Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rb9TOefXun5TGmsO4R0DI-xks70.roa
File: rb9TOefXun5TGmsO4R0DI-xks70.roa (raw, json)
Hash identifier: bx4jmOJ21H3MTaSbd2wbkRr0ZaQwbjHB4I09mNCuB44=
Subject key identifier: AD:BF:53:39:E7:D7:BA:7E:53:1A:6B:0E:E1:1D:03:23:EC:64:B3:BD
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019001D7BF6FBD3A1A5C47D900D4924798AD
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rb9TOefXun5TGmsO4R0DI-xks70.roa
Signing time: Mon 10 Jun 2024 11:10:34 +0000
ROA not before: Mon 10 Jun 2024 11:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 10 Jun 2024 12:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:01:d7:bf:6f:bd:3a:1a:5c:47:d9:00:d4:92:47:98:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 10 11:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=adbf5339e7d7ba7e531a6b0ee11d0323ec64b3bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:34:04:11:b8:42:8c:ca:d4:0f:83:c1:6f:41:
ba:7c:73:85:35:8f:b2:c0:8f:dc:ee:b2:e1:54:d5:
b2:c7:57:54:41:f0:5f:0e:0c:4a:26:3c:07:ac:cd:
a4:5c:dd:83:8f:57:1d:b6:0e:2e:07:83:b1:d3:55:
4b:b3:19:e9:db:35:41:f0:e5:61:62:17:fa:92:70:
eb:3e:3d:1b:63:12:2e:49:49:5c:10:69:24:5e:e5:
3f:23:e3:d1:88:97:39:21:35:27:ce:98:36:e6:ac:
be:72:51:ed:c8:74:17:1d:df:a3:15:4b:78:37:d3:
de:bd:a8:dc:33:e9:6c:04:9d:8e:83:5e:cf:4a:bd:
c1:d7:e4:7f:37:cf:ca:f2:23:f3:4e:4f:70:ca:75:
c1:66:bc:05:39:3d:c5:47:3b:e9:6f:12:02:75:48:
d1:64:21:71:eb:65:ea:7e:2d:b8:f2:df:23:02:8a:
d4:c9:5f:8e:0d:48:05:92:05:38:ff:a0:9e:27:fe:
6b:62:08:46:78:1c:46:9c:3a:18:24:c8:aa:e4:1d:
3b:13:64:da:17:10:b3:a6:a0:ab:bd:5a:a3:72:67:
ce:6b:a1:d4:28:e7:06:4b:4a:cc:27:3a:cf:e3:a3:
28:2f:83:45:6f:aa:1b:f7:40:7e:6e:76:77:b1:c9:
c6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:BF:53:39:E7:D7:BA:7E:53:1A:6B:0E:E1:1D:03:23:EC:64:B3:BD
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rb9TOefXun5TGmsO4R0DI-xks70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
88:a8:5a:76:51:64:80:df:e5:e2:fb:93:73:d1:2e:cb:5d:dc:
8f:21:1a:9a:45:66:37:1b:a7:db:86:c5:1d:cc:69:50:d3:f8:
ea:fe:50:e6:8a:32:5a:2c:bb:07:92:c3:d4:cf:43:90:0c:34:
1e:95:12:a3:4d:72:9a:29:95:4b:4d:46:3b:fe:e3:80:7c:8d:
10:05:45:40:22:ab:ab:5a:7e:1c:88:1f:2f:00:20:3a:6e:ed:
70:b1:47:e3:89:26:68:43:d1:9b:d7:4e:74:5b:9e:04:dd:17:
54:d9:78:97:f1:2d:5a:21:d5:40:c9:18:b0:86:a3:6a:3b:cc:
d0:9e:16:4d:16:5a:eb:4a:f3:cb:ab:61:51:d1:b3:b8:0a:3d:
ce:6a:2b:56:80:44:38:4a:b8:4c:e6:71:fa:1a:ea:52:98:37:
3d:12:a8:2e:31:4d:18:a8:66:2b:52:5e:a7:b7:bc:63:f8:37:
82:05:a8:4e:42:f7:59:5a:b9:25:b9:1f:ac:ff:51:da:65:20:
2c:a2:6a:54:5f:1c:88:f1:7c:29:1a:41:cc:4a:d2:63:eb:f1:
29:fe:30:3b:85:9e:59:e7:61:63:d7:7b:49:7e:c6:86:ca:79:
01:d7:d2:2d:b3:a1:49:e9:fc:43:d8:fb:10:75:6c:ec:82:56:
88:3c:b4:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAB179vvToaXEfZANSSR5itMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjEwMTExMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGJmNTMzOWU3ZDdiYTdlNTMxYTZiMGVlMTFkMDMyM2VjNjRiM2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDQEEbhCjMrUD4PBb0G6fHOFNY+y
wI/c7rLhVNWyx1dUQfBfDgxKJjwHrM2kXN2Dj1cdtg4uB4Ox01VLsxnp2zVB8OVh
Yhf6knDrPj0bYxIuSUlcEGkkXuU/I+PRiJc5ITUnzpg25qy+clHtyHQXHd+jFUt4
N9PevajcM+lsBJ2Og17PSr3B1+R/N8/K8iPzTk9wynXBZrwFOT3FRzvpbxICdUjR
ZCFx62Xqfi248t8jAorUyV+ODUgFkgU4/6CeJ/5rYghGeBxGnDoYJMiq5B07E2Ta
FxCzpqCrvVqjcmfOa6HUKOcGS0rMJzrP46MoL4NFb6ob90B+bnZ3scnGgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK2/Uznn17p+UxprDuEdAyPsZLO9MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcmI5VE9lZlh1bjVUR21zTzRSMERJLXhrczcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIioWnZRZIDf5eL7k3PR
Lstd3I8hGppFZjcbp9uGxR3MaVDT+Or+UOaKMlosuweSw9TPQ5AMNB6VEqNNcpop
lUtNRjv+44B8jRAFRUAiq6tafhyIHy8AIDpu7XCxR+OJJmhD0ZvXTnRbngTdF1TZ
eJfxLVoh1UDJGLCGo2o7zNCeFk0WWutK88urYVHRs7gKPc5qK1aARDhKuEzmcfoa
6lKYNz0SqC4xTRioZitSXqe3vGP4N4IFqE5C91lauSW5H6z/UdplICyialRfHIjx
fCkaQcxK0mPr8Sn+MDuFnlnnYWPXe0l+xobKeQHX0i2zoUnp/EPY+xB1bOyCVog8
tK4=
-----END CERTIFICATE-----
Generated at Mon Jun 10 16:21:31 2024 by rpki-client on console-fra.rpki-client.org