Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tiwFRDOiZEiar4jJyMmCm1GtRQo.roa
File: tiwFRDOiZEiar4jJyMmCm1GtRQo.roa (raw, json)
Hash identifier: AjXqMz553tLhbFcV+qArGITOPEcVqdJUkHHehEbq/OY=
Subject key identifier: B6:2C:05:44:33:A2:64:48:9A:AF:88:C9:C8:C9:82:9B:51:AD:45:0A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01908BD435A91545380A5E38FC1312E5BD07
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tiwFRDOiZEiar4jJyMmCm1GtRQo.roa
Signing time: Sun 07 Jul 2024 06:14:18 +0000
ROA not before: Sun 07 Jul 2024 06:14:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 07 Jul 2024 07:06:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8b:d4:35:a9:15:45:38:0a:5e:38:fc:13:12:e5:bd:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 7 06:14:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b62c054433a264489aaf88c9c8c9829b51ad450a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e6:66:45:3d:b1:00:4d:ae:0d:98:47:0e:6f:
7a:41:45:15:75:70:1b:92:cc:41:5d:8c:0f:65:e5:
cc:c1:2e:9a:23:32:91:73:69:ff:0c:77:80:ce:16:
29:27:07:95:a4:68:2d:b3:c4:21:26:02:56:ba:d7:
5c:e3:e4:07:44:17:dd:7b:39:a5:a6:61:58:91:c9:
92:d5:d9:ef:20:8c:fe:0e:f9:1f:a9:44:15:ee:ce:
5f:22:54:1d:a8:5a:75:be:90:f9:61:a5:76:d2:24:
0a:7c:db:01:1f:ef:f5:31:42:6d:96:e9:cc:ce:37:
ad:a6:03:78:be:cb:6a:39:fe:45:08:00:3a:dc:98:
c0:0b:56:f7:27:df:b3:a2:b3:66:ec:80:c1:d8:d0:
03:9d:6e:58:ec:52:eb:a1:f4:ae:fa:92:ca:32:48:
8d:f3:f4:5b:27:9e:7c:83:39:f2:55:0e:c0:ff:d9:
9d:47:cd:ae:eb:ac:72:ff:58:de:7d:28:12:02:04:
6b:b1:05:70:86:42:33:66:a5:6c:23:1d:f0:82:aa:
34:81:93:68:44:e2:b1:d1:5f:ef:18:ae:20:57:fc:
88:36:e1:88:0e:c7:31:cc:42:e1:a3:87:51:75:f3:
9f:7a:d8:eb:bd:55:29:49:11:ab:f1:33:07:b1:c1:
8a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:2C:05:44:33:A2:64:48:9A:AF:88:C9:C8:C9:82:9B:51:AD:45:0A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tiwFRDOiZEiar4jJyMmCm1GtRQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0f:97:55:fe:9f:ef:84:04:45:a1:0e:ad:01:21:42:93:b5:b8:
22:14:8f:73:6e:c0:68:da:57:f2:ca:92:be:0c:55:63:fc:c0:
cc:b3:ff:62:79:93:69:88:ea:01:41:7c:51:32:8b:29:5b:35:
bb:ef:05:0d:57:19:c0:43:4c:b4:0f:3c:9b:73:9e:13:17:9d:
15:de:15:e4:c5:10:59:3d:74:3d:63:47:9b:d0:66:9b:44:18:
5c:a1:61:2b:d2:c9:b4:cb:f3:39:ed:41:50:82:3f:9e:34:b7:
4a:b7:8e:9b:1d:e9:ea:71:41:44:9f:5e:d7:5d:98:c2:02:8d:
bb:ee:db:58:e6:ee:28:56:35:1a:17:ae:27:1c:3e:7d:8d:fa:
de:51:f8:69:25:be:da:a0:db:c7:d3:5f:83:99:22:71:55:a0:
cc:29:b9:a9:9d:45:e3:8c:20:f8:0a:19:97:8b:89:0e:02:5b:
14:3c:ac:7a:68:20:22:a8:14:a2:57:b2:77:a9:d5:2e:60:bf:
ce:8b:b8:45:fb:65:b0:68:f8:89:a5:a5:7e:15:ad:3d:04:0e:
52:81:c6:a1:e2:28:a6:7f:09:11:fc:55:be:2d:a3:45:43:df:
66:68:96:d7:f5:eb:00:d6:d6:80:fa:17:47:9e:53:96:eb:55:
56:01:80:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCL1DWpFUU4Cl44/BMS5b0HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA3MDYxNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjJjMDU0NDMzYTI2NDQ4OWFhZjg4YzljOGM5ODI5YjUxYWQ0NTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOZmRT2xAE2uDZhHDm96QUUVdXAb
ksxBXYwPZeXMwS6aIzKRc2n/DHeAzhYpJweVpGgts8QhJgJWutdc4+QHRBfdezml
pmFYkcmS1dnvIIz+DvkfqUQV7s5fIlQdqFp1vpD5YaV20iQKfNsBH+/1MUJtlunM
zjetpgN4vstqOf5FCAA63JjAC1b3J9+zorNm7IDB2NADnW5Y7FLrofSu+pLKMkiN
8/RbJ558gznyVQ7A/9mdR82u66xy/1jefSgSAgRrsQVwhkIzZqVsIx3wgqo0gZNo
ROKx0V/vGK4gV/yINuGIDscxzELho4dRdfOfetjrvVUpSRGr8TMHscGKnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLYsBUQzomRImq+IycjJgptRrUUKMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdGl3RlJET2laRWlhcjRqSnlNbUNtMUd0UlFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA+XVf6f74QERaEOrQEh
QpO1uCIUj3NuwGjaV/LKkr4MVWP8wMyz/2J5k2mI6gFBfFEyiylbNbvvBQ1XGcBD
TLQPPJtznhMXnRXeFeTFEFk9dD1jR5vQZptEGFyhYSvSybTL8zntQVCCP540t0q3
jpsd6epxQUSfXtddmMICjbvu21jm7ihWNRoXriccPn2N+t5R+Gklvtqg28fTX4OZ
InFVoMwpuamdReOMIPgKGZeLiQ4CWxQ8rHpoICKoFKJXsnep1S5gv86LuEX7ZbBo
+ImlpX4VrT0EDlKBxqHiKKZ/CRH8Vb4to0VD32Zoltf16wDW1oD6F0eeU5brVVYB
gI8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:39 2025 by rpki-client