Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rMQlv-0KM-9eUwjfSJFzt8QsF6E.roa
File: rMQlv-0KM-9eUwjfSJFzt8QsF6E.roa (raw, json)
Hash identifier: YGTe4LJPR9vo2BCZ2JPzz7kd+MU/TWUCVvzF0Ab1SkU=
Subject key identifier: AC:C4:25:BF:ED:0A:33:EF:5E:53:08:DF:48:91:73:B7:C4:2C:17:A1
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019095E5A8456ED7E1C7BAC8007E08BFA3FA
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rMQlv-0KM-9eUwjfSJFzt8QsF6E.roa
Signing time: Tue 09 Jul 2024 05:09:34 +0000
ROA not before: Tue 09 Jul 2024 05:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Jul 2024 06:05:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:95:e5:a8:45:6e:d7:e1:c7:ba:c8:00:7e:08:bf:a3:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 9 05:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acc425bfed0a33ef5e5308df489173b7c42c17a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:96:1d:ad:4b:16:c0:7a:dd:b2:b0:e2:a3:2c:
36:21:95:08:7e:7b:35:40:a8:77:39:2e:a5:e3:3b:
74:a2:c8:a8:9f:07:91:73:aa:78:59:da:bc:56:e3:
0f:56:d9:20:67:1d:62:c3:a8:e2:f4:c0:f6:b6:aa:
81:d2:4b:03:48:dd:c5:f9:78:4f:38:98:41:8f:bd:
17:65:39:b0:6c:a4:db:c6:4e:99:2e:8a:c2:9c:55:
32:b8:36:2c:d7:8a:7c:00:fe:05:cd:1f:f5:6f:c2:
dc:24:b5:a8:0a:f8:84:8a:83:7d:56:f7:74:21:fd:
96:f2:41:ce:8d:2a:54:45:c2:9b:9c:65:f0:40:48:
03:b2:36:81:6f:9a:f9:16:f0:59:b9:b3:d2:e0:1f:
d3:c1:72:17:3b:28:b5:d0:ce:a1:ae:ef:80:4e:8c:
54:db:ea:ee:07:2d:21:f4:12:90:29:3f:c4:0c:60:
3e:40:2e:7b:40:29:1b:22:2b:54:0f:cb:9a:9a:5b:
d5:e8:14:9e:95:ef:e9:12:d7:35:db:4d:aa:0c:94:
9b:de:29:bf:74:52:7c:f0:c7:71:74:2b:6d:7c:21:
92:50:0b:ef:17:1e:52:90:3f:ae:48:a4:1b:1d:b8:
be:08:47:de:30:3a:58:df:5c:17:b4:57:1f:0e:6b:
7c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C4:25:BF:ED:0A:33:EF:5E:53:08:DF:48:91:73:B7:C4:2C:17:A1
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rMQlv-0KM-9eUwjfSJFzt8QsF6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:1d:b0:c3:9e:69:df:87:3b:a2:da:fd:0f:04:d0:dd:89:7d:
69:31:7b:00:ec:55:41:29:34:a4:55:0e:64:0e:b1:d1:6a:36:
58:e9:8d:2e:6e:56:a8:c9:f1:f3:59:f1:54:0d:95:61:f0:d8:
36:a9:26:fa:fa:36:37:c2:d3:36:9f:af:db:04:fc:fe:9d:6d:
27:5a:25:fe:bd:85:f8:9a:25:dc:1b:e3:e0:89:d1:6c:56:2f:
f4:41:13:f2:c4:ce:1a:b5:c2:7b:00:93:f6:fe:f1:52:96:73:
a0:3c:29:4b:15:e3:f8:16:b7:6e:64:76:8c:50:89:ee:4c:39:
dc:3e:9c:12:88:5f:88:ef:ae:b7:48:c0:72:0d:88:f7:3b:bd:
5f:2f:63:f3:03:6a:21:13:4a:fc:ac:f4:c9:0c:f5:c2:b0:6f:
4a:d7:37:03:d3:ec:02:59:fa:ae:43:75:22:95:0f:fd:6e:6f:
e4:20:f8:ec:ee:48:d0:58:e7:0d:54:bc:95:07:3b:17:5f:28:
d9:cf:aa:ff:82:40:d4:61:48:27:53:68:3f:59:66:51:77:43:
12:88:f8:3c:69:49:f3:b8:e2:f5:1d:3f:85:3c:08:1c:f4:b0:
b4:9d:17:ee:76:14:9e:11:62:60:70:d7:ab:c0:80:fa:2c:ff:
aa:2f:26:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCV5ahFbtfhx7rIAH4Iv6P6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA5MDUwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2M0MjViZmVkMGEzM2VmNWU1MzA4ZGY0ODkxNzNiN2M0MmMxN2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJYdrUsWwHrdsrDioyw2IZUIfns1
QKh3OS6l4zt0osionweRc6p4Wdq8VuMPVtkgZx1iw6ji9MD2tqqB0ksDSN3F+XhP
OJhBj70XZTmwbKTbxk6ZLorCnFUyuDYs14p8AP4FzR/1b8LcJLWoCviEioN9Vvd0
If2W8kHOjSpURcKbnGXwQEgDsjaBb5r5FvBZubPS4B/TwXIXOyi10M6hru+AToxU
2+ruBy0h9BKQKT/EDGA+QC57QCkbIitUD8uamlvV6BSele/pEtc1202qDJSb3im/
dFJ88MdxdCttfCGSUAvvFx5SkD+uSKQbHbi+CEfeMDpY31wXtFcfDmt8VwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKzEJb/tCjPvXlMI30iRc7fELBehMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvck1RbHYtMEtNLTllVXdqZlNKRnp0OFFzRjZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADMdsMOead+HO6La/Q8E
0N2JfWkxewDsVUEpNKRVDmQOsdFqNljpjS5uVqjJ8fNZ8VQNlWHw2DapJvr6NjfC
0zafr9sE/P6dbSdaJf69hfiaJdwb4+CJ0WxWL/RBE/LEzhq1wnsAk/b+8VKWc6A8
KUsV4/gWt25kdoxQie5MOdw+nBKIX4jvrrdIwHINiPc7vV8vY/MDaiETSvys9MkM
9cKwb0rXNwPT7AJZ+q5DdSKVD/1ub+Qg+OzuSNBY5w1UvJUHOxdfKNnPqv+CQNRh
SCdTaD9ZZlF3QxKI+DxpSfO44vUdP4U8CBz0sLSdF+52FJ4RYmBw16vAgPos/6ov
Jn8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:57 2025 by rpki-client