:9b:75:dc:c6:ad:a2:94:
17:4e:29:b5:77:9a:63:c9:09:3c:a4:88:8b:b2:9b:
6b:65:db:7e:76:da:43:93:68:89:36:74:23:b5:31:
38:59:65:59:2e:65:00:b3:f5:fc:08:9c:0a:77:5d:
70:a4:67:c3:24:d5:e6:2b:cc:3f:35:46:1f:f2:bf:
64:bd:c9:9b:b9:d9:2d:75:53:a1:6a:da:8c:6c:02:
02:c1:a8:07:a1:57:79:d4:5c:1e:57:e6:0b:5d:83:
55:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:57:C1:49:E5:68:AF:3C:F0:30:91:2B:B5:DD:BF:05:5B:AF:CC:99
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/n1fBSeVorzzwMJErtd2_BVuvzJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:86:6e:1a:3d:6d:c2:6f:89:9c:25:9f:de:c9:85:ae:05:29:
e7:e5:70:d7:87:ae:a3:b6:a5:89:c0:f6:0d:61:de:5f:57:bc:
73:aa:00:54:61:50:e2:e0:c5:bb:67:1e:32:4b:3f:d9:19:4b:
97:d7:4e:1d:0b:3f:3d:88:a8:21:41:86:42:67:3b:cb:7a:ae:
b2:7f:c6:e9:f8:31:c9:51:19:93:52:24:9d:19:be:3e:9c:c5:
e1:18:ec:31:f4:2d:af:ae:62:f7:5b:53:19:ab:3e:48:4d:f6:
78:de:99:e2:92:8f:e8:e8:4e:45:54:ad:32:56:32:7e:29:5c:
fc:75:9b:3f:9d:f6:f7:4a:25:78:9f:4a:83:3c:97:b3:47:58:
3c:34:f5:8e:cf:ea:f8:5c:99:41:7e:67:c1:72:21:f3:0d:a7:
c6:79:e9:f9:37:52:bb:96:53:a3:d8:5c:8b:da:88:8a:8c:de:
de:4a:9c:7d:f3:52:6c:bb:c2:87:35:63:ac:45:53:bb:ab:c4:
2c:0f:d2:c1:e4:32:48:8e:a2:b8:09:32:24:51:a6:0d:f1:8a:
5c:b4:75:e4:e5:5d:1f:f3:61:66:4a:6a:c0:0b:17:5f:21:67:
1a:48:be:f3:74:e1:47:e5:71:dd:aa:08:07:94:53:cd:bf:bc:
13:6b:d1:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZC3X+m/ddXNJ7s7MUpCGwe8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzE1MTcxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjU3YzE0OWU1NjhhZjNjZjAzMDkxMmJiNWRkYmYwNTViYWZjYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsU1Pp7J8QJEt+Oi1sIAha13xlDxk
tgo1tSu1knKqDYi1lb30BqvpWJRs8DORehLFv2C7l/kn6RG1PSg450eWrRveijV0
uFdqxciZDx8QwDUoR9MORJTMHv51Aqt78Dv/4wex9kK5uUJYYqlWxWBBGhGIXX4e
qUNVVpqDTTLmSY6R69BddApOlja0YkmM61JRDybHexI5f3k1/UJ+ept13MatopQX
Tim1d5pjyQk8pIiLsptrZdt+dtpDk2iJNnQjtTE4WWVZLmUAs/X8CJwKd11wpGfD
JNXmK8w/NUYf8r9kvcmbudktdVOhatqMbAICwagHoVd51FweV+YLXYNVPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ9XwUnlaK888DCRK7XdvwVbr8yZMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbjFmQlNlVm9yenp3TUpFcnRkMl9CVnV2ekprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJmGbho9bcJviZwln97J
ha4FKeflcNeHrqO2pYnA9g1h3l9XvHOqAFRhUOLgxbtnHjJLP9kZS5fXTh0LPz2I
qCFBhkJnO8t6rrJ/xun4MclRGZNSJJ0Zvj6cxeEY7DH0La+uYvdbUxmrPkhN9nje
meKSj+joTkVUrTJWMn4pXPx1mz+d9vdKJXifSoM8l7NHWDw09Y7P6vhcmUF+Z8Fy
IfMNp8Z56fk3UruWU6PYXIvaiIqM3t5KnH3zUmy7woc1Y6xFU7urxCwP0sHkMkiO
orgJMiRRpg3xily0deTlXR/zYWZKasALF18hZxpIvvN04Uflcd2qCAeUU82/vBNr
0SY=
-----END CERTIFICATE-----
Generated at Mon Jul 15 20:53:19 2024 by rpki-client on console-fra.rpki-client.org