Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oBuvSTNVZ0JTCTvupe0a_NmbftA.roa
File: oBuvSTNVZ0JTCTvupe0a_NmbftA.roa (raw, json)
Hash identifier: oBHlV0C8QhviRapfkv8z7qUhWy4hZ/t66QK6jSJ06LE=
Subject key identifier: A0:1B:AF:49:33:55:67:42:53:09:3B:EE:A5:ED:1A:FC:D9:9B:7E:D0
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01909B0EC2EF0FC2DB436633F088D6C035A1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oBuvSTNVZ0JTCTvupe0a_NmbftA.roa
Signing time: Wed 10 Jul 2024 05:12:34 +0000
ROA not before: Wed 10 Jul 2024 05:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Jul 2024 06:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9b:0e:c2:ef:0f:c2:db:43:66:33:f0:88:d6:c0:35:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 10 05:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a01baf493355674253093beea5ed1afcd99b7ed0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3f:7e:83:20:54:2e:81:a8:3d:6a:02:2f:7a:
aa:17:38:8d:c0:b2:87:66:2c:1c:d7:10:ba:7e:7c:
dc:eb:f8:37:60:75:6b:e1:83:1d:8a:df:2e:21:25:
20:4f:75:ee:58:86:b8:21:c0:41:66:49:b0:7a:15:
3c:ca:43:14:de:01:f2:24:3b:83:13:49:49:f2:df:
91:d2:2d:ee:85:a5:bd:8f:45:7c:34:fe:48:2f:f0:
27:55:92:9e:7a:71:ce:39:46:92:f9:5d:1a:cd:f9:
c3:6c:4b:f3:73:48:c0:b5:b1:78:c3:7d:2d:e7:cc:
c2:c6:f9:be:94:b3:e3:5f:6a:59:2a:1e:0e:61:22:
94:64:ad:5a:67:29:ec:0b:3a:82:58:0e:c5:7c:f1:
32:8c:0e:28:46:b3:ad:50:73:6e:df:f2:e3:a4:c3:
08:f9:cb:aa:21:38:d0:a7:30:d9:67:c3:81:05:cd:
57:88:5c:4f:f2:ab:8d:06:dc:4c:9d:b8:62:26:09:
f8:5f:a1:41:26:99:c7:08:01:2b:85:49:fc:f5:87:
a7:cf:a8:55:29:60:0c:59:0f:28:26:bb:92:36:3e:
fe:ef:4b:88:71:b3:f2:f3:93:c0:f5:50:0e:c9:d7:
70:41:dc:0a:da:dc:86:c1:27:81:90:19:33:aa:56:
4e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:1B:AF:49:33:55:67:42:53:09:3B:EE:A5:ED:1A:FC:D9:9B:7E:D0
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oBuvSTNVZ0JTCTvupe0a_NmbftA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:df:45:5c:37:b6:6b:96:7a:d5:a7:95:8d:41:3b:5e:71:15:
7f:86:e5:e1:f2:9d:21:9e:21:d8:12:c0:6d:90:e1:8c:fd:35:
0d:e4:22:72:99:73:66:6e:56:02:91:10:52:18:2f:36:31:99:
90:c8:67:53:35:45:bc:04:07:60:b7:c3:95:75:f7:e0:d1:d8:
a2:13:a3:c7:f2:5f:8e:a5:68:79:03:18:94:a4:9b:32:d6:9a:
53:84:3b:c7:c5:a1:ce:95:d4:e0:ee:59:d2:6f:6c:f3:5e:9d:
b4:82:ef:31:58:a6:30:bf:55:af:ad:21:e7:1e:ce:c1:26:7f:
03:6b:16:41:02:f0:23:f9:4d:15:7d:9d:f9:e3:39:4f:49:fd:
4d:13:0d:43:f1:19:ed:1e:98:b6:7b:b8:9b:43:c8:a5:27:68:
bd:59:c4:32:f1:a6:2b:a1:95:9e:ce:dc:85:eb:49:a7:52:da:
8d:22:97:3a:28:7e:f1:b8:f6:7e:84:45:04:79:ef:d2:54:be:
cd:bd:cf:3a:a6:b2:48:89:27:dd:12:9a:e6:e3:48:06:e4:11:
c0:e8:d1:a2:fd:1d:49:fe:a1:fb:f7:ed:48:42:b5:56:3a:84:
82:81:44:d9:73:12:f5:c2:fc:29:b2:d0:43:9d:89:de:0d:94:
79:44:b9:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCbDsLvD8LbQ2Yz8IjWwDWhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEwMDUxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDFiYWY0OTMzNTU2NzQyNTMwOTNiZWVhNWVkMWFmY2Q5OWI3ZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyj9+gyBULoGoPWoCL3qqFziNwLKH
Ziwc1xC6fnzc6/g3YHVr4YMdit8uISUgT3XuWIa4IcBBZkmwehU8ykMU3gHyJDuD
E0lJ8t+R0i3uhaW9j0V8NP5IL/AnVZKeenHOOUaS+V0azfnDbEvzc0jAtbF4w30t
58zCxvm+lLPjX2pZKh4OYSKUZK1aZynsCzqCWA7FfPEyjA4oRrOtUHNu3/LjpMMI
+cuqITjQpzDZZ8OBBc1XiFxP8quNBtxMnbhiJgn4X6FBJpnHCAErhUn89Yenz6hV
KWAMWQ8oJruSNj7+70uIcbPy85PA9VAOyddwQdwK2tyGwSeBkBkzqlZOrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKAbr0kzVWdCUwk77qXtGvzZm37QMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvb0J1dlNUTlZaMEpUQ1R2dXBlMGFfTm1iZnRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACTfRVw3tmuWetWnlY1B
O15xFX+G5eHynSGeIdgSwG2Q4Yz9NQ3kInKZc2ZuVgKREFIYLzYxmZDIZ1M1RbwE
B2C3w5V19+DR2KITo8fyX46laHkDGJSkmzLWmlOEO8fFoc6V1ODuWdJvbPNenbSC
7zFYpjC/Va+tIecezsEmfwNrFkEC8CP5TRV9nfnjOU9J/U0TDUPxGe0emLZ7uJtD
yKUnaL1ZxDLxpiuhlZ7O3IXrSadS2o0ilzoofvG49n6ERQR579JUvs29zzqmskiJ
J90SmubjSAbkEcDo0aL9HUn+ofv37UhCtVY6hIKBRNlzEvXC/Cmy0EOdid4NlHlE
udw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:34:51 2025 by rpki-client