Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/r0RQxbl45K3S7cjh4zVQPWe67D0.roa
File: r0RQxbl45K3S7cjh4zVQPWe67D0.roa (raw, json)
Hash identifier: jSNanlda8RrfqwwaCKcBSOFsC3KoW3yb7r3cP55UG/M=
Subject key identifier: AF:44:50:C5:B9:78:E4:AD:D2:ED:C8:E1:E3:35:50:3D:67:BA:EC:3D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FD800E2619B42988AB82D99D22034390B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/r0RQxbl45K3S7cjh4zVQPWe67D0.roa
Signing time: Sun 02 Jun 2024 08:11:27 +0000
ROA not before: Sun 02 Jun 2024 08:11:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 02 Jun 2024 09:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d8:00:e2:61:9b:42:98:8a:b8:2d:99:d2:20:34:39:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 2 08:11:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af4450c5b978e4add2edc8e1e335503d67baec3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e7:7e:2b:a3:b5:63:96:35:c0:3f:79:ff:3a:
2c:e5:b1:0d:b0:c3:58:1c:54:87:92:eb:a1:55:b8:
04:6e:63:0b:db:8d:6c:56:84:5b:93:d7:af:90:d5:
14:ea:d1:3d:dd:92:04:5a:bf:66:b4:cc:15:34:de:
23:12:5d:61:34:5f:2b:47:7c:8e:14:9a:30:42:ba:
67:38:f4:fb:95:7c:22:36:4a:1b:b9:d7:df:89:74:
20:6a:9d:ef:91:60:cd:e9:62:6a:01:66:bd:6b:18:
ff:84:01:bd:f4:eb:78:7e:fa:ef:3a:9e:01:da:b2:
6d:56:e8:25:da:50:bc:90:89:48:a0:d9:37:c4:89:
33:9d:ff:eb:4f:11:08:17:74:9c:a0:77:cf:c3:44:
a1:9e:b8:6c:bd:e8:47:c5:5a:63:61:8d:db:bf:bc:
74:15:81:dd:82:94:40:f2:31:38:8b:40:35:c9:0a:
f5:0c:b9:13:e5:a9:56:41:3b:b0:24:7d:0d:95:27:
f8:1c:3a:46:14:44:10:c7:46:e1:06:8f:c8:fa:4a:
69:30:86:9d:9e:cc:68:0b:7f:fe:08:55:88:42:4a:
d7:a9:10:ea:4d:80:a1:20:de:ed:6a:28:45:c1:0c:
af:fb:9a:93:e4:21:5a:7c:c0:63:28:7b:d1:92:08:
46:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:44:50:C5:B9:78:E4:AD:D2:ED:C8:E1:E3:35:50:3D:67:BA:EC:3D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/r0RQxbl45K3S7cjh4zVQPWe67D0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
94:0c:06:7e:8a:be:b5:c1:b2:e5:15:df:fa:dd:f7:3d:45:4c:
f9:a5:92:b4:d7:ac:95:47:b3:7b:5b:be:66:c3:c7:6f:7d:6c:
09:c6:87:5a:6c:14:6d:bc:a3:d0:23:4f:15:cc:55:ee:96:a2:
9a:ea:98:cd:fe:34:2e:9f:47:1a:36:d6:e9:a7:66:f0:c3:66:
87:ba:f9:0e:00:63:79:f4:9a:f2:8c:9e:08:88:39:84:d0:27:
5b:c9:a4:9d:fe:07:fa:cf:71:26:d1:8e:9d:17:1e:12:3e:24:
18:05:83:1f:68:11:1a:f6:ee:91:52:aa:7a:79:a9:33:54:2a:
f6:e4:7b:22:da:a0:3a:85:0d:27:8e:4c:a5:8a:56:37:bc:94:
96:05:66:dc:99:65:d5:a0:e8:4e:6c:0a:0b:02:bc:cf:0d:fa:
ad:0b:e9:f3:ee:66:1b:17:58:48:20:d3:11:c3:66:f8:9b:ec:
6d:67:fe:0f:56:9b:d6:1d:5f:55:21:ff:90:9e:ad:60:e6:65:
09:a5:0e:00:94:c2:22:2e:f4:7c:d2:37:47:df:2c:3f:06:eb:
83:47:39:e4:f7:05:f9:de:d5:89:be:e9:53:f8:38:82:77:43:
f3:f0:7c:ec:da:e0:70:71:58:78:b3:da:fd:d9:39:9b:18:19:
7f:cf:d4:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/YAOJhm0KYirgtmdIgNDkLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAyMDgxMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjQ0NTBjNWI5NzhlNGFkZDJlZGM4ZTFlMzM1NTAzZDY3YmFlYzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAped+K6O1Y5Y1wD95/zos5bENsMNY
HFSHkuuhVbgEbmML241sVoRbk9evkNUU6tE93ZIEWr9mtMwVNN4jEl1hNF8rR3yO
FJowQrpnOPT7lXwiNkobudffiXQgap3vkWDN6WJqAWa9axj/hAG99Ot4fvrvOp4B
2rJtVugl2lC8kIlIoNk3xIkznf/rTxEIF3ScoHfPw0ShnrhsvehHxVpjYY3bv7x0
FYHdgpRA8jE4i0A1yQr1DLkT5alWQTuwJH0NlSf4HDpGFEQQx0bhBo/I+kppMIad
nsxoC3/+CFWIQkrXqRDqTYChIN7taihFwQyv+5qT5CFafMBjKHvRkghGuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK9EUMW5eOSt0u3I4eM1UD1nuuw9MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcjBSUXhibDQ1SzNTN2NqaDR6VlFQV2U2N0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJQMBn6KvrXBsuUV3/rd
9z1FTPmlkrTXrJVHs3tbvmbDx299bAnGh1psFG28o9AjTxXMVe6WoprqmM3+NC6f
Rxo21umnZvDDZoe6+Q4AY3n0mvKMngiIOYTQJ1vJpJ3+B/rPcSbRjp0XHhI+JBgF
gx9oERr27pFSqnp5qTNUKvbkeyLaoDqFDSeOTKWKVje8lJYFZtyZZdWg6E5sCgsC
vM8N+q0L6fPuZhsXWEgg0xHDZvib7G1n/g9Wm9YdX1Uh/5CerWDmZQmlDgCUwiIu
9HzSN0ffLD8G64NHOeT3Bfne1Ym+6VP4OIJ3Q/PwfOza4HBxWHiz2v3ZOZsYGX/P
1Ik=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org