Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/njPXz411J3LiBLU782XYmmidTiY.roa
File: njPXz411J3LiBLU782XYmmidTiY.roa (raw, json)
Hash identifier: ffTo5sHe4ixnAQxEq5yQP4DbvNgIWrUwEV+86tlArU8=
Subject key identifier: 9E:33:D7:CF:8D:75:27:72:E2:04:B5:3B:F3:65:D8:9A:68:9D:4E:26
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190AAE8616C8C1B9B1AA4BDC24BCFA536D8
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/njPXz411J3LiBLU782XYmmidTiY.roa
Signing time: Sat 13 Jul 2024 07:04:34 +0000
ROA not before: Sat 13 Jul 2024 07:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:aae8:ed6/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 13 Jul 2024 07:11:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:aa:e8:61:6c:8c:1b:9b:1a:a4:bd:c2:4b:cf:a5:36:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 13 07:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e33d7cf8d752772e204b53bf365d89a689d4e26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d5:c1:1e:c7:30:4a:e1:ef:6f:ce:b4:b1:df:
92:9c:21:91:f3:c8:14:5e:5d:70:18:fb:90:95:69:
8c:c9:87:f5:83:dd:90:98:1d:f7:c6:b9:de:1e:73:
fd:71:ec:82:5d:7a:8d:7d:09:c2:c1:45:e8:84:8f:
3b:ef:a3:c5:f7:53:66:cb:23:e4:78:51:13:11:8a:
6c:44:88:01:57:0b:12:a8:6e:81:54:9c:5e:51:d1:
c0:85:1c:90:5c:b8:20:9e:0f:ff:76:16:24:69:ea:
9b:a4:35:fd:15:15:07:e4:4a:a9:66:4f:d6:4d:9c:
45:b7:93:50:21:c6:7a:c7:c0:73:2e:07:d1:ba:f0:
59:b5:3d:b3:8e:a1:a2:b5:c2:5d:d7:a5:42:78:27:
01:19:8e:07:d3:1b:d2:f2:4d:b6:db:b2:4e:e4:5a:
97:b5:cf:6a:d6:74:42:9b:1b:8b:70:1d:dd:7c:b2:
b5:80:c4:98:21:0c:e2:d7:86:86:5e:a9:71:66:34:
c9:cd:a1:e7:f7:8c:4f:eb:5a:10:3d:a6:9c:d6:c1:
84:54:6a:d5:dd:cc:cd:a2:7c:a1:b9:fa:93:8b:cf:
fe:cf:bb:7d:20:cf:ad:b4:21:af:24:4d:4b:99:92:
8c:0d:cd:8c:54:cb:de:91:8f:24:4e:1b:1e:b9:ea:
a4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:33:D7:CF:8D:75:27:72:E2:04:B5:3B:F3:65:D8:9A:68:9D:4E:26
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/njPXz411J3LiBLU782XYmmidTiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:15:cb:a0:27:78:f9:c2:45:d8:fc:09:f8:bb:64:1a:dc:7c:
b6:85:40:b8:c8:61:9b:79:66:38:3d:ca:c7:7e:34:b6:a6:88:
24:14:29:7b:41:c1:e9:f4:ff:42:45:0f:b8:46:c1:4f:40:59:
85:6e:bc:49:2c:2e:b8:1d:cf:55:43:60:5e:33:d4:bb:45:f6:
fe:2b:a0:3b:96:61:6d:66:e6:ec:27:19:d6:47:c7:4d:5f:4a:
a3:e3:01:6b:9e:81:24:75:93:e7:58:3a:ec:d1:28:fe:c8:ab:
fc:4d:4d:c6:fd:d1:8f:a1:6f:46:b7:0d:7a:63:b7:d1:1f:24:
bd:28:89:33:96:5c:0c:6e:db:e5:40:eb:a7:55:fc:bf:3a:89:
c1:ba:dc:b4:a4:ae:b5:74:f6:e4:63:25:7e:ef:24:ff:05:8a:
e4:0a:bc:98:1c:e3:22:47:48:3b:e4:a1:63:95:15:02:ad:19:
d0:d5:32:35:0e:0d:0b:33:76:02:47:ef:85:8f:72:b7:b8:55:
5f:12:5c:66:67:e1:51:b5:ff:bc:0d:c9:0f:17:87:25:56:b8:
63:43:87:57:8f:fb:bf:6b:dd:f7:c3:53:e8:6b:34:9d:40:72:
a6:4b:1c:57:90:ec:bc:27:3b:b5:36:3d:c0:9d:33:83:8c:de:
18:ce:00:8d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCq6GFsjBubGqS9wkvPpTbYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEzMDcwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTMzZDdjZjhkNzUyNzcyZTIwNGI1M2JmMzY1ZDg5YTY4OWQ0ZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdXBHscwSuHvb860sd+SnCGR88gU
Xl1wGPuQlWmMyYf1g92QmB33xrneHnP9ceyCXXqNfQnCwUXohI8776PF91NmyyPk
eFETEYpsRIgBVwsSqG6BVJxeUdHAhRyQXLggng//dhYkaeqbpDX9FRUH5EqpZk/W
TZxFt5NQIcZ6x8BzLgfRuvBZtT2zjqGitcJd16VCeCcBGY4H0xvS8k2227JO5FqX
tc9q1nRCmxuLcB3dfLK1gMSYIQzi14aGXqlxZjTJzaHn94xP61oQPaac1sGEVGrV
3czNonyhufqTi8/+z7t9IM+ttCGvJE1LmZKMDc2MVMvekY8kThseueqkfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ4z18+NdSdy4gS1O/Nl2JponU4mMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbmpQWHo0MTFKM0xpQkxVNzgyWFltbWlkVGlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEQVy6AnePnCRdj8Cfi7
ZBrcfLaFQLjIYZt5Zjg9ysd+NLamiCQUKXtBwen0/0JFD7hGwU9AWYVuvEksLrgd
z1VDYF4z1LtF9v4roDuWYW1m5uwnGdZHx01fSqPjAWuegSR1k+dYOuzRKP7Iq/xN
Tcb90Y+hb0a3DXpjt9EfJL0oiTOWXAxu2+VA66dV/L86icG63LSkrrV09uRjJX7v
JP8FiuQKvJgc4yJHSDvkoWOVFQKtGdDVMjUODQszdgJH74WPcre4VV8SXGZn4VG1
/7wNyQ8XhyVWuGNDh1eP+79r3ffDU+hrNJ1AcqZLHFeQ7LwnO7U2PcCdM4OM3hjO
AI0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:12 2025 by rpki-client