Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/u5V7vjxCdIl9vFpgAV6aE_LaHVI.roa
File: u5V7vjxCdIl9vFpgAV6aE_LaHVI.roa (raw, json)
Hash identifier: sV3K3eVulI8a10hTmw+OGR6iuvU/K59iSDEGDBlFyvY=
Subject key identifier: BB:95:7B:BE:3C:42:74:89:7D:BC:5A:60:01:5E:9A:13:F2:DA:1D:52
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FB8E231637D02BAC51E8408685851E2D0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/u5V7vjxCdIl9vFpgAV6aE_LaHVI.roa
Signing time: Mon 27 May 2024 07:09:42 +0000
ROA not before: Mon 27 May 2024 07:09:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 27 May 2024 08:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b8:e2:31:63:7d:02:ba:c5:1e:84:08:68:58:51:e2:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 27 07:09:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb957bbe3c4274897dbc5a60015e9a13f2da1d52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:06:f2:2f:19:f1:ab:97:8a:de:8d:6b:c1:9e:
bd:0a:98:69:0f:d8:7d:11:54:17:e3:bf:9c:e5:2b:
d2:25:b4:55:f9:11:6f:66:10:4e:52:6b:3d:ce:30:
84:00:d3:33:d6:da:f8:00:c8:c2:30:54:6c:14:3a:
9c:c8:1c:d6:5d:cb:26:bc:7e:fc:bb:f5:20:74:eb:
1f:38:63:19:36:ff:77:a2:c0:e5:1a:a8:37:d6:58:
cf:b2:6a:fb:5e:04:53:ae:ed:8b:a7:b5:9e:69:92:
e6:ad:39:66:04:29:70:ec:ff:98:1c:e7:cf:27:8e:
bf:91:4e:72:f2:f7:45:53:cd:fc:72:ae:e4:ab:35:
f7:e6:ed:8c:30:31:5d:65:5a:3f:05:ae:00:0b:47:
8f:bc:9d:2b:19:a7:38:2f:a1:2a:5a:c4:f3:40:48:
d5:98:f1:84:12:ee:8b:bc:01:de:6c:87:24:9c:9a:
c5:65:40:c0:62:61:ec:5e:f2:71:19:10:fa:e9:55:
99:3f:cf:86:e2:3d:9b:24:95:16:8c:65:b7:c0:e3:
b4:f9:a1:4d:18:41:46:55:ba:6f:27:ac:78:ae:83:
81:4d:e2:e1:22:20:21:62:37:2d:70:b9:d1:98:7c:
18:31:60:93:84:1a:74:8c:9b:49:77:b2:e2:e2:b1:
53:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:95:7B:BE:3C:42:74:89:7D:BC:5A:60:01:5E:9A:13:F2:DA:1D:52
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/u5V7vjxCdIl9vFpgAV6aE_LaHVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:47:3d:07:85:33:50:58:ad:7f:8d:da:db:34:dc:16:43:ce:
e4:95:fd:e9:21:d1:49:ee:5c:ba:b1:21:75:29:74:9d:64:27:
09:a4:3e:fc:47:af:7e:5a:87:3f:14:30:27:20:b7:ec:d5:21:
89:85:c0:2b:1d:96:f4:a6:66:3f:b7:66:23:f0:2c:0e:3d:d0:
b8:2d:fa:56:49:12:76:cd:0b:64:8a:4f:41:d5:f7:89:0a:e1:
c8:ad:59:a5:02:3e:50:72:95:bd:32:cd:4a:a6:a3:77:b2:38:
5a:bc:55:29:de:2f:b0:81:c7:cf:42:4e:e8:38:65:ae:d1:f3:
4c:7d:c3:2c:8f:6b:f8:13:86:36:c7:f0:43:b9:7d:e6:0b:05:
e1:3d:a0:8a:80:7b:ec:dd:a4:d7:bd:47:2a:bf:8d:94:36:32:
26:8b:67:70:19:34:00:01:78:a6:d8:bf:2b:56:75:80:00:d0:
4e:3e:44:00:63:e8:ea:45:cc:5e:7e:33:32:bb:a5:5e:71:0b:
d7:32:13:9c:c1:41:75:e4:58:96:dc:bc:53:1e:cd:c7:f8:ee:
fc:6e:7e:58:32:6f:ca:83:97:31:6a:cb:7e:5a:f2:00:3b:d2:
c4:ea:e8:69:ea:11:0b:e6:d1:c4:df:cf:92:30:85:0f:53:05:
e2:49:02:fa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+44jFjfQK6xR6ECGhYUeLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI3MDcwOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjk1N2JiZTNjNDI3NDg5N2RiYzVhNjAwMTVlOWExM2YyZGExZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAbyLxnxq5eK3o1rwZ69CphpD9h9
EVQX47+c5SvSJbRV+RFvZhBOUms9zjCEANMz1tr4AMjCMFRsFDqcyBzWXcsmvH78
u/UgdOsfOGMZNv93osDlGqg31ljPsmr7XgRTru2Lp7WeaZLmrTlmBClw7P+YHOfP
J46/kU5y8vdFU838cq7kqzX35u2MMDFdZVo/Ba4AC0ePvJ0rGac4L6EqWsTzQEjV
mPGEEu6LvAHebIcknJrFZUDAYmHsXvJxGRD66VWZP8+G4j2bJJUWjGW3wOO0+aFN
GEFGVbpvJ6x4roOBTeLhIiAhYjctcLnRmHwYMWCThBp0jJtJd7Li4rFTOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLuVe748QnSJfbxaYAFemhPy2h1SMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdTVWN3ZqeENkSWw5dkZwZ0FWNmFFX0xhSFZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD1HPQeFM1BYrX+N2ts0
3BZDzuSV/ekh0UnuXLqxIXUpdJ1kJwmkPvxHr35ahz8UMCcgt+zVIYmFwCsdlvSm
Zj+3ZiPwLA490Lgt+lZJEnbNC2SKT0HV94kK4citWaUCPlBylb0yzUqmo3eyOFq8
VSneL7CBx89CTug4Za7R80x9wyyPa/gThjbH8EO5feYLBeE9oIqAe+zdpNe9Ryq/
jZQ2MiaLZ3AZNAABeKbYvytWdYAA0E4+RABj6OpFzF5+MzK7pV5xC9cyE5zBQXXk
WJbcvFMezcf47vxuflgyb8qDlzFqy35a8gA70sTq6GnqEQvm0cTfz5IwhQ9TBeJJ
Avo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:31 2025 by rpki-client