Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/z6KlxdAJA7K9jH-mbLTBNwNdnOI.roa
File: z6KlxdAJA7K9jH-mbLTBNwNdnOI.roa (raw, json)
Hash identifier: w8NNtGIAaRzwoP+jodHTGkelhFyQ6dgUQu7ItaFkjgo=
Subject key identifier: CF:A2:A5:C5:D0:09:03:B2:BD:8C:7F:A6:6C:B4:C1:37:03:5D:9C:E2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FCC68BFF8C1CC61D50F4C385F56192D8F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/z6KlxdAJA7K9jH-mbLTBNwNdnOI.roa
Signing time: Fri 31 May 2024 02:09:27 +0000
ROA not before: Fri 31 May 2024 02:09:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 31 May 2024 05:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:cc:68:bf:f8:c1:cc:61:d5:0f:4c:38:5f:56:19:2d:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 31 02:09:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfa2a5c5d00903b2bd8c7fa66cb4c137035d9ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:45:17:36:52:b9:90:72:65:bc:71:54:00:d4:
13:cb:34:41:dd:9c:a5:df:3d:19:cb:0f:57:5a:ce:
94:56:96:00:8b:f5:1a:37:20:f3:e6:7a:9f:c1:dd:
21:72:be:87:d0:a4:41:43:81:dc:b1:41:5e:17:5d:
6d:2a:b5:a9:2c:4d:95:41:5b:bd:80:9c:09:cb:a5:
84:76:58:f4:99:e6:00:46:5f:be:1c:d5:a9:f7:22:
6b:ae:b9:26:d1:f3:37:7b:a7:7b:d4:33:8c:92:53:
5d:23:66:b8:45:7f:99:2d:07:e9:d0:79:cc:76:95:
25:c3:6c:00:71:c3:1b:a3:16:0e:08:a7:f2:0b:49:
e7:d1:89:00:47:00:55:2e:a5:ee:0a:14:34:36:83:
55:ec:ba:94:d1:f9:49:d1:e4:42:89:66:68:b7:40:
2d:c5:c8:5a:2f:e2:f3:b8:ff:11:35:73:62:fe:ab:
a3:88:a8:87:d6:cf:a0:11:02:36:7e:91:c0:e0:84:
5a:dd:cb:7a:5b:8a:b6:c9:01:76:0b:1c:e8:b6:c6:
ec:11:ac:24:fe:dc:26:3d:15:41:f1:4c:9c:e6:f6:
cf:18:96:85:a2:9c:17:25:e8:c8:fe:dc:88:4b:62:
c3:92:dc:de:8b:06:f4:9e:4f:7c:8b:b1:b5:58:4f:
b0:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:A2:A5:C5:D0:09:03:B2:BD:8C:7F:A6:6C:B4:C1:37:03:5D:9C:E2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/z6KlxdAJA7K9jH-mbLTBNwNdnOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3c:7a:cc:57:3b:79:ba:a0:49:16:bb:c3:90:2b:fd:92:ff:b8:
27:8d:50:0a:19:96:63:9e:03:7a:79:0c:37:dc:2d:2c:df:a4:
51:73:22:7b:67:c3:0d:75:c8:4f:ef:c6:6c:42:53:2c:b1:36:
36:8f:21:ca:6d:b3:00:5a:44:56:54:3f:ab:0b:b8:5a:b1:42:
b4:e9:14:9d:46:22:80:5d:2c:11:21:63:12:cf:29:48:52:06:
2d:02:c0:05:cd:e8:a6:b2:12:bd:da:a4:b4:44:72:72:f9:31:
1b:20:7c:30:34:22:ac:63:20:87:5f:9c:bc:12:69:f4:24:0d:
da:2a:da:00:e3:18:44:58:64:73:62:43:3c:be:07:f4:08:90:
83:ff:49:a1:3b:84:ef:86:9a:43:28:12:fa:ca:9c:78:83:52:
37:74:0c:90:d4:ef:68:a2:c6:4f:8d:88:e1:47:dd:32:d6:82:
34:f8:37:ee:4b:d1:85:fb:e6:3d:2d:f4:fc:58:ad:46:ca:65:
b3:4a:eb:52:45:01:4e:d2:b7:66:bf:ba:83:20:27:05:ed:15:
56:cf:00:fc:14:3a:28:82:7e:c8:ee:12:82:30:a7:4e:32:4a:
9b:c5:49:de:55:dd:14:f8:6f:e4:03:3f:78:49:ef:db:75:07:
bc:08:d2:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/MaL/4wcxh1Q9MOF9WGS2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTMxMDIwOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmEyYTVjNWQwMDkwM2IyYmQ4YzdmYTY2Y2I0YzEzNzAzNWQ5Y2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0UXNlK5kHJlvHFUANQTyzRB3Zyl
3z0Zyw9XWs6UVpYAi/UaNyDz5nqfwd0hcr6H0KRBQ4HcsUFeF11tKrWpLE2VQVu9
gJwJy6WEdlj0meYARl++HNWp9yJrrrkm0fM3e6d71DOMklNdI2a4RX+ZLQfp0HnM
dpUlw2wAccMboxYOCKfyC0nn0YkARwBVLqXuChQ0NoNV7LqU0flJ0eRCiWZot0At
xchaL+LzuP8RNXNi/qujiKiH1s+gEQI2fpHA4IRa3ct6W4q2yQF2CxzotsbsEawk
/twmPRVB8Uyc5vbPGJaFopwXJejI/tyIS2LDktzeiwb0nk98i7G1WE+wYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM+ipcXQCQOyvYx/pmy0wTcDXZziMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvejZLbHhkQUpBN0s5akgtbWJMVEJOd05kbk9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADx6zFc7ebqgSRa7w5Ar
/ZL/uCeNUAoZlmOeA3p5DDfcLSzfpFFzIntnww11yE/vxmxCUyyxNjaPIcptswBa
RFZUP6sLuFqxQrTpFJ1GIoBdLBEhYxLPKUhSBi0CwAXN6KayEr3apLREcnL5MRsg
fDA0IqxjIIdfnLwSafQkDdoq2gDjGERYZHNiQzy+B/QIkIP/SaE7hO+GmkMoEvrK
nHiDUjd0DJDU72iixk+NiOFH3TLWgjT4N+5L0YX75j0t9PxYrUbKZbNK61JFAU7S
t2a/uoMgJwXtFVbPAPwUOiiCfsjuEoIwp04ySpvFSd5V3RT4b+QDP3hJ79t1B7wI
0mI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:15 2024 by rpki-client on console-ams.rpki-client.org