Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rJHb0hqY-PokpSwKyORUTwZkTOk.roa
File: rJHb0hqY-PokpSwKyORUTwZkTOk.roa (raw, json)
Hash identifier: LwfM0OhhBQfGxEwFyuYzY0iUN/SdTRiP9XreFE/qXyk=
Subject key identifier: AC:91:DB:D2:1A:98:F8:FA:24:A5:2C:0A:C8:E4:54:4F:06:64:4C:E9
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01902955E91EE6DD4E2F33513C2E154E55AD
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rJHb0hqY-PokpSwKyORUTwZkTOk.roa
Signing time: Tue 18 Jun 2024 03:13:34 +0000
ROA not before: Tue 18 Jun 2024 03:13:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 18 Jun 2024 04:05:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:29:55:e9:1e:e6:dd:4e:2f:33:51:3c:2e:15:4e:55:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 18 03:13:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac91dbd21a98f8fa24a52c0ac8e4544f06644ce9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ab:61:4e:80:4d:1d:44:b2:68:cd:2f:a2:38:
e7:72:d9:0e:38:c5:74:b0:08:70:a0:f7:dc:4e:8d:
eb:36:2f:89:6b:7e:b1:e0:ec:49:68:d2:45:03:f5:
ee:ec:8c:79:08:d3:36:00:ba:3a:63:bf:c4:62:3f:
e8:c2:1d:0f:29:a0:b4:21:f9:db:b2:60:49:00:b9:
a1:c4:78:65:85:69:ef:64:45:e6:d3:45:cc:ca:bd:
8d:38:ce:14:0e:f4:58:8e:b2:c1:d6:97:d7:d5:8b:
a9:02:87:76:4c:72:c3:98:dc:e0:c1:2d:8b:39:ee:
25:f7:aa:fa:e5:3e:98:0f:73:8e:91:ec:c2:c6:f7:
b7:6a:6c:04:0b:8d:5b:45:88:c4:7f:6a:43:b1:b4:
a1:73:33:24:c8:1a:15:09:f0:42:c0:5d:8f:1b:d5:
46:17:bf:ba:a1:03:45:12:d4:b5:0d:2e:49:a6:c5:
8c:f9:80:eb:5c:3e:0d:14:b9:60:6f:6e:59:d8:2c:
f6:f5:71:7d:bc:56:3d:17:01:be:11:5a:eb:08:c8:
9c:c9:ab:ff:6b:25:26:23:8f:ab:56:da:d5:8a:3b:
1a:41:88:75:67:48:f4:e0:b4:fd:a2:63:69:6e:64:
71:e7:ed:62:3c:9b:76:8f:84:75:83:91:ca:8d:27:
19:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:91:DB:D2:1A:98:F8:FA:24:A5:2C:0A:C8:E4:54:4F:06:64:4C:E9
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rJHb0hqY-PokpSwKyORUTwZkTOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3e:8d:3d:c6:c4:96:a0:1d:f0:e8:ca:16:8a:81:c2:fd:8f:5c:
32:cc:e5:74:49:a6:10:08:3a:5c:73:01:ee:4f:08:b0:ae:d2:
95:49:5d:00:a6:ab:3e:05:8c:15:1d:ca:25:71:e2:22:39:c1:
15:c4:da:fe:8e:69:54:4b:e4:7d:29:91:ab:bd:a1:7d:6e:a0:
b4:80:3d:79:2f:f2:9b:9b:5d:2e:a9:6c:21:ab:7a:43:fe:8a:
6e:9a:94:68:d8:4e:18:25:55:52:e3:71:f3:7a:e7:cc:79:ea:
ce:c9:94:a6:c6:19:91:4d:45:5f:66:04:4f:7b:b8:f1:d3:21:
79:f5:cf:5a:72:09:fa:84:eb:0b:93:46:82:00:1e:01:3e:60:
71:7d:92:d4:5c:0a:b3:78:2f:78:aa:42:9b:34:f2:5e:32:d2:
35:90:6f:7e:14:fb:8a:a2:3c:45:a3:28:d4:86:f4:74:93:13:
bf:eb:b3:eb:02:81:31:03:2a:36:4f:87:fc:0d:b8:06:8f:b3:
79:e0:e8:04:9e:e0:61:b3:02:4a:d9:7b:82:01:46:5d:e5:b7:
b3:05:2a:27:dd:58:a5:c4:32:c6:87:d9:fc:ab:37:24:1a:34:
50:d3:4e:e2:49:5d:9b:32:d6:76:9b:eb:d9:77:77:c0:b9:10:
52:fa:50:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZApVeke5t1OLzNRPC4VTlWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE4MDMxMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzkxZGJkMjFhOThmOGZhMjRhNTJjMGFjOGU0NTQ0ZjA2NjQ0Y2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKthToBNHUSyaM0vojjnctkOOMV0
sAhwoPfcTo3rNi+Ja36x4OxJaNJFA/Xu7Ix5CNM2ALo6Y7/EYj/owh0PKaC0Ifnb
smBJALmhxHhlhWnvZEXm00XMyr2NOM4UDvRYjrLB1pfX1YupAod2THLDmNzgwS2L
Oe4l96r65T6YD3OOkezCxve3amwEC41bRYjEf2pDsbShczMkyBoVCfBCwF2PG9VG
F7+6oQNFEtS1DS5JpsWM+YDrXD4NFLlgb25Z2Cz29XF9vFY9FwG+EVrrCMicyav/
ayUmI4+rVtrVijsaQYh1Z0j04LT9omNpbmRx5+1iPJt2j4R1g5HKjScZVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKyR29IamPj6JKUsCsjkVE8GZEzpMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvckpIYjBocVktUG9rcFN3S3lPUlVUd1prVE9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD6NPcbElqAd8OjKFoqB
wv2PXDLM5XRJphAIOlxzAe5PCLCu0pVJXQCmqz4FjBUdyiVx4iI5wRXE2v6OaVRL
5H0pkau9oX1uoLSAPXkv8pubXS6pbCGrekP+im6alGjYThglVVLjcfN658x56s7J
lKbGGZFNRV9mBE97uPHTIXn1z1pyCfqE6wuTRoIAHgE+YHF9ktRcCrN4L3iqQps0
8l4y0jWQb34U+4qiPEWjKNSG9HSTE7/rs+sCgTEDKjZPh/wNuAaPs3ng6ASe4GGz
AkrZe4IBRl3lt7MFKifdWKXEMsaH2fyrNyQaNFDTTuJJXZsy1nab69l3d8C5EFL6
UPY=
-----END CERTIFICATE-----
Generated at Tue Jun 18 06:40:40 2024 by rpki-client on console-fra.rpki-client.org