Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/srVMLcEyy2RbLFuP8D33ppz0Pv0.roa
File: srVMLcEyy2RbLFuP8D33ppz0Pv0.roa (raw, json)
Hash identifier: eh39t90xpGyKY02GVplXBgHpXZlD+hu7RlPz/zeyFd0=
Subject key identifier: B2:B5:4C:2D:C1:32:CB:64:5B:2C:5B:8F:F0:3D:F7:A6:9C:F4:3E:FD
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01905DE357D554AD940D2CC63638B682EBFA
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/srVMLcEyy2RbLFuP8D33ppz0Pv0.roa
Signing time: Fri 28 Jun 2024 08:08:18 +0000
ROA not before: Fri 28 Jun 2024 08:08:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 28 Jun 2024 09:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5d:e3:57:d5:54:ad:94:0d:2c:c6:36:38:b6:82:eb:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 28 08:08:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2b54c2dc132cb645b2c5b8ff03df7a69cf43efd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a3:54:50:94:f3:42:b3:9a:a7:38:44:5d:85:
98:12:f4:fc:d3:5d:cc:dd:a4:3b:9a:44:48:f4:27:
dd:19:07:1c:6a:f9:54:1c:5c:11:6f:16:52:62:99:
50:84:3b:8e:d8:79:c3:de:d9:4e:fc:c8:c4:21:14:
b8:f8:47:ae:4d:c8:1b:3f:a5:2a:3a:bb:2d:30:21:
c5:aa:d4:18:4a:23:d4:74:d4:fa:1c:ec:87:fa:8f:
55:42:64:9a:9a:01:ed:46:e1:3a:00:63:40:5f:c9:
19:9f:71:28:c7:59:13:c2:66:97:00:42:cb:9b:14:
d6:7f:f3:ab:8f:9d:59:29:d2:4e:7d:8a:6a:e7:c5:
21:10:f9:41:bc:dc:01:5a:09:5b:aa:8c:6d:ab:f2:
ab:5e:f5:2a:22:24:5b:86:b6:6e:8c:ed:5e:77:a2:
f4:b4:3e:81:19:e5:af:29:2a:28:24:65:0b:3d:4b:
76:5e:a7:8b:6f:63:8a:03:71:83:a2:39:3d:ff:50:
2d:fd:c6:4d:18:5d:f7:f6:b1:24:68:78:6f:ed:c5:
44:ed:a5:df:11:f6:70:dc:17:d7:f8:b1:0a:65:b4:
47:2c:8b:33:43:39:97:5f:79:71:e4:af:ce:5b:f2:
d2:61:24:3a:13:7f:cf:91:31:f9:29:bc:53:0f:ad:
e6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:B5:4C:2D:C1:32:CB:64:5B:2C:5B:8F:F0:3D:F7:A6:9C:F4:3E:FD
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/srVMLcEyy2RbLFuP8D33ppz0Pv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
91:18:b8:b6:5d:1e:32:01:1e:44:43:27:21:cf:ca:81:00:71:
da:7b:f6:fa:57:25:9b:d1:96:49:26:00:99:70:cb:89:99:fb:
1b:5b:53:dc:3f:49:c0:6c:85:0a:63:92:b9:02:80:a7:27:a1:
a9:db:9e:41:f9:dc:42:83:e8:f3:da:b7:ea:87:aa:06:57:c7:
4b:2e:75:c6:6a:f5:03:03:6e:77:81:d7:ea:c6:4b:04:64:50:
45:db:b7:e3:ed:33:79:5b:d4:fd:ee:31:1f:52:db:8d:c5:30:
b4:bb:7a:d4:ae:c9:3d:7f:35:74:ab:fd:0b:f4:da:ed:ef:0f:
d3:9b:15:7d:e4:c7:ac:79:05:40:7a:bd:fe:ec:73:4f:a0:b7:
40:2e:1b:03:ba:80:f1:a4:cf:e8:91:f1:50:02:4a:d5:b0:d5:
a0:1e:77:da:83:c4:67:d3:18:95:3d:d6:54:7b:d0:c1:52:2a:
22:b8:3d:e0:53:f2:64:27:c2:49:a7:4a:92:79:9d:1c:07:d8:
3a:41:cd:25:fd:6b:4b:14:5b:21:09:06:ee:a8:67:5b:08:23:
ae:4e:89:71:d4:82:5e:58:43:8e:1a:05:55:cf:a8:5b:a2:3b:
3c:c7:af:c1:57:94:77:19:5e:2b:12:87:1f:36:e7:25:b4:25:
87:ce:3d:3c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBd41fVVK2UDSzGNji2guv6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjI4MDgwODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmI1NGMyZGMxMzJjYjY0NWIyYzViOGZmMDNkZjdhNjljZjQzZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6NUUJTzQrOapzhEXYWYEvT8013M
3aQ7mkRI9CfdGQccavlUHFwRbxZSYplQhDuO2HnD3tlO/MjEIRS4+EeuTcgbP6Uq
OrstMCHFqtQYSiPUdNT6HOyH+o9VQmSamgHtRuE6AGNAX8kZn3Eox1kTwmaXAELL
mxTWf/Orj51ZKdJOfYpq58UhEPlBvNwBWglbqoxtq/KrXvUqIiRbhrZujO1ed6L0
tD6BGeWvKSooJGULPUt2XqeLb2OKA3GDojk9/1At/cZNGF339rEkaHhv7cVE7aXf
EfZw3BfX+LEKZbRHLIszQzmXX3lx5K/OW/LSYSQ6E3/PkTH5KbxTD63mjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLK1TC3BMstkWyxbj/A996ac9D79MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvc3JWTUxjRXl5MlJiTEZ1UDhEMzNwcHowUHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJEYuLZdHjIBHkRDJyHP
yoEAcdp79vpXJZvRlkkmAJlwy4mZ+xtbU9w/ScBshQpjkrkCgKcnoanbnkH53EKD
6PPat+qHqgZXx0sudcZq9QMDbneB1+rGSwRkUEXbt+PtM3lb1P3uMR9S243FMLS7
etSuyT1/NXSr/Qv02u3vD9ObFX3kx6x5BUB6vf7sc0+gt0AuGwO6gPGkz+iR8VAC
StWw1aAed9qDxGfTGJU91lR70MFSKiK4PeBT8mQnwkmnSpJ5nRwH2DpBzSX9a0sU
WyEJBu6oZ1sII65OiXHUgl5YQ44aBVXPqFuiOzzHr8FXlHcZXisShx825yW0JYfO
PTw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:54 2025 by rpki-client