Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tjV6YlaWgt9cXWLOZRd5v4-bLeI.roa
File: tjV6YlaWgt9cXWLOZRd5v4-bLeI.roa (raw, json)
Hash identifier: yAy5sljglBsdbfQ67eAfQymlPb+v/i/imsDBoTcdiXs=
Subject key identifier: B6:35:7A:62:56:96:82:DF:5C:5D:62:CE:65:17:79:BF:8F:9B:2D:E2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190A3A233294F45E010310BCB39F96E37E9
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tjV6YlaWgt9cXWLOZRd5v4-bLeI.roa
Signing time: Thu 11 Jul 2024 21:10:34 +0000
ROA not before: Thu 11 Jul 2024 21:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jul 2024 22:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a3:a2:33:29:4f:45:e0:10:31:0b:cb:39:f9:6e:37:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 11 21:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6357a62569682df5c5d62ce651779bf8f9b2de2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:94:20:f0:62:7c:69:24:46:58:68:7d:23:6d:
b2:b6:b0:97:7c:88:7a:f6:93:78:86:ee:05:11:61:
e2:f6:8f:21:dc:6c:22:72:6d:a4:53:be:9c:55:74:
71:88:78:ab:97:f2:3a:92:f1:38:cc:ec:be:dc:a6:
45:33:cf:be:49:66:8a:32:73:f5:09:e9:8e:05:f6:
d8:e3:40:4e:fa:42:6e:0d:b3:fd:7b:54:60:5c:51:
df:bb:ce:b7:01:cb:a7:d1:44:bd:68:8a:6a:3d:0c:
55:2f:f9:b3:4a:3f:bc:9b:37:66:1b:a3:04:85:63:
f9:cb:f2:1f:70:05:13:4b:22:f5:59:07:62:34:9e:
be:75:4f:d6:37:50:72:a3:59:e9:e9:76:e0:05:e5:
dd:bf:26:24:6f:5b:b8:b0:8b:db:97:81:bb:d7:dc:
a8:7e:43:74:9a:e1:15:c8:b1:2f:73:34:5a:97:4d:
a6:c7:dc:d8:52:ce:bb:25:66:5e:c1:fe:ec:c6:68:
90:a2:4a:f5:89:f5:3a:c9:fb:0d:dc:9b:95:17:3e:
3b:e8:80:81:08:c6:0a:cf:c8:bf:0d:28:41:ff:f5:
23:39:de:25:fd:2d:3b:9c:f7:c9:5a:69:aa:70:05:
74:38:71:42:01:73:46:e5:64:c2:48:5f:04:37:ce:
81:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:35:7A:62:56:96:82:DF:5C:5D:62:CE:65:17:79:BF:8F:9B:2D:E2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tjV6YlaWgt9cXWLOZRd5v4-bLeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8f:39:ff:6c:1e:57:1c:78:bc:c8:17:66:9d:e0:08:d3:2b:43:
c4:24:5f:74:0e:00:9c:bf:c6:94:fd:8b:3d:d8:cd:4a:81:53:
16:2b:11:31:85:39:4f:0e:e4:4a:08:fa:43:76:0e:80:a8:7c:
b9:d9:78:4d:7e:83:07:7a:51:19:8e:7e:c6:db:23:74:10:df:
a7:04:ac:1a:31:53:40:66:e2:68:15:98:b2:44:92:f6:24:79:
c2:30:eb:69:af:99:cc:92:14:c6:c2:73:c0:f8:83:70:be:96:
bd:31:22:42:eb:ca:34:93:f9:04:75:5f:02:41:91:7e:da:51:
42:13:20:d3:93:46:c8:58:52:75:9f:df:fd:78:be:be:51:59:
7f:47:a8:4a:14:78:2d:21:ba:70:8f:ee:fd:c7:7b:c0:00:83:
5e:cb:36:bd:6d:45:53:8b:62:cc:7b:4d:f1:9c:ed:44:c0:d7:
9c:79:5f:d6:b7:45:da:b7:9b:1c:14:e7:4a:38:53:6e:9a:75:
02:9d:94:5e:c1:c1:66:5a:4f:21:9e:59:f9:97:f5:5b:a8:ae:
19:72:46:9e:3a:18:db:fb:71:ad:30:8b:80:a0:d6:d0:81:fd:
46:c3:c9:18:9f:66:38:2c:be:ef:cc:80:95:f0:24:62:4e:30:
fb:99:06:42
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCjojMpT0XgEDELyzn5bjfpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzExMjExMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjM1N2E2MjU2OTY4MmRmNWM1ZDYyY2U2NTE3NzliZjhmOWIyZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZQg8GJ8aSRGWGh9I22ytrCXfIh6
9pN4hu4FEWHi9o8h3Gwicm2kU76cVXRxiHirl/I6kvE4zOy+3KZFM8++SWaKMnP1
CemOBfbY40BO+kJuDbP9e1RgXFHfu863Acun0US9aIpqPQxVL/mzSj+8mzdmG6ME
hWP5y/IfcAUTSyL1WQdiNJ6+dU/WN1Byo1np6XbgBeXdvyYkb1u4sIvbl4G719yo
fkN0muEVyLEvczRal02mx9zYUs67JWZewf7sxmiQokr1ifU6yfsN3JuVFz476ICB
CMYKz8i/DShB//UjOd4l/S07nPfJWmmqcAV0OHFCAXNG5WTCSF8EN86B9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLY1emJWloLfXF1izmUXeb+Pmy3iMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdGpWNllsYVdndDljWFdMT1pSZDV2NC1iTGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI85/2weVxx4vMgXZp3g
CNMrQ8QkX3QOAJy/xpT9iz3YzUqBUxYrETGFOU8O5EoI+kN2DoCofLnZeE1+gwd6
URmOfsbbI3QQ36cErBoxU0Bm4mgVmLJEkvYkecIw62mvmcySFMbCc8D4g3C+lr0x
IkLryjST+QR1XwJBkX7aUUITINOTRshYUnWf3/14vr5RWX9HqEoUeC0hunCP7v3H
e8AAg17LNr1tRVOLYsx7TfGc7UTA15x5X9a3Rdq3mxwU50o4U26adQKdlF7BwWZa
TyGeWfmX9VuorhlyRp46GNv7ca0wi4Cg1tCB/UbDyRifZjgsvu/MgJXwJGJOMPuZ
BkI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:47 2025 by rpki-client