Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xSqOXdoBeqKS9xsGlvFTmFYoffg.roa
File: xSqOXdoBeqKS9xsGlvFTmFYoffg.roa (raw, json)
Hash identifier: MnZMrn0aNDq0BiPIJt/jxoYL/e8WYNCcSz1KKNCgg3o=
Subject key identifier: C5:2A:8E:5D:DA:01:7A:A2:92:F7:1B:06:96:F1:53:98:56:28:7D:F8
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019075B696064F754CBA772BB9F909670D16
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xSqOXdoBeqKS9xsGlvFTmFYoffg.roa
Signing time: Tue 02 Jul 2024 23:10:18 +0000
ROA not before: Tue 02 Jul 2024 23:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Jul 2024 00:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:75:b6:96:06:4f:75:4c:ba:77:2b:b9:f9:09:67:0d:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 2 23:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c52a8e5dda017aa292f71b0696f1539856287df8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:75:06:a9:88:2f:42:fc:75:31:08:8e:c6:ed:
14:3f:dd:e1:47:ad:99:db:17:fe:c9:e4:c4:4f:6d:
57:3f:18:3f:39:12:3a:4c:fc:de:ba:e3:7b:5e:ea:
18:b9:1d:a7:51:90:32:0c:43:3a:cd:78:58:e1:42:
4d:cb:06:5c:8d:00:61:b1:94:98:c0:dd:9d:9d:5a:
ae:b3:61:e2:90:f8:7f:f5:47:cc:9d:53:5a:56:b9:
4c:7f:d2:39:03:24:d3:89:4e:c3:30:9d:bb:84:51:
1e:03:d7:a8:b2:ed:7f:67:48:8a:08:62:0c:26:4f:
45:21:b0:f0:ad:07:4d:fb:7b:d4:a3:90:3f:34:48:
15:8e:eb:d2:15:dc:05:d9:3b:1a:c7:2d:b0:be:97:
9c:06:66:a4:30:5b:0c:7a:40:83:61:dc:44:8d:01:
7e:75:49:9c:29:a5:07:34:80:70:c5:29:a9:1d:28:
fd:6e:67:70:82:f0:e0:f8:29:d7:1e:74:e4:67:5c:
f8:2a:39:be:51:48:c9:52:fb:41:b2:9b:19:cf:98:
61:7d:c5:f8:92:ff:b9:db:2c:84:3d:5f:50:03:5c:
6f:d9:3f:a5:5f:69:06:b9:be:72:c2:02:c8:cf:b8:
60:16:d1:a0:61:85:80:bc:9b:f4:dc:59:f2:16:bd:
7d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:2A:8E:5D:DA:01:7A:A2:92:F7:1B:06:96:F1:53:98:56:28:7D:F8
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xSqOXdoBeqKS9xsGlvFTmFYoffg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:8f:15:4a:c1:d2:9e:3c:5e:64:62:3e:23:cb:08:6c:42:76:
8f:c0:5b:64:32:1a:b3:2c:bc:0d:1e:65:00:62:af:48:8d:33:
41:47:8e:bc:46:f2:61:f9:d9:df:87:9b:c5:5f:5c:2a:0b:ae:
8f:2a:ad:99:df:1c:a6:43:a6:e8:79:e4:e3:6e:73:0f:38:c1:
32:37:35:54:b6:68:9d:2b:c4:9a:4b:63:3c:e2:f4:55:07:06:
0c:1f:a5:c9:6b:0d:d8:a8:f6:f5:d0:19:63:31:86:21:ca:90:
3d:d8:bf:d2:01:1c:ec:66:a9:6d:cf:9b:a5:09:39:1e:9a:61:
1d:35:e8:9b:63:57:af:f9:93:d2:41:b7:32:d1:ba:20:69:b1:
46:f7:f4:13:88:9a:d9:f9:27:6e:56:07:d4:2e:b0:06:43:f0:
a4:be:1e:46:37:c6:c0:4c:a1:30:51:4b:88:40:b5:bb:57:f8:
76:fe:9e:31:c3:28:fe:4b:6a:25:fb:71:eb:c4:3c:9b:1a:6f:
56:f8:c0:95:59:b1:1f:ba:79:2d:01:48:a7:c1:ee:51:96:91:
7b:10:0c:f8:cf:60:f9:2f:62:cd:80:05:65:81:7c:bf:7c:66:
d0:63:37:6e:b3:7b:89:af:28:24:40:0a:00:bc:df:35:f4:0f:
a1:f9:b2:cc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZB1tpYGT3VMuncrufkJZw0WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAyMjMxMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTJhOGU1ZGRhMDE3YWEyOTJmNzFiMDY5NmYxNTM5ODU2Mjg3ZGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnUGqYgvQvx1MQiOxu0UP93hR62Z
2xf+yeTET21XPxg/ORI6TPzeuuN7XuoYuR2nUZAyDEM6zXhY4UJNywZcjQBhsZSY
wN2dnVqus2HikPh/9UfMnVNaVrlMf9I5AyTTiU7DMJ27hFEeA9eosu1/Z0iKCGIM
Jk9FIbDwrQdN+3vUo5A/NEgVjuvSFdwF2Tsaxy2wvpecBmakMFsMekCDYdxEjQF+
dUmcKaUHNIBwxSmpHSj9bmdwgvDg+CnXHnTkZ1z4Kjm+UUjJUvtBspsZz5hhfcX4
kv+52yyEPV9QA1xv2T+lX2kGub5ywgLIz7hgFtGgYYWAvJv03FnyFr19DQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMUqjl3aAXqikvcbBpbxU5hWKH34MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveFNxT1hkb0JlcUtTOXhzR2x2RlRtRllvZmZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB2PFUrB0p48XmRiPiPL
CGxCdo/AW2QyGrMsvA0eZQBir0iNM0FHjrxG8mH52d+Hm8VfXCoLro8qrZnfHKZD
puh55ONucw84wTI3NVS2aJ0rxJpLYzzi9FUHBgwfpclrDdio9vXQGWMxhiHKkD3Y
v9IBHOxmqW3Pm6UJOR6aYR016JtjV6/5k9JBtzLRuiBpsUb39BOImtn5J25WB9Qu
sAZD8KS+HkY3xsBMoTBRS4hAtbtX+Hb+njHDKP5LaiX7cevEPJsab1b4wJVZsR+6
eS0BSKfB7lGWkXsQDPjPYPkvYs2ABWWBfL98ZtBjN26ze4mvKCRACgC83zX0D6H5
ssw=
-----END CERTIFICATE-----
Generated at Wed Jul 3 01:29:05 2024 by rpki-client on console-ams.rpki-client.org