Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/y8jK16RInmrpbPa8dGP69atnRiY.roa
File: y8jK16RInmrpbPa8dGP69atnRiY.roa (raw, json)
Hash identifier: McB3mr4Z54qPS90YWNQbfivUuaN4Cd2dabB4S6n45Ng=
Subject key identifier: CB:C8:CA:D7:A4:48:9E:6A:E9:6C:F6:BC:74:63:FA:F5:AB:67:46:26
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01909FFE31104588DC491E4017FB8251BD8E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/y8jK16RInmrpbPa8dGP69atnRiY.roa
Signing time: Thu 11 Jul 2024 04:12:34 +0000
ROA not before: Thu 11 Jul 2024 04:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jul 2024 05:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9f:fe:31:10:45:88:dc:49:1e:40:17:fb:82:51:bd:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 11 04:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbc8cad7a4489e6ae96cf6bc7463faf5ab674626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:10:eb:3c:7c:c9:1d:9c:fe:ae:3c:93:1a:5f:
8f:36:6c:de:ae:79:31:ba:f6:20:81:2e:eb:f6:da:
80:9b:6a:70:67:78:35:6c:db:9b:88:a7:a5:25:38:
81:6b:a4:d4:96:3f:4e:cf:43:37:3b:15:4a:dc:55:
16:b2:9d:33:9b:b7:a6:68:ac:cf:fa:a4:3d:93:00:
af:80:19:0e:37:22:17:a5:03:70:a1:a3:2a:1c:91:
d2:84:56:a9:92:89:fc:22:10:31:19:d0:cd:f7:64:
6e:a7:4e:de:8e:41:76:f4:74:24:e6:19:ae:6f:2d:
c5:ce:e2:08:7a:cc:e8:06:53:92:63:ca:4e:db:82:
45:ba:39:ad:9f:76:13:89:39:90:9c:75:c5:57:20:
ea:ee:d6:1e:25:f9:27:f5:1f:bc:6e:b9:30:82:50:
ce:57:ac:50:a1:d8:27:a6:40:2f:fb:da:1c:d6:0d:
84:df:b7:e4:f4:fd:fd:74:5b:31:b8:68:ef:39:b8:
95:7d:63:81:db:0f:73:0b:19:43:8f:65:e4:14:20:
7b:42:52:45:56:f0:63:0d:6d:ea:2f:fc:e2:51:a0:
2e:f1:a4:01:9c:fc:24:6a:8f:95:8e:f1:db:59:66:
4f:04:e7:37:61:0a:4e:be:d4:2e:43:27:9c:c9:55:
ba:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C8:CA:D7:A4:48:9E:6A:E9:6C:F6:BC:74:63:FA:F5:AB:67:46:26
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/y8jK16RInmrpbPa8dGP69atnRiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
81:93:3d:dc:d2:a7:43:00:78:11:f4:f0:29:7f:6d:a5:87:29:
30:e5:65:d3:01:18:7b:bd:4b:2e:4c:9e:59:81:e0:b9:1d:ea:
ec:15:a3:0a:1f:04:64:cb:9a:37:cd:8e:c5:c3:e4:49:52:14:
fc:4d:56:50:50:53:df:e5:25:23:a7:70:32:9e:c4:e7:c4:e6:
d4:e6:7b:7b:e1:53:81:ad:08:b1:36:c9:d6:d9:e3:f1:37:2f:
39:ba:63:41:91:ed:c2:15:96:f8:3d:2e:77:3f:da:cd:3f:bf:
7d:78:26:41:dd:51:b9:1d:46:eb:b9:1e:ea:74:03:3a:d9:12:
1c:71:70:41:f5:ed:2e:cb:85:09:43:eb:1a:26:55:d8:d8:bf:
a0:d3:ea:0e:2f:4e:d7:42:de:b6:bd:7d:7d:53:e8:e7:b8:11:
96:84:1c:4a:95:ae:19:5b:e6:80:ea:d4:ff:f2:7a:95:82:70:
99:29:64:7b:9b:1e:e2:55:93:57:6a:80:a3:50:de:00:61:d3:
d7:e2:c9:e9:0b:ff:fd:67:08:38:29:14:da:d3:b3:16:98:ef:
b3:bb:8c:2b:ee:50:5b:6f:c3:6e:44:65:29:23:b6:4b:2b:82:
cc:10:49:27:97:58:9e:db:67:18:09:67:b4:01:41:6f:86:e8:
69:dd:7e:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCf/jEQRYjcSR5AF/uCUb2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzExMDQxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmM4Y2FkN2E0NDg5ZTZhZTk2Y2Y2YmM3NDYzZmFmNWFiNjc0NjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhDrPHzJHZz+rjyTGl+PNmzernkx
uvYggS7r9tqAm2pwZ3g1bNubiKelJTiBa6TUlj9Oz0M3OxVK3FUWsp0zm7emaKzP
+qQ9kwCvgBkONyIXpQNwoaMqHJHShFapkon8IhAxGdDN92Rup07ejkF29HQk5hmu
by3FzuIIeszoBlOSY8pO24JFujmtn3YTiTmQnHXFVyDq7tYeJfkn9R+8brkwglDO
V6xQodgnpkAv+9oc1g2E37fk9P39dFsxuGjvObiVfWOB2w9zCxlDj2XkFCB7QlJF
VvBjDW3qL/ziUaAu8aQBnPwkao+VjvHbWWZPBOc3YQpOvtQuQyecyVW6vQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMvIytekSJ5q6Wz2vHRj+vWrZ0YmMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveThqSzE2UklubXJwYlBhOGRHUDY5YXRuUmlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIGTPdzSp0MAeBH08Cl/
baWHKTDlZdMBGHu9Sy5MnlmB4Lkd6uwVowofBGTLmjfNjsXD5ElSFPxNVlBQU9/l
JSOncDKexOfE5tTme3vhU4GtCLE2ydbZ4/E3Lzm6Y0GR7cIVlvg9Lnc/2s0/v314
JkHdUbkdRuu5Hup0AzrZEhxxcEH17S7LhQlD6xomVdjYv6DT6g4vTtdC3ra9fX1T
6Oe4EZaEHEqVrhlb5oDq1P/yepWCcJkpZHubHuJVk1dqgKNQ3gBh09fiyekL//1n
CDgpFNrTsxaY77O7jCvuUFtvw25EZSkjtksrgswQSSeXWJ7bZxgJZ7QBQW+G6Gnd
fso=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:59 2025 by rpki-client