Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nPrkXQnRwLqNmOLdrgUEto08eYo.roa
File: nPrkXQnRwLqNmOLdrgUEto08eYo.roa (raw, json)
Hash identifier: g8bgIG/eD9Jw0G6OhOSDbootTFd6QIj3bOB+Zt/8IkA=
Subject key identifier: 9C:FA:E4:5D:09:D1:C0:BA:8D:98:E2:DD:AE:05:04:B6:8D:3C:79:8A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190445C8CEE0E2BEE6A5505A1BE29BB6330
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nPrkXQnRwLqNmOLdrgUEto08eYo.roa
Signing time: Sun 23 Jun 2024 09:10:34 +0000
ROA not before: Sun 23 Jun 2024 09:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 23 Jun 2024 10:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:44:5c:8c:ee:0e:2b:ee:6a:55:05:a1:be:29:bb:63:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 23 09:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9cfae45d09d1c0ba8d98e2ddae0504b68d3c798a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c2:19:20:b3:1b:c0:54:54:44:85:92:9e:70:
9c:5e:dd:99:79:37:ea:ea:ed:4e:67:8d:fb:11:84:
e9:e4:5a:da:c8:19:d7:fa:3d:39:eb:22:f8:25:c2:
83:7b:1a:ae:bd:ca:f4:9b:84:8d:75:df:af:f6:40:
a2:1d:31:a8:ee:0a:94:13:01:22:df:8b:00:2c:24:
22:44:52:5d:f5:6a:e9:9b:0c:fa:f5:e0:87:ea:96:
22:da:06:33:70:a9:f0:ea:84:42:f8:48:59:98:8a:
ae:dd:f4:24:90:8e:23:bd:a1:e5:14:2e:71:d4:29:
e5:2c:14:10:28:e9:17:bf:c3:7f:bf:05:c3:b5:09:
05:99:19:b8:42:31:f4:1d:c0:80:c7:17:e7:14:24:
df:17:94:5c:40:e2:00:e2:79:a9:00:8a:ab:5d:3a:
18:84:c3:a3:3c:8d:7d:21:36:91:02:f7:58:fc:59:
75:94:54:e0:f4:16:67:35:cb:fa:a6:40:b2:b6:b7:
70:3f:68:ab:17:d8:88:f3:34:b4:ae:94:86:94:50:
2e:36:b8:8f:7b:36:4a:ea:14:7f:f5:85:49:91:3b:
71:04:f2:57:34:0c:94:30:45:bc:0f:d9:8e:d2:8b:
26:3a:1f:86:86:a1:b3:fc:cb:82:25:81:e9:70:63:
59:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:FA:E4:5D:09:D1:C0:BA:8D:98:E2:DD:AE:05:04:B6:8D:3C:79:8A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nPrkXQnRwLqNmOLdrgUEto08eYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:7a:b2:6a:40:2b:8f:b0:e6:2d:a1:59:ce:e3:e0:63:02:ce:
bf:f1:07:d2:41:ee:b6:1f:15:6c:85:d9:8c:50:9e:16:42:5f:
45:e2:06:1d:a8:4a:2e:1b:e2:40:8f:ed:4d:d3:9d:fb:49:1b:
87:54:c1:d5:f5:ff:42:1e:55:81:f6:1e:ca:6a:e6:05:3f:be:
ad:ea:9a:7c:ce:18:b8:98:b9:8d:da:35:9c:02:18:ce:42:c6:
b1:a3:3c:11:5b:29:dd:24:bc:cb:17:68:c6:30:51:e2:6b:57:
1d:ff:3e:fd:be:c4:eb:f8:89:74:e6:7a:a0:93:9a:1e:20:5f:
47:1f:a4:c4:63:f9:43:2c:c6:9a:ba:a1:b3:ed:60:c6:ef:11:
f0:da:41:7b:2a:d8:3c:85:d9:c9:72:a2:65:17:47:d4:0f:11:
85:03:e9:02:17:57:fb:e7:d1:6e:86:5f:c2:7e:37:65:75:2f:
c4:4b:a7:92:31:ac:7b:e3:63:f1:06:ec:69:3c:3b:66:7f:c1:
49:99:6c:e0:d2:a2:ac:82:ef:8d:70:54:c6:df:91:5d:f7:bd:
48:81:e2:15:3c:10:d3:cf:3c:97:11:ea:ea:6c:c9:ec:f9:58:
c0:58:53:cf:c8:06:90:d4:62:07:99:be:48:c1:a4:d1:0d:63:
0e:98:15:e5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBEXIzuDivualUFob4pu2MwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIzMDkxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2ZhZTQ1ZDA5ZDFjMGJhOGQ5OGUyZGRhZTA1MDRiNjhkM2M3OThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcIZILMbwFRURIWSnnCcXt2ZeTfq
6u1OZ437EYTp5FrayBnX+j056yL4JcKDexquvcr0m4SNdd+v9kCiHTGo7gqUEwEi
34sALCQiRFJd9Wrpmwz69eCH6pYi2gYzcKnw6oRC+EhZmIqu3fQkkI4jvaHlFC5x
1CnlLBQQKOkXv8N/vwXDtQkFmRm4QjH0HcCAxxfnFCTfF5RcQOIA4nmpAIqrXToY
hMOjPI19ITaRAvdY/Fl1lFTg9BZnNcv6pkCytrdwP2irF9iI8zS0rpSGlFAuNriP
ezZK6hR/9YVJkTtxBPJXNAyUMEW8D9mO0osmOh+GhqGz/MuCJYHpcGNZ9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJz65F0J0cC6jZji3a4FBLaNPHmKMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvblBya1hRblJ3THFObU9MZHJnVUV0bzA4ZVlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFh6smpAK4+w5i2hWc7j
4GMCzr/xB9JB7rYfFWyF2YxQnhZCX0XiBh2oSi4b4kCP7U3TnftJG4dUwdX1/0Ie
VYH2Hspq5gU/vq3qmnzOGLiYuY3aNZwCGM5CxrGjPBFbKd0kvMsXaMYwUeJrVx3/
Pv2+xOv4iXTmeqCTmh4gX0cfpMRj+UMsxpq6obPtYMbvEfDaQXsq2DyF2clyomUX
R9QPEYUD6QIXV/vn0W6GX8J+N2V1L8RLp5IxrHvjY/EG7Gk8O2Z/wUmZbODSoqyC
741wVMbfkV33vUiB4hU8ENPPPJcR6upsyez5WMBYU8/IBpDUYgeZvkjBpNENYw6Y
FeU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:01 2025 by rpki-client