Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tThlIY5XxL6xS26CMdcpedWP0II.roa
File: tThlIY5XxL6xS26CMdcpedWP0II.roa (raw, json)
Hash identifier: 9HTXwtMlGIKCOWwKoBOEgk4olxtRlkYmbLGjmCfnGB0=
Subject key identifier: B5:38:65:21:8E:57:C4:BE:B1:4B:6E:82:31:D7:29:79:D5:8F:D0:82
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190A7B4FBFD1C7FD7AAF509F016F49CAAAF
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tThlIY5XxL6xS26CMdcpedWP0II.roa
Signing time: Fri 12 Jul 2024 16:09:34 +0000
ROA not before: Fri 12 Jul 2024 16:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 12 Jul 2024 17:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a7:b4:fb:fd:1c:7f:d7:aa:f5:09:f0:16:f4:9c:aa:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 12 16:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b53865218e57c4beb14b6e8231d72979d58fd082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:37:c5:8e:5b:e6:16:2a:3a:6c:6f:77:90:e3:
10:eb:5b:8f:ce:45:28:b3:01:c8:6c:15:32:a3:21:
d2:b3:29:69:43:eb:65:ab:f4:b0:1f:7b:0e:89:87:
e7:36:fb:fc:e3:c6:61:63:df:de:44:e0:1a:b0:2e:
55:35:98:6d:96:45:f6:7e:6c:78:d9:4e:d5:d5:af:
f3:3e:c6:f2:b5:64:86:78:93:81:8d:49:38:24:49:
9a:c8:8f:33:10:61:f2:e9:e1:1c:48:72:23:d7:ca:
bc:25:c5:60:10:42:46:27:dd:41:9a:18:f6:ea:fa:
27:f4:be:9e:5e:3a:79:e6:f9:34:fe:e6:d2:d7:c1:
cc:60:26:b0:6a:77:3f:cb:63:0d:03:b8:c7:a1:6d:
c9:8f:1f:22:d8:20:7c:c2:96:80:e9:9a:e2:ea:03:
fd:39:31:f7:f0:12:d9:12:73:7f:fa:c8:db:0a:0f:
5c:b1:79:a4:aa:cc:b1:ed:d8:f7:da:aa:60:0a:b7:
a9:ea:4a:c7:4b:7a:23:45:8e:ee:f0:39:1f:72:99:
3e:e9:64:ad:7c:7a:ed:03:23:93:78:77:b4:f8:5e:
63:ea:86:95:b3:fb:87:ed:e9:fb:99:f1:64:c7:42:
46:47:73:08:be:e3:21:03:c3:07:14:d1:2b:fd:dd:
b8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:38:65:21:8E:57:C4:BE:B1:4B:6E:82:31:D7:29:79:D5:8F:D0:82
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tThlIY5XxL6xS26CMdcpedWP0II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:7b:24:9c:a4:8e:67:bb:70:1d:b6:be:af:5c:b1:47:ea:21:
91:8b:5c:9c:0f:d4:22:f8:1a:c7:c4:4b:57:a4:3b:95:67:56:
6e:85:ee:25:7d:49:18:d0:f8:7a:28:98:04:cd:57:aa:e1:f7:
d7:ee:66:12:b1:26:1c:7d:2b:ff:65:4b:00:6a:65:75:25:27:
b8:2a:2c:bd:31:3c:69:92:20:08:7c:f9:d5:4b:5a:83:0f:d6:
7d:bb:cb:00:9d:0f:03:9e:52:25:20:b4:6a:1e:72:d5:14:b5:
53:86:f9:5c:2a:aa:50:c3:b3:03:05:d2:aa:39:11:51:14:92:
78:7e:3f:3e:f8:f3:9e:b5:4b:81:57:e3:32:17:ec:26:ef:81:
57:d7:43:53:a7:f7:e6:54:32:0b:9d:3c:fd:29:e1:f0:12:7f:
3e:ed:09:dc:7e:19:20:50:f6:1b:e6:94:a4:c4:1a:f3:ff:ab:
37:ef:25:a1:0a:7a:84:b7:33:cd:e2:b8:31:43:0c:fa:cc:98:
da:f8:0c:e5:fc:45:ea:c1:07:c1:cb:c6:88:02:f5:95:46:12:
38:33:da:aa:11:44:05:54:11:72:45:62:8a:e7:af:b8:24:bd:
4d:50:61:7c:91:df:14:51:36:2d:f5:7e:ee:1c:4b:46:be:e3:
29:3f:94:87
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCntPv9HH/XqvUJ8Bb0nKqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEyMTYwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTM4NjUyMThlNTdjNGJlYjE0YjZlODIzMWQ3Mjk3OWQ1OGZkMDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTfFjlvmFio6bG93kOMQ61uPzkUo
swHIbBUyoyHSsylpQ+tlq/SwH3sOiYfnNvv848ZhY9/eROAasC5VNZhtlkX2fmx4
2U7V1a/zPsbytWSGeJOBjUk4JEmayI8zEGHy6eEcSHIj18q8JcVgEEJGJ91Bmhj2
6von9L6eXjp55vk0/ubS18HMYCawanc/y2MNA7jHoW3Jjx8i2CB8wpaA6Zri6gP9
OTH38BLZEnN/+sjbCg9csXmkqsyx7dj32qpgCrep6krHS3ojRY7u8Dkfcpk+6WSt
fHrtAyOTeHe0+F5j6oaVs/uH7en7mfFkx0JGR3MIvuMhA8MHFNEr/d24KQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLU4ZSGOV8S+sUtugjHXKXnVj9CCMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdFRobElZNVh4TDZ4UzI2Q01kY3BlZFdQMElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFd7JJykjme7cB22vq9c
sUfqIZGLXJwP1CL4GsfES1ekO5VnVm6F7iV9SRjQ+HoomATNV6rh99fuZhKxJhx9
K/9lSwBqZXUlJ7gqLL0xPGmSIAh8+dVLWoMP1n27ywCdDwOeUiUgtGoectUUtVOG
+VwqqlDDswMF0qo5EVEUknh+Pz748561S4FX4zIX7CbvgVfXQ1On9+ZUMgudPP0p
4fASfz7tCdx+GSBQ9hvmlKTEGvP/qzfvJaEKeoS3M83iuDFDDPrMmNr4DOX8RerB
B8HLxogC9ZVGEjgz2qoRRAVUEXJFYornr7gkvU1QYXyR3xRRNi31fu4cS0a+4yk/
lIc=
Generated at Fri Jul 12 19:09:31 2024 by rpki-client on console-fra.rpki-client.org