Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/pfJ6h1eZoFU3cXmiv4NyDDszx_M.roa
File: pfJ6h1eZoFU3cXmiv4NyDDszx_M.roa (raw, json)
Hash identifier: 9N96L2I1w8fQ3YlLlZJzdERSzbzk79cb1tKYR13kv/g=
Subject key identifier: A5:F2:7A:87:57:99:A0:55:37:71:79:A2:BF:83:72:0C:3B:33:C7:F3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FB2741410E150DA48B1A4AD66F207FFBE
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/pfJ6h1eZoFU3cXmiv4NyDDszx_M.roa
Signing time: Sun 26 May 2024 01:11:42 +0000
ROA not before: Sun 26 May 2024 01:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 26 May 2024 02:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b2:74:14:10:e1:50:da:48:b1:a4:ad:66:f2:07:ff:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 26 01:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5f27a875799a055377179a2bf83720c3b33c7f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1c:9a:75:cc:fa:87:52:7f:58:7d:cc:5b:af:
d6:b9:45:9b:f5:b3:4f:d4:e3:1b:2c:6f:51:9d:97:
b3:8f:36:5e:8c:23:f5:8a:48:4a:4d:17:d9:c7:83:
16:e2:12:25:f7:7f:8a:9f:02:d1:bf:97:1d:a5:22:
95:47:bb:be:b1:75:b4:1c:cf:7b:f3:0f:9f:05:1a:
10:2a:e1:39:88:70:81:e1:c7:89:4b:ac:7a:fd:b4:
b1:cc:ca:7f:9a:4e:ea:b1:83:a1:61:73:6a:e8:a6:
d9:a4:75:72:98:1e:ca:e5:f7:33:e9:74:81:6b:b0:
04:ee:33:bd:c3:19:00:1a:d3:38:36:16:2a:d1:83:
da:c5:cd:ea:da:0a:a4:0b:26:07:a8:1d:d0:7b:6e:
25:72:48:97:b7:59:bc:df:72:d6:21:33:8b:6a:f0:
a5:ba:e1:52:5b:7e:51:00:4c:bb:c6:15:b1:38:00:
1c:ff:c5:7c:9b:be:3a:77:21:a3:56:84:a7:08:e0:
58:4f:85:34:3e:08:3b:f9:b3:7d:ab:3f:df:85:23:
d7:86:43:c7:de:e9:d3:e8:85:5d:7b:5e:bd:7a:06:
56:72:1b:23:81:ac:47:e0:6f:7a:94:3d:05:fe:66:
f8:77:98:28:d5:3c:26:0d:01:d0:68:c6:de:bb:3d:
a4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F2:7A:87:57:99:A0:55:37:71:79:A2:BF:83:72:0C:3B:33:C7:F3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/pfJ6h1eZoFU3cXmiv4NyDDszx_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
38:93:20:8b:b0:42:d4:6a:5e:74:d6:9f:b6:d6:67:4d:1c:51:
fb:b1:31:2a:1d:6b:af:09:0b:d4:6a:17:c6:65:94:bc:bd:4c:
72:81:ba:d2:58:29:cb:8f:16:d3:14:4f:4e:a7:94:a6:18:e8:
5c:99:11:79:69:df:89:4a:88:ee:b7:a2:a4:e2:da:c6:8f:dd:
49:36:a5:53:5b:43:50:ce:d2:bc:16:41:fe:69:49:d4:9d:ec:
b0:a1:ed:20:32:d0:8f:59:2b:2e:4d:35:c9:67:bd:a2:16:df:
93:40:bf:e8:72:40:50:d2:68:14:a2:24:58:a6:4e:12:41:a1:
7d:0b:57:72:a2:1c:3e:77:3d:3e:cb:11:26:cd:56:da:50:00:
a9:b2:d5:c3:8f:24:0a:22:33:cc:f5:5f:a4:28:14:d3:69:60:
a2:8d:d7:55:2f:0c:86:53:18:11:2d:04:6b:ca:bd:bc:23:86:
59:cc:d6:08:3b:62:06:48:fb:d7:41:b9:88:71:8f:f6:aa:d9:
5c:97:47:72:7e:d1:57:02:c8:6e:70:fb:07:f3:38:bb:f6:51:
b9:1a:cc:29:6e:7c:09:3b:9b:0a:bd:03:d2:94:a1:d5:96:53:
1e:ed:5c:67:9f:fe:85:04:c8:e0:3d:58:0b:3f:40:f2:84:96:
81:83:12:e5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+ydBQQ4VDaSLGkrWbyB/++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI2MDExMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWYyN2E4NzU3OTlhMDU1Mzc3MTc5YTJiZjgzNzIwYzNiMzNjN2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArByadcz6h1J/WH3MW6/WuUWb9bNP
1OMbLG9RnZezjzZejCP1ikhKTRfZx4MW4hIl93+KnwLRv5cdpSKVR7u+sXW0HM97
8w+fBRoQKuE5iHCB4ceJS6x6/bSxzMp/mk7qsYOhYXNq6KbZpHVymB7K5fcz6XSB
a7AE7jO9wxkAGtM4NhYq0YPaxc3q2gqkCyYHqB3Qe24lckiXt1m833LWITOLavCl
uuFSW35RAEy7xhWxOAAc/8V8m746dyGjVoSnCOBYT4U0Pgg7+bN9qz/fhSPXhkPH
3unT6IVde169egZWchsjgaxH4G96lD0F/mb4d5go1TwmDQHQaMbeuz2khQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKXyeodXmaBVN3F5or+Dcgw7M8fzMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcGZKNmgxZVpvRlUzY1htaXY0TnlERHN6eF9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADiTIIuwQtRqXnTWn7bW
Z00cUfuxMSoda68JC9RqF8ZllLy9THKButJYKcuPFtMUT06nlKYY6FyZEXlp34lK
iO63oqTi2saP3Uk2pVNbQ1DO0rwWQf5pSdSd7LCh7SAy0I9ZKy5NNclnvaIW35NA
v+hyQFDSaBSiJFimThJBoX0LV3KiHD53PT7LESbNVtpQAKmy1cOPJAoiM8z1X6Qo
FNNpYKKN11UvDIZTGBEtBGvKvbwjhlnM1gg7YgZI+9dBuYhxj/aq2VyXR3J+0VcC
yG5w+wfzOLv2UbkazClufAk7mwq9A9KUodWWUx7tXGef/oUEyOA9WAs/QPKEloGD
EuU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:24 2025 by rpki-client