Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tkgsgpk4EUrcgy6Vo0cU9mvoC_I.roa
File: tkgsgpk4EUrcgy6Vo0cU9mvoC_I.roa (raw, json)
Hash identifier: e+uGaB0lCjyUvwJbIKqlvbgKrxIh01hxJP9MSqGKEGQ=
Subject key identifier: B6:48:2C:82:99:38:11:4A:DC:83:2E:95:A3:47:14:F6:6B:E8:0B:F2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01908485C8AC2CD28E34AA65C86B657120BC
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tkgsgpk4EUrcgy6Vo0cU9mvoC_I.roa
Signing time: Fri 05 Jul 2024 20:11:18 +0000
ROA not before: Fri 05 Jul 2024 20:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 05 Jul 2024 21:04:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:84:85:c8:ac:2c:d2:8e:34:aa:65:c8:6b:65:71:20:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 5 20:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6482c829938114adc832e95a34714f66be80bf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e6:e8:db:b4:d2:c7:b2:ae:40:c1:d0:70:12:
b5:1d:50:47:2f:02:81:53:56:fc:7c:62:23:29:98:
96:4f:10:97:18:0c:48:a0:ba:01:61:16:93:94:50:
ed:4a:9f:4e:f0:f7:57:b0:74:c6:e4:59:73:69:1b:
8a:c4:9e:fe:b9:bf:13:34:37:e8:2d:7f:09:13:68:
d7:17:02:52:bc:5c:9e:4f:67:43:ef:1d:5a:bf:c2:
b7:a8:bc:e2:b8:e3:42:14:5a:fa:d1:ee:28:56:dc:
9a:e0:b4:e8:99:b8:b7:23:45:e4:0f:25:79:c7:81:
af:cc:99:6b:cf:50:80:12:95:67:0b:d3:49:ec:2b:
03:db:86:b4:a6:2f:b4:43:26:81:d7:8a:a7:cb:c3:
b0:3d:b7:2c:31:e1:20:14:8f:af:c1:c1:ce:ed:84:
ca:94:54:c1:73:cb:f3:64:5c:b1:51:6b:89:0a:61:
67:02:09:bf:bf:9a:9a:af:38:3b:14:d3:c8:b7:06:
1f:f5:b4:b8:4d:92:e9:ed:ef:cb:4b:ca:8e:7c:93:
d3:41:f2:df:a9:80:2c:d8:9d:9a:5f:ee:bd:85:b9:
86:c9:0a:78:e4:d1:4e:d0:a8:17:5d:50:42:55:87:
fd:8b:fc:f1:dc:2c:81:8c:ea:64:e5:d0:fe:91:3c:
d0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:48:2C:82:99:38:11:4A:DC:83:2E:95:A3:47:14:F6:6B:E8:0B:F2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tkgsgpk4EUrcgy6Vo0cU9mvoC_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:62:63:aa:c6:c5:97:eb:25:95:33:cf:ae:71:7f:c8:1c:33:
e7:59:6d:0c:74:2e:8b:0c:a3:60:8c:f2:84:c5:58:f2:f0:aa:
66:d9:58:b7:c1:67:f2:29:3b:29:2e:0a:9c:e3:3d:70:f2:9a:
b1:82:4f:2d:10:ef:13:13:d9:c6:7c:57:ff:d6:36:dd:2d:ad:
bd:02:ca:d3:20:01:eb:33:a2:20:a3:9c:7b:be:39:59:aa:fd:
b8:90:3c:1d:78:43:28:20:44:33:92:30:25:61:0d:fa:27:cd:
f8:60:30:44:89:3f:85:d8:7b:ab:3c:ae:90:40:6f:2d:cb:60:
37:e4:ec:f5:11:8c:e4:c6:9e:53:70:59:02:4e:08:99:4c:37:
18:03:0e:df:d8:46:7c:50:19:3e:11:3f:6f:a8:e4:3e:16:b4:
58:fe:79:bc:37:a7:fa:59:31:ea:dc:4e:98:ca:98:46:36:b5:
7e:5b:b0:58:ca:0b:3a:c7:35:1d:4d:c5:51:d6:b8:43:a7:a2:
b6:ee:33:bc:d6:85:ec:05:bb:fc:63:16:7a:e5:10:83:1b:18:
42:f2:9f:5e:5b:59:f5:c0:bd:20:01:d6:75:05:90:69:3a:66:
7f:e2:5d:8a:96:31:2c:ca:65:99:6a:ab:bb:0a:92:c5:3c:b5:
4a:0e:c6:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCEhcisLNKONKplyGtlcSC8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA1MjAxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjQ4MmM4Mjk5MzgxMTRhZGM4MzJlOTVhMzQ3MTRmNjZiZTgwYmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+bo27TSx7KuQMHQcBK1HVBHLwKB
U1b8fGIjKZiWTxCXGAxIoLoBYRaTlFDtSp9O8PdXsHTG5FlzaRuKxJ7+ub8TNDfo
LX8JE2jXFwJSvFyeT2dD7x1av8K3qLziuONCFFr60e4oVtya4LTombi3I0XkDyV5
x4GvzJlrz1CAEpVnC9NJ7CsD24a0pi+0QyaB14qny8OwPbcsMeEgFI+vwcHO7YTK
lFTBc8vzZFyxUWuJCmFnAgm/v5qarzg7FNPItwYf9bS4TZLp7e/LS8qOfJPTQfLf
qYAs2J2aX+69hbmGyQp45NFO0KgXXVBCVYf9i/zx3CyBjOpk5dD+kTzQgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLZILIKZOBFK3IMulaNHFPZr6AvyMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdGtnc2dwazRFVXJjZ3k2Vm8wY1U5bXZvQ19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABpiY6rGxZfrJZUzz65x
f8gcM+dZbQx0LosMo2CM8oTFWPLwqmbZWLfBZ/IpOykuCpzjPXDymrGCTy0Q7xMT
2cZ8V//WNt0trb0CytMgAeszoiCjnHu+OVmq/biQPB14QyggRDOSMCVhDfonzfhg
MESJP4XYe6s8rpBAby3LYDfk7PURjOTGnlNwWQJOCJlMNxgDDt/YRnxQGT4RP2+o
5D4WtFj+ebw3p/pZMercTpjKmEY2tX5bsFjKCzrHNR1NxVHWuEOnorbuM7zWhewF
u/xjFnrlEIMbGELyn15bWfXAvSAB1nUFkGk6Zn/iXYqWMSzKZZlqq7sKksU8tUoO
xnI=
Generated at Fri Jul 5 22:29:07 2024 by rpki-client on console-fra.rpki-client.org