Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/w8-qNm1hRWaivip7g2PWpiZD2Tc.roa
File: w8-qNm1hRWaivip7g2PWpiZD2Tc.roa (raw, json)
Hash identifier: RLYmz7PFkpA9iKMjrHdhG4gCl4R6CLmYCRpmEvpsBO0=
Subject key identifier: C3:CF:AA:36:6D:61:45:66:A2:BE:2A:7B:83:63:D6:A6:26:43:D9:37
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FBA62B68A4E59259267EF2F5F9618F516
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/w8-qNm1hRWaivip7g2PWpiZD2Tc.roa
Signing time: Mon 27 May 2024 14:09:42 +0000
ROA not before: Mon 27 May 2024 14:09:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 27 May 2024 15:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ba:62:b6:8a:4e:59:25:92:67:ef:2f:5f:96:18:f5:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 27 14:09:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3cfaa366d614566a2be2a7b8363d6a62643d937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6d:80:d0:78:23:8a:e6:9c:b3:3a:85:1c:93:
67:30:4a:24:3d:b7:32:ad:b7:5d:a6:d9:46:ec:e1:
fd:d4:e3:c7:0c:f1:86:04:2b:2e:60:f4:78:fd:b3:
2b:ad:f5:41:7b:05:b5:c9:81:cf:7e:c3:dd:ce:fa:
04:2e:69:3d:26:2a:7e:af:a9:c0:d3:12:e3:36:26:
06:6f:24:78:98:44:26:86:0e:04:3e:06:64:3c:41:
94:e7:ec:30:75:b7:a8:b8:de:7f:b3:1e:6f:c7:13:
91:0f:0e:b1:aa:8d:14:a6:01:4a:96:88:98:74:3a:
df:9a:a2:f4:2b:ee:76:b1:c0:fa:e5:2b:4d:4c:00:
df:45:b0:cc:de:b6:19:07:0a:04:7e:8c:26:8d:c3:
d7:9e:67:11:43:6e:f8:16:7c:d6:f5:08:9e:6d:45:
0d:09:14:54:eb:48:d5:c4:0e:19:fe:0e:59:d2:09:
a8:92:63:62:23:69:b9:a8:a5:3f:19:0c:b0:59:6b:
9f:92:2d:5d:a0:ff:b6:9a:4d:80:53:d7:9e:67:4c:
83:0b:08:b7:9c:59:82:78:a8:aa:aa:ca:4c:eb:72:
2c:0b:6b:8a:21:b6:9a:77:8b:a0:88:13:a9:c5:d5:
21:0a:cd:6f:06:41:d8:e9:00:10:ad:40:95:ff:53:
1e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:CF:AA:36:6D:61:45:66:A2:BE:2A:7B:83:63:D6:A6:26:43:D9:37
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/w8-qNm1hRWaivip7g2PWpiZD2Tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
05:b2:0c:0e:18:01:88:90:62:ea:62:70:47:31:41:5c:42:98:
37:7e:81:5f:fe:aa:97:93:eb:1f:b5:16:36:83:f8:e5:97:df:
13:ab:6b:6b:62:8b:7b:76:ed:e6:87:c0:3f:e2:72:ae:cd:57:
c0:95:6e:be:52:9c:c8:09:53:05:b1:77:69:f5:15:e7:27:6a:
b7:f0:b9:62:5f:1d:b6:df:9a:b6:b4:94:85:6c:8f:91:67:16:
8a:cf:5d:47:83:f8:82:e1:92:1f:d9:91:ef:ff:49:9b:0d:84:
44:6d:b8:3b:dc:32:05:9e:d4:e0:71:56:bf:6d:55:e1:57:1c:
25:93:aa:a8:31:de:23:0a:da:78:ce:4f:e1:f5:78:c7:72:27:
97:44:9e:ec:94:3c:b1:04:3c:d9:01:57:da:42:21:77:72:02:
51:96:d5:91:fe:8e:77:44:0f:f7:b4:66:de:90:a3:2e:a0:ae:
87:c6:3d:b7:71:33:23:7e:05:ca:5e:87:a1:8f:79:d3:c9:95:
48:ac:17:ca:4c:49:45:41:62:93:00:e2:5c:0f:9c:df:17:5d:
6f:87:a9:6a:d6:50:42:2d:5b:10:91:84:a2:28:8d:d3:ca:d5:
df:7a:3f:43:21:1a:17:68:18:48:bc:7e:34:73:4b:11:3c:ac:
53:ed:6d:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+6YraKTlklkmfvL1+WGPUWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI3MTQwOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2NmYWEzNjZkNjE0NTY2YTJiZTJhN2I4MzYzZDZhNjI2NDNkOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoW2A0HgjiuacszqFHJNnMEokPbcy
rbddptlG7OH91OPHDPGGBCsuYPR4/bMrrfVBewW1yYHPfsPdzvoELmk9Jip+r6nA
0xLjNiYGbyR4mEQmhg4EPgZkPEGU5+wwdbeouN5/sx5vxxORDw6xqo0UpgFKloiY
dDrfmqL0K+52scD65StNTADfRbDM3rYZBwoEfowmjcPXnmcRQ274FnzW9QiebUUN
CRRU60jVxA4Z/g5Z0gmokmNiI2m5qKU/GQywWWufki1doP+2mk2AU9eeZ0yDCwi3
nFmCeKiqqspM63IsC2uKIbaad4ugiBOpxdUhCs1vBkHY6QAQrUCV/1MeqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMPPqjZtYUVmor4qe4Nj1qYmQ9k3MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdzgtcU5tMWhSV2FpdmlwN2cyUFdwaVpEMlRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAWyDA4YAYiQYupicEcx
QVxCmDd+gV/+qpeT6x+1FjaD+OWX3xOra2tii3t27eaHwD/icq7NV8CVbr5SnMgJ
UwWxd2n1FecnarfwuWJfHbbfmra0lIVsj5FnForPXUeD+ILhkh/Zke//SZsNhERt
uDvcMgWe1OBxVr9tVeFXHCWTqqgx3iMK2njOT+H1eMdyJ5dEnuyUPLEEPNkBV9pC
IXdyAlGW1ZH+jndED/e0Zt6Qoy6grofGPbdxMyN+Bcpeh6GPedPJlUisF8pMSUVB
YpMA4lwPnN8XXW+HqWrWUEItWxCRhKIojdPK1d96P0MhGhdoGEi8fjRzSxE8rFPt
bYk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:05:48 2025 by rpki-client