Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wsFgQkG8FDqQZ81DYZS1Y1kokac.roa
File: wsFgQkG8FDqQZ81DYZS1Y1kokac.roa (raw, json)
Hash identifier: uCXdiHuhl04P9Evi0zlViHinctXCH8OHFX92++bbc+Y=
Subject key identifier: C2:C1:60:42:41:BC:14:3A:90:67:CD:43:61:94:B5:63:59:28:91:A7
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190A7797A56244AC01C8FC6FF4EF70BD322
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wsFgQkG8FDqQZ81DYZS1Y1kokac.roa
Signing time: Fri 12 Jul 2024 15:04:34 +0000
ROA not before: Fri 12 Jul 2024 15:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:a779:1ebc/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 12 Jul 2024 15:09:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a7:79:7a:56:24:4a:c0:1c:8f:c6:ff:4e:f7:0b:d3:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 12 15:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2c1604241bc143a9067cd436194b563592891a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d5:8f:c4:e5:db:95:d4:1b:c5:46:0f:23:5a:
4d:6c:23:fe:02:ca:b6:03:21:65:33:66:56:33:12:
fa:fe:c3:20:b8:ff:3b:0a:73:64:e0:03:78:a1:9c:
4a:88:11:e5:bf:9e:38:db:95:b6:85:95:31:60:4e:
1d:ca:74:90:cb:19:72:13:0a:77:1d:5d:d4:8a:d6:
91:1f:06:a3:a4:c8:b4:d2:c9:dc:6b:ab:82:27:4a:
ac:1a:87:aa:5d:15:3a:fb:97:05:8f:bf:8d:3c:44:
1f:a1:79:43:aa:cc:fc:b5:23:87:54:b8:4b:e9:56:
81:10:46:1e:75:5e:67:30:80:b0:3e:c6:83:93:cb:
de:cd:6c:b1:c7:04:0f:4c:79:6e:de:fc:ee:82:05:
e4:e1:63:56:84:f2:b0:1a:d6:3f:d2:4a:06:7b:82:
ad:f2:00:88:07:cb:c7:0a:10:65:34:57:13:ff:d3:
10:c3:c2:37:06:58:86:13:3b:46:36:c5:f9:d1:40:
61:9e:e5:36:c4:21:da:32:dc:c2:57:35:05:19:84:
5b:ef:0d:a5:f2:47:fd:63:8f:1c:be:17:dc:13:6d:
1d:f4:81:96:55:ce:11:41:c0:c4:40:e8:b2:cf:c1:
a1:ba:ac:fe:3e:7d:dc:39:a9:48:db:fc:7d:2d:74:
29:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:C1:60:42:41:BC:14:3A:90:67:CD:43:61:94:B5:63:59:28:91:A7
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wsFgQkG8FDqQZ81DYZS1Y1kokac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:b8:0a:bc:91:78:f6:2a:6a:40:fa:bd:7f:3f:8a:ab:f7:a1:
47:2b:13:97:fb:86:a8:8d:4e:9a:18:b8:be:44:d2:cb:99:08:
01:c4:6d:82:ec:9e:45:6e:56:f9:0f:db:30:2f:10:3f:86:23:
13:8b:b2:f3:49:c4:b4:45:19:20:7e:a2:7d:1e:e0:3f:a2:ea:
af:bf:3d:5a:d3:1e:9f:f0:b6:fe:db:a9:30:65:c1:78:18:3c:
e3:ba:d2:44:b7:ed:27:77:8e:07:f1:73:cd:b7:2b:a5:7c:8c:
0b:2e:ba:1f:ed:83:c5:a2:cf:f1:bd:6c:cd:5c:49:ac:6b:d2:
61:36:c8:53:eb:db:63:3f:70:f3:f7:e3:60:45:5f:75:cc:55:
3f:ca:9d:46:16:d2:e4:09:22:64:b5:20:d7:a3:8e:e1:06:a5:
55:36:99:2e:9b:9b:ef:a7:87:27:87:fc:4e:7e:3f:bc:d7:51:
a4:42:12:31:f7:5e:cd:3a:cc:c7:68:00:f1:de:16:df:5f:2a:
0f:85:f7:a6:ca:4f:f5:f1:b4:6e:44:3d:fb:db:89:e1:bf:5b:
79:46:fd:94:03:4d:58:c8:74:b5:d3:bf:ff:c2:2a:ed:ea:f5:
fd:c9:9c:05:27:3e:81:e4:e4:15:5d:5d:01:e7:e4:ba:33:04:
57:a8:ab:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCneXpWJErAHI/G/073C9MiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEyMTUwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmMxNjA0MjQxYmMxNDNhOTA2N2NkNDM2MTk0YjU2MzU5Mjg5MWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdWPxOXbldQbxUYPI1pNbCP+Asq2
AyFlM2ZWMxL6/sMguP87CnNk4AN4oZxKiBHlv54425W2hZUxYE4dynSQyxlyEwp3
HV3UitaRHwajpMi00snca6uCJ0qsGoeqXRU6+5cFj7+NPEQfoXlDqsz8tSOHVLhL
6VaBEEYedV5nMICwPsaDk8vezWyxxwQPTHlu3vzuggXk4WNWhPKwGtY/0koGe4Kt
8gCIB8vHChBlNFcT/9MQw8I3BliGEztGNsX50UBhnuU2xCHaMtzCVzUFGYRb7w2l
8kf9Y48cvhfcE20d9IGWVc4RQcDEQOiyz8Ghuqz+Pn3cOalI2/x9LXQpuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMLBYEJBvBQ6kGfNQ2GUtWNZKJGnMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvd3NGZ1FrRzhGRHFRWjgxRFlaUzFZMWtva2FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHi4CryRePYqakD6vX8/
iqv3oUcrE5f7hqiNTpoYuL5E0suZCAHEbYLsnkVuVvkP2zAvED+GIxOLsvNJxLRF
GSB+on0e4D+i6q+/PVrTHp/wtv7bqTBlwXgYPOO60kS37Sd3jgfxc823K6V8jAsu
uh/tg8Wiz/G9bM1cSaxr0mE2yFPr22M/cPP342BFX3XMVT/KnUYW0uQJImS1INej
juEGpVU2mS6bm++nhyeH/E5+P7zXUaRCEjH3Xs06zMdoAPHeFt9fKg+F96bKT/Xx
tG5EPfvbieG/W3lG/ZQDTVjIdLXTv//CKu3q9f3JnAUnPoHk5BVdXQHn5LozBFeo
q3I=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:42 2025 by rpki-client