Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/pk_LbKG3HQP_Qr67YOMgN_9QnH8.roa
File: pk_LbKG3HQP_Qr67YOMgN_9QnH8.roa (raw, json)
Hash identifier: plQ/vg2Aklrpcl/rgcixIiZgOJdqB/4oGQ4GovRt8ys=
Subject key identifier: A6:4F:CB:6C:A1:B7:1D:03:FF:42:BE:BB:60:E3:20:37:FF:50:9C:7F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FF7C0058D694DB9AB71F9464E76F01C46
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/pk_LbKG3HQP_Qr67YOMgN_9QnH8.roa
Signing time: Sat 08 Jun 2024 12:08:27 +0000
ROA not before: Sat 08 Jun 2024 12:08:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 08 Jun 2024 13:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f7:c0:05:8d:69:4d:b9:ab:71:f9:46:4e:76:f0:1c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 8 12:08:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a64fcb6ca1b71d03ff42bebb60e32037ff509c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a5:78:67:9c:3e:72:fe:f9:66:47:49:a6:d6:
84:ba:cb:b6:fc:88:22:19:44:cc:69:78:37:0d:26:
3a:8f:c6:c9:5a:16:a5:ae:15:17:5a:d1:99:f9:94:
5f:23:e3:aa:d2:0c:49:05:10:e9:42:f2:8c:78:3f:
c6:27:6f:9e:d4:af:ad:0f:b2:88:92:f9:29:40:40:
3c:03:06:0d:a6:bc:70:c9:0b:bf:80:0b:e6:22:93:
3d:69:1a:90:a9:e0:ab:8c:9d:da:fc:84:02:a4:cb:
5b:c2:db:fb:8f:31:63:f4:b7:c2:a5:02:97:b6:58:
4e:fc:e3:6d:ea:f8:ed:2b:53:76:ce:e9:58:62:51:
d7:62:43:12:eb:34:58:0a:56:ce:6c:5e:2b:00:42:
45:c6:35:4e:b4:a2:e6:7b:9e:18:3d:7c:65:21:df:
e9:69:0a:8a:d1:cf:87:c6:b4:0f:d6:d7:56:34:ea:
0e:b9:35:12:ae:d1:95:1e:61:e3:25:02:1c:24:15:
d7:1d:07:08:7e:25:31:a7:25:92:1b:66:8a:c2:49:
84:78:dc:b5:15:cc:29:a9:f1:ce:1e:f9:7e:2e:17:
56:5d:70:f4:18:57:b7:e6:6e:13:5f:cc:22:85:54:
d4:00:3a:18:55:1a:66:e3:1e:cc:92:0b:53:bb:2b:
c2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:4F:CB:6C:A1:B7:1D:03:FF:42:BE:BB:60:E3:20:37:FF:50:9C:7F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/pk_LbKG3HQP_Qr67YOMgN_9QnH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
74:d8:7e:6b:ca:78:77:1d:d9:e1:f4:9c:d0:96:41:b9:6f:be:
ff:34:f1:a3:de:7c:89:40:40:3a:cc:ab:64:06:cf:98:e2:af:
17:ba:72:79:f4:3a:ad:99:19:b3:6a:90:41:e0:f1:b4:47:a5:
54:21:94:7b:34:2b:63:01:3d:fc:ae:ab:54:78:b7:5b:85:90:
e2:30:2d:0d:7f:0c:13:ea:5f:38:ce:ed:4a:43:1e:2a:12:c7:
45:dd:0b:1b:81:6a:c9:73:e0:2b:26:c1:56:71:64:59:d1:55:
25:27:f1:67:ca:60:17:52:1a:ee:b4:57:a9:e2:81:cb:d2:7a:
39:b2:6e:bc:a3:12:69:bf:60:dd:a2:d6:4f:7b:d4:f2:b0:3e:
72:56:e1:92:31:99:c6:52:62:ec:b0:78:d0:98:5c:6b:55:6c:
18:00:28:31:c3:91:ad:64:fb:f6:41:1c:a1:13:10:42:13:11:
6f:7e:c2:62:3a:29:1d:1f:9e:29:8b:e0:17:6e:d3:23:ae:29:
cc:1c:19:d4:58:ea:da:c9:5c:8b:bc:98:a4:23:ce:67:34:96:
c1:12:1b:ec:e6:d5:b2:12:ea:0b:0c:af:29:10:ef:f6:78:b0:
04:e0:5f:ce:e2:1d:fd:a2:11:83:e9:eb:d6:6d:94:2b:fe:d0:
ed:9c:24:c3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/3wAWNaU25q3H5Rk528BxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA4MTIwODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjRmY2I2Y2ExYjcxZDAzZmY0MmJlYmI2MGUzMjAzN2ZmNTA5YzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKV4Z5w+cv75ZkdJptaEusu2/Igi
GUTMaXg3DSY6j8bJWhalrhUXWtGZ+ZRfI+Oq0gxJBRDpQvKMeD/GJ2+e1K+tD7KI
kvkpQEA8AwYNprxwyQu/gAvmIpM9aRqQqeCrjJ3a/IQCpMtbwtv7jzFj9LfCpQKX
tlhO/ONt6vjtK1N2zulYYlHXYkMS6zRYClbObF4rAEJFxjVOtKLme54YPXxlId/p
aQqK0c+HxrQP1tdWNOoOuTUSrtGVHmHjJQIcJBXXHQcIfiUxpyWSG2aKwkmEeNy1
FcwpqfHOHvl+LhdWXXD0GFe35m4TX8wihVTUADoYVRpm4x7MkgtTuyvCgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKZPy2yhtx0D/0K+u2DjIDf/UJx/MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcGtfTGJLRzNIUVBfUXI2N1lPTWdOXzlRbkg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHTYfmvKeHcd2eH0nNCW
Qblvvv808aPefIlAQDrMq2QGz5jirxe6cnn0Oq2ZGbNqkEHg8bRHpVQhlHs0K2MB
Pfyuq1R4t1uFkOIwLQ1/DBPqXzjO7UpDHioSx0XdCxuBaslz4CsmwVZxZFnRVSUn
8WfKYBdSGu60V6nigcvSejmybryjEmm/YN2i1k971PKwPnJW4ZIxmcZSYuyweNCY
XGtVbBgAKDHDka1k+/ZBHKETEEITEW9+wmI6KR0fnimL4Bdu0yOuKcwcGdRY6trJ
XIu8mKQjzmc0lsESG+zm1bIS6gsMrykQ7/Z4sATgX87iHf2iEYPp69ZtlCv+0O2c
JMM=
-----END CERTIFICATE-----
Generated at Sat Jun 8 17:31:59 2024 by rpki-client on console-ams.rpki-client.org