Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/qCtWwIpLlyFzqTnKNN4RJ-Annl8.roa
File: qCtWwIpLlyFzqTnKNN4RJ-Annl8.roa (raw, json)
Hash identifier: 84zjrN7Cjs8BQm+eD41ICcUUm9EJNgwRtwfXW82jJRY=
Subject key identifier: A8:2B:56:C0:8A:4B:97:21:73:A9:39:CA:34:DE:11:27:E0:27:9E:5F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190226FDB437746DF86478A30839B68356A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/qCtWwIpLlyFzqTnKNN4RJ-Annl8.roa
Signing time: Sun 16 Jun 2024 19:04:34 +0000
ROA not before: Sun 16 Jun 2024 19:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:226f:6f5c/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 16 Jun 2024 19:12:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:22:6f:db:43:77:46:df:86:47:8a:30:83:9b:68:35:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 16 19:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a82b56c08a4b972173a939ca34de1127e0279e5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e1:fd:e5:f3:9c:0f:85:79:65:21:d7:fd:c5:
89:04:b2:9b:c2:4c:bb:5b:b0:10:21:39:66:f5:61:
e2:cc:4a:75:03:1c:34:eb:a2:bd:8d:30:2d:e3:83:
30:21:09:b4:e4:40:e5:66:74:f7:0d:77:49:0c:84:
9b:e0:7c:20:4b:08:87:c4:c3:41:2a:76:28:ed:be:
11:e1:6b:5f:2a:62:d8:c5:83:35:27:24:a5:9a:19:
96:9e:05:19:7a:bb:ee:b5:aa:e2:dd:39:9a:0b:a0:
cc:8b:e8:61:ad:ec:33:c3:90:16:08:3e:d6:c4:cb:
76:5e:5f:59:0a:f0:9d:3d:78:f7:74:d0:76:17:26:
a3:b8:1b:78:7d:26:88:d1:2e:02:22:2e:81:20:1d:
97:46:00:88:4c:d3:3b:16:93:92:ee:69:36:2c:0f:
62:d8:f9:fa:4f:c0:89:e6:96:63:a2:59:58:5b:7f:
6a:20:b3:03:0b:be:51:23:35:47:88:0e:09:d8:6e:
c5:e6:1f:cc:cc:82:34:5d:53:dd:c4:a3:b3:3e:cd:
03:dd:df:1e:d4:23:5d:45:79:df:00:0f:58:c0:04:
80:bf:21:c5:ec:25:e4:a2:bd:fc:c5:e9:3a:64:21:
ae:96:81:54:2e:7e:f3:92:d3:11:39:66:c2:f0:4c:
5b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:2B:56:C0:8A:4B:97:21:73:A9:39:CA:34:DE:11:27:E0:27:9E:5F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/qCtWwIpLlyFzqTnKNN4RJ-Annl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
93:fe:13:69:37:76:ec:a8:7a:f1:ca:0d:df:e6:c1:c8:7c:92:
20:22:f4:9d:c7:05:58:32:3d:73:a9:3b:f3:b5:1e:44:3d:c2:
95:ae:4c:03:86:b3:c5:f9:2f:d6:da:24:1b:51:08:61:27:c6:
2b:22:ab:fa:b8:2e:8d:a4:d3:f0:b3:de:99:88:97:c3:39:81:
ca:81:77:22:41:f4:ab:75:8c:84:65:bf:f6:c3:a9:e9:30:f9:
06:b9:8c:62:3e:0a:1a:88:fa:78:d1:cf:2a:1b:44:9d:e2:84:
74:49:86:a4:5d:aa:58:e4:d0:9c:c1:98:a7:ae:1d:71:d5:4f:
bf:5d:82:7e:81:1b:4d:29:9d:f2:f2:1a:cc:5a:0f:d1:29:58:
ac:a0:98:e3:0a:fa:1a:0b:9a:73:c9:a0:ae:69:90:29:04:2c:
89:61:5c:c2:5f:63:07:63:29:01:81:12:2a:ce:2e:d9:5c:07:
41:a4:95:89:08:58:4f:e3:19:ed:66:e6:70:ed:99:57:d0:37:
67:75:26:a5:26:d9:11:90:48:06:21:e3:ef:f6:98:90:d1:2d:
aa:f6:46:1b:15:0f:97:18:7c:d4:60:3b:43:e6:f6:31:79:06:
32:78:c9:6f:68:dd:e9:2c:ee:07:4c:f8:b3:e3:78:b7:ac:cc:
89:8b:f8:e7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAib9tDd0bfhkeKMIObaDVqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE2MTkwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODJiNTZjMDhhNGI5NzIxNzNhOTM5Y2EzNGRlMTEyN2UwMjc5ZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+H95fOcD4V5ZSHX/cWJBLKbwky7
W7AQITlm9WHizEp1Axw066K9jTAt44MwIQm05EDlZnT3DXdJDISb4HwgSwiHxMNB
KnYo7b4R4WtfKmLYxYM1JySlmhmWngUZervutari3TmaC6DMi+hhrewzw5AWCD7W
xMt2Xl9ZCvCdPXj3dNB2FyajuBt4fSaI0S4CIi6BIB2XRgCITNM7FpOS7mk2LA9i
2Pn6T8CJ5pZjollYW39qILMDC75RIzVHiA4J2G7F5h/MzII0XVPdxKOzPs0D3d8e
1CNdRXnfAA9YwASAvyHF7CXkor38xek6ZCGuloFULn7zktMROWbC8ExbfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKgrVsCKS5chc6k5yjTeESfgJ55fMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcUN0V3dJcExseUZ6cVRuS05ONFJKLUFubmw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJP+E2k3duyoevHKDd/m
wch8kiAi9J3HBVgyPXOpO/O1HkQ9wpWuTAOGs8X5L9baJBtRCGEnxisiq/q4Lo2k
0/Cz3pmIl8M5gcqBdyJB9Kt1jIRlv/bDqekw+Qa5jGI+ChqI+njRzyobRJ3ihHRJ
hqRdqljk0JzBmKeuHXHVT79dgn6BG00pnfLyGsxaD9EpWKygmOMK+hoLmnPJoK5p
kCkELIlhXMJfYwdjKQGBEirOLtlcB0GklYkIWE/jGe1m5nDtmVfQN2d1JqUm2RGQ
SAYh4+/2mJDRLar2RhsVD5cYfNRgO0Pm9jF5BjJ4yW9o3eks7gdM+LPjeLeszImL
+Oc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:13 2025 by rpki-client