Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oqFdPXRAQBF6241_pJWx3wb0zLY.roa
File: oqFdPXRAQBF6241_pJWx3wb0zLY.roa (raw, json)
Hash identifier: m3+V065hKE0ytez+Vb+/cuhw1duP4at2SoYxNUOe5R4=
Subject key identifier: A2:A1:5D:3D:74:40:40:11:7A:DB:8D:7F:A4:95:B1:DF:06:F4:CC:B6
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190AC6F506338189CF6FAFE7FBB7B5A4C34
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oqFdPXRAQBF6241_pJWx3wb0zLY.roa
Signing time: Sat 13 Jul 2024 14:11:34 +0000
ROA not before: Sat 13 Jul 2024 14:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 13 Jul 2024 15:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ac:6f:50:63:38:18:9c:f6:fa:fe:7f:bb:7b:5a:4c:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 13 14:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2a15d3d744040117adb8d7fa495b1df06f4ccb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c0:b5:9b:9c:4a:da:69:6c:af:17:75:0b:da:
79:6e:aa:70:62:8f:43:25:92:c2:99:31:5d:f8:50:
4e:5a:48:ed:e0:8d:fd:0c:e8:95:bf:6c:53:9f:90:
a5:0e:d8:cc:62:02:1e:29:79:0e:b4:b2:dd:f3:49:
41:c6:32:a7:a9:83:66:55:51:7a:c0:f0:f5:49:b2:
0c:8d:9a:76:53:47:24:75:db:b5:b1:94:8a:be:92:
14:72:56:78:3f:41:cc:39:9c:d1:a3:d5:be:3e:ae:
45:2b:91:de:a5:ff:16:d7:28:6f:ac:e9:2e:e5:30:
1d:0b:e8:f4:1a:fd:6c:78:db:92:f3:71:a1:7f:de:
d2:99:30:f9:e5:e5:e0:3f:9c:f4:a2:80:a2:51:43:
90:14:52:4a:21:be:f9:91:8f:6b:4a:5f:89:e2:9e:
36:38:d6:88:33:a1:22:fd:36:0a:91:fc:31:dc:3c:
66:be:9f:6d:a4:8b:37:e1:d8:94:e2:13:9f:3d:9e:
73:ac:d3:65:e9:8e:89:51:30:c9:a7:dd:cc:82:72:
17:41:09:d9:fc:76:08:02:ed:b1:fe:db:75:28:03:
bd:37:cf:07:59:38:ec:12:9d:0c:4c:55:10:8a:0e:
75:d3:30:ad:ab:13:88:aa:55:ee:59:de:b9:29:bf:
01:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A1:5D:3D:74:40:40:11:7A:DB:8D:7F:A4:95:B1:DF:06:F4:CC:B6
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oqFdPXRAQBF6241_pJWx3wb0zLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2d:03:32:f2:23:7f:e3:33:30:83:75:12:c8:a7:87:7c:e9:3d:
14:85:51:81:b0:65:86:32:3f:20:13:cf:68:e4:94:3e:7a:96:
46:57:82:41:00:d2:fd:de:91:a5:9b:bf:9b:a1:78:7b:2e:a3:
4a:53:55:0f:29:69:38:1b:4a:84:c8:67:b8:a5:83:5f:20:71:
9a:a6:6d:f2:e3:f5:94:b2:d1:dd:b3:bb:80:ad:bc:33:52:f6:
3c:91:d8:bb:6f:6f:04:73:b7:a2:88:3d:27:74:88:7b:da:02:
ac:d3:4c:ef:e0:37:ed:22:bc:68:0c:94:80:a0:b6:51:e7:bb:
eb:0a:2e:23:ac:51:a9:9f:74:5a:2c:03:13:19:63:90:e8:27:
b1:a7:33:53:b3:8c:02:d3:18:81:67:a5:05:5a:20:a3:8f:5a:
5b:00:34:b8:8c:59:cb:d5:2f:76:42:26:50:37:81:f2:a3:a9:
ca:7d:fa:34:d0:b5:09:bb:a9:0e:8f:7f:d3:51:84:7c:8d:e2:
0c:29:3b:e2:4b:c7:9d:bb:5b:ba:f9:d3:c9:25:d7:5c:0a:df:
9d:e1:62:9e:2f:72:6f:3c:0a:94:3a:4c:03:85:29:38:19:40:
66:b1:18:13:da:14:0e:2a:d5:fc:18:ef:c2:27:25:29:05:f9:
a1:b8:c4:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCsb1BjOBic9vr+f7t7Wkw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEzMTQxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmExNWQzZDc0NDA0MDExN2FkYjhkN2ZhNDk1YjFkZjA2ZjRjY2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMC1m5xK2mlsrxd1C9p5bqpwYo9D
JZLCmTFd+FBOWkjt4I39DOiVv2xTn5ClDtjMYgIeKXkOtLLd80lBxjKnqYNmVVF6
wPD1SbIMjZp2U0ckddu1sZSKvpIUclZ4P0HMOZzRo9W+Pq5FK5Hepf8W1yhvrOku
5TAdC+j0Gv1seNuS83Ghf97SmTD55eXgP5z0ooCiUUOQFFJKIb75kY9rSl+J4p42
ONaIM6Ei/TYKkfwx3Dxmvp9tpIs34diU4hOfPZ5zrNNl6Y6JUTDJp93MgnIXQQnZ
/HYIAu2x/tt1KAO9N88HWTjsEp0MTFUQig510zCtqxOIqlXuWd65Kb8BYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKKhXT10QEARetuNf6SVsd8G9My2MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvb3FGZFBYUkFRQkY2MjQxX3BKV3gzd2IwekxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC0DMvIjf+MzMIN1Esin
h3zpPRSFUYGwZYYyPyATz2jklD56lkZXgkEA0v3ekaWbv5uheHsuo0pTVQ8paTgb
SoTIZ7ilg18gcZqmbfLj9ZSy0d2zu4CtvDNS9jyR2LtvbwRzt6KIPSd0iHvaAqzT
TO/gN+0ivGgMlICgtlHnu+sKLiOsUamfdFosAxMZY5DoJ7GnM1OzjALTGIFnpQVa
IKOPWlsANLiMWcvVL3ZCJlA3gfKjqcp9+jTQtQm7qQ6Pf9NRhHyN4gwpO+JLx527
W7r508kl11wK353hYp4vcm88CpQ6TAOFKTgZQGaxGBPaFA4q1fwY78InJSkF+aG4
xHA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:21 2025 by rpki-client