Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/pMu5LSzAzMsTCC3D9yOlmRoRmMM.roa
File: pMu5LSzAzMsTCC3D9yOlmRoRmMM.roa (raw, json)
Hash identifier: zBpNF0DTx9dSLqheWmSR9eIYPVF8IpZ3nFVt/Nt7q7A=
Subject key identifier: A4:CB:B9:2D:2C:C0:CC:CB:13:08:2D:C3:F7:23:A5:99:1A:11:98:C3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190A32ED773D5BE8398E088FC4176CBE82B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/pMu5LSzAzMsTCC3D9yOlmRoRmMM.roa
Signing time: Thu 11 Jul 2024 19:04:34 +0000
ROA not before: Thu 11 Jul 2024 19:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:a32e:a24a/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 11 Jul 2024 19:11:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a3:2e:d7:73:d5:be:83:98:e0:88:fc:41:76:cb:e8:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 11 19:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4cbb92d2cc0cccb13082dc3f723a5991a1198c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:7b:47:6e:c3:04:0a:15:5f:05:80:e8:26:3c:
11:7f:29:37:d2:a8:8b:d2:99:05:9f:d2:e3:25:1a:
47:dc:70:e9:5b:9c:1d:fb:bf:39:d9:29:9b:9d:d1:
90:94:ad:a7:d9:7c:19:89:54:9e:37:21:92:ab:99:
44:7a:e2:4c:04:ea:2e:04:65:99:4b:00:15:2e:14:
e3:cd:77:36:b9:51:29:c5:89:63:dd:9f:81:b1:fc:
74:29:79:96:f1:78:6e:42:db:dc:2b:d8:cc:75:eb:
10:37:89:a0:de:5b:31:e6:3c:23:bd:72:78:39:2a:
b0:f1:92:e2:c3:94:a7:87:81:a2:6c:79:7b:2c:fe:
5c:04:17:ec:fb:05:46:5f:ca:0b:6b:1c:85:0f:d3:
c0:59:96:c8:e2:77:25:54:97:ac:67:b8:00:eb:95:
16:e5:f2:18:20:4a:98:94:cf:aa:54:b4:6f:e9:95:
4b:c3:fd:70:54:e1:fd:b9:3a:0c:79:28:59:71:07:
37:5f:3c:1d:be:5f:8b:73:96:61:08:32:8e:8d:f0:
63:b8:2c:e4:c3:ea:ca:25:cd:fa:97:56:7b:08:11:
f2:9b:77:b4:04:48:e0:04:26:2d:0d:db:83:64:bc:
25:69:10:f3:7f:85:0c:a3:3b:11:4d:0d:d6:af:28:
68:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:CB:B9:2D:2C:C0:CC:CB:13:08:2D:C3:F7:23:A5:99:1A:11:98:C3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/pMu5LSzAzMsTCC3D9yOlmRoRmMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:46:aa:89:da:af:64:0e:5a:cf:c4:fc:a7:b5:9b:1b:e2:19:
93:fc:12:c6:72:36:0d:72:c1:87:6c:be:d9:cb:af:fd:a1:56:
9b:4d:86:4b:64:b7:5a:ed:2f:53:a4:29:d9:a2:62:05:70:77:
c6:6a:a3:8d:f4:66:42:ee:a7:9c:31:ec:7b:b5:c6:85:41:34:
f4:92:f8:44:d1:b7:2a:b2:c8:58:92:85:04:59:ee:80:c3:cf:
86:78:7c:70:6a:cc:d6:01:ef:5e:aa:05:5a:19:da:5c:05:37:
e8:4c:c5:13:f5:d1:3e:ed:b9:11:1c:fc:a2:46:1b:fa:d0:81:
de:a1:d3:8e:1e:80:50:4e:67:f3:aa:51:73:85:43:ad:6e:55:
de:3a:bc:26:f8:ec:b1:42:bc:d0:ed:b3:27:30:cf:10:17:20:
1a:1e:1f:ef:24:f3:2b:49:3c:da:13:0b:2d:cd:e4:62:f2:f6:
5e:ed:30:24:13:08:14:db:1a:b0:49:18:5a:9b:cb:b6:c4:f2:
2d:23:27:fb:dd:13:88:46:74:1e:a4:2a:9d:84:40:b5:1f:fa:
e8:cf:dc:54:24:16:10:50:a9:bc:b4:2e:65:0c:e7:7b:12:0f:
27:08:21:2e:fc:4d:f2:bc:c5:bf:54:e0:a3:40:1f:ef:07:07:
11:18:91:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCjLtdz1b6DmOCI/EF2y+grMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzExMTkwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGNiYjkyZDJjYzBjY2NiMTMwODJkYzNmNzIzYTU5OTFhMTE5OGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4XtHbsMEChVfBYDoJjwRfyk30qiL
0pkFn9LjJRpH3HDpW5wd+7852SmbndGQlK2n2XwZiVSeNyGSq5lEeuJMBOouBGWZ
SwAVLhTjzXc2uVEpxYlj3Z+Bsfx0KXmW8XhuQtvcK9jMdesQN4mg3lsx5jwjvXJ4
OSqw8ZLiw5Snh4GibHl7LP5cBBfs+wVGX8oLaxyFD9PAWZbI4nclVJesZ7gA65UW
5fIYIEqYlM+qVLRv6ZVLw/1wVOH9uToMeShZcQc3Xzwdvl+Lc5ZhCDKOjfBjuCzk
w+rKJc36l1Z7CBHym3e0BEjgBCYtDduDZLwlaRDzf4UMozsRTQ3WryhoVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKTLuS0swMzLEwgtw/cjpZkaEZjDMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcE11NUxTekF6TXNUQ0MzRDl5T2xtUm9SbU1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADtGqonar2QOWs/E/Ke1
mxviGZP8EsZyNg1ywYdsvtnLr/2hVptNhktkt1rtL1OkKdmiYgVwd8Zqo430ZkLu
p5wx7Hu1xoVBNPSS+ETRtyqyyFiShQRZ7oDDz4Z4fHBqzNYB716qBVoZ2lwFN+hM
xRP10T7tuREc/KJGG/rQgd6h044egFBOZ/OqUXOFQ61uVd46vCb47LFCvNDtsycw
zxAXIBoeH+8k8ytJPNoTCy3N5GLy9l7tMCQTCBTbGrBJGFqby7bE8i0jJ/vdE4hG
dB6kKp2EQLUf+ujP3FQkFhBQqby0LmUM53sSDycIIS78TfK8xb9U4KNAH+8HBxEY
kb8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:11 2025 by rpki-client