Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yf4KRRjJNSbBAPBjNJBUKUVyQOE.roa
File: yf4KRRjJNSbBAPBjNJBUKUVyQOE.roa (raw, json)
Hash identifier: iO45u491PfQzuzkplMZ0e+kHwHNreEcBmCWjLjJz+is=
Subject key identifier: C9:FE:0A:45:18:C9:35:26:C1:00:F0:63:34:90:54:29:45:72:40:E1
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190185A12180598279C15FC908348F336E0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yf4KRRjJNSbBAPBjNJBUKUVyQOE.roa
Signing time: Fri 14 Jun 2024 20:04:34 +0000
ROA not before: Fri 14 Jun 2024 20:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:1859:da59/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 14 Jun 2024 20:11:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:18:5a:12:18:05:98:27:9c:15:fc:90:83:48:f3:36:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 14 20:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9fe0a4518c93526c100f06334905429457240e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:48:57:15:c8:9c:b8:c4:a7:fe:55:ec:dc:f0:
be:1c:d1:1f:42:05:75:54:92:9a:9f:fc:b2:99:45:
1d:0c:5f:9d:ac:a4:3d:f2:c6:8b:c0:e3:2d:08:50:
cb:c5:b5:6b:76:b6:e1:05:eb:37:14:fa:ce:78:76:
eb:ce:8b:fe:e9:48:4d:2a:ea:51:74:80:02:0a:5f:
2a:83:dd:e1:29:4a:cc:ec:76:80:e4:18:70:d3:90:
93:87:c7:f6:bf:cf:25:f0:ee:0b:08:5a:ee:01:50:
21:6c:79:c8:4f:36:94:15:59:3f:b0:a9:10:91:5b:
a7:d1:3f:31:b4:4a:8f:d9:d5:e1:19:52:e1:14:e2:
34:9f:c9:73:6e:26:8f:12:e7:58:f8:fd:18:b4:20:
5e:1f:bb:57:a2:4d:6f:7c:ae:91:ad:b5:f7:60:a6:
f1:55:b5:b0:2c:a0:d6:35:34:9a:0f:38:47:cc:7e:
64:eb:f9:f6:d8:7d:2e:19:77:72:ec:3c:27:7c:13:
f7:21:d1:8f:53:a5:38:09:d8:37:29:f1:a5:54:55:
c7:c0:b0:e0:77:3d:f3:d7:40:6d:c6:a2:2e:cd:93:
db:1a:38:e6:01:53:db:ef:27:69:f9:c3:27:d3:32:
35:96:fe:1c:76:52:93:94:0e:e8:5f:20:92:92:5a:
5b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:FE:0A:45:18:C9:35:26:C1:00:F0:63:34:90:54:29:45:72:40:E1
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yf4KRRjJNSbBAPBjNJBUKUVyQOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4a:d1:2f:ef:b3:29:5c:82:67:e7:db:8d:3b:54:61:d9:04:74:
cb:25:5b:80:e7:23:22:b1:22:37:a3:de:21:37:e0:e2:ec:69:
cd:71:50:9b:74:e4:9e:1b:ab:04:e4:ca:a2:a5:f7:0c:1c:0b:
62:76:4b:07:eb:a4:75:5e:c1:26:48:74:a0:c0:64:49:0a:e8:
ff:d6:8a:9a:d8:00:35:98:15:30:ab:a7:99:c7:27:f6:71:3d:
e3:08:d6:1d:4b:b8:0f:28:60:90:13:ea:1f:35:57:c8:3a:60:
cd:43:37:fc:c6:25:1d:95:b1:71:5b:7e:07:f7:a4:7e:3d:2c:
3c:e2:1d:84:fb:b8:ec:87:58:a9:38:91:64:60:4e:92:3e:89:
cc:09:27:e3:cd:76:53:37:3a:a3:14:5f:7a:41:1e:56:1e:9a:
3b:fc:c6:50:f3:23:89:b1:2a:ce:c0:82:a3:a4:b6:87:33:a5:
e6:7e:b0:02:ca:7b:4d:ba:6a:a6:04:d1:bc:79:97:05:ba:f4:
da:a5:be:4c:8e:a4:ba:e4:02:ad:97:78:5a:e3:5f:8c:29:a3:
5e:e5:b3:be:9c:db:01:05:8e:36:9a:45:f8:1b:11:da:94:50:
6e:ef:ff:8a:a2:d5:d9:5d:ad:df:35:f4:a4:0a:25:70:6d:32:
a8:07:f9:0b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAYWhIYBZgnnBX8kINI8zbgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE0MjAwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWZlMGE0NTE4YzkzNTI2YzEwMGYwNjMzNDkwNTQyOTQ1NzI0MGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkhXFcicuMSn/lXs3PC+HNEfQgV1
VJKan/yymUUdDF+drKQ98saLwOMtCFDLxbVrdrbhBes3FPrOeHbrzov+6UhNKupR
dIACCl8qg93hKUrM7HaA5Bhw05CTh8f2v88l8O4LCFruAVAhbHnITzaUFVk/sKkQ
kVun0T8xtEqP2dXhGVLhFOI0n8lzbiaPEudY+P0YtCBeH7tXok1vfK6RrbX3YKbx
VbWwLKDWNTSaDzhHzH5k6/n22H0uGXdy7DwnfBP3IdGPU6U4Cdg3KfGlVFXHwLDg
dz3z10BtxqIuzZPbGjjmAVPb7ydp+cMn0zI1lv4cdlKTlA7oXyCSklpbdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMn+CkUYyTUmwQDwYzSQVClFckDhMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveWY0S1JSakpOU2JCQVBCak5KQlVLVVZ5UU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAErRL++zKVyCZ+fbjTtU
YdkEdMslW4DnIyKxIjej3iE34OLsac1xUJt05J4bqwTkyqKl9wwcC2J2SwfrpHVe
wSZIdKDAZEkK6P/WiprYADWYFTCrp5nHJ/ZxPeMI1h1LuA8oYJAT6h81V8g6YM1D
N/zGJR2VsXFbfgf3pH49LDziHYT7uOyHWKk4kWRgTpI+icwJJ+PNdlM3OqMUX3pB
HlYemjv8xlDzI4mxKs7AgqOktoczpeZ+sALKe026aqYE0bx5lwW69NqlvkyOpLrk
Aq2XeFrjX4wpo17ls76c2wEFjjaaRfgbEdqUUG7v/4qi1dldrd819KQKJXBtMqgH
+Qs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:49 2025 by rpki-client