Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zcw253xmUNBV5i4aFwPHwPmGrCg.roa
File: zcw253xmUNBV5i4aFwPHwPmGrCg.roa (raw, json)
Hash identifier: 7A75NTENlvIL752ujrrwUcghQ9QdWpl59vV4Q75bWLA=
Subject key identifier: CD:CC:36:E7:7C:66:50:D0:55:E6:2E:1A:17:03:C7:C0:F9:86:AC:28
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019005B56D0F54517DC76E26EDD29D83BC70
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zcw253xmUNBV5i4aFwPHwPmGrCg.roa
Signing time: Tue 11 Jun 2024 05:11:34 +0000
ROA not before: Tue 11 Jun 2024 05:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 11 Jun 2024 06:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:05:b5:6d:0f:54:51:7d:c7:6e:26:ed:d2:9d:83:bc:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 11 05:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdcc36e77c6650d055e62e1a1703c7c0f986ac28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:46:3a:d5:2c:2a:41:5c:89:70:58:4c:51:f3:
c2:9f:6d:1f:95:f1:1d:7c:cb:cf:ea:08:11:0c:5c:
d5:1d:2f:d5:c7:82:aa:4a:c9:b3:7e:57:56:c9:29:
4d:3e:f0:df:e8:9d:80:b7:a8:1e:68:85:2c:27:e1:
66:f4:ce:da:0b:73:16:4d:dd:ce:e4:5e:b1:b7:a8:
ae:9a:1e:af:58:47:5a:ba:44:e0:11:49:3a:60:e2:
19:83:e7:2c:a5:0d:5c:33:e5:d5:9f:a7:69:75:1f:
15:fa:a6:b7:ac:99:25:97:11:84:31:96:40:70:1b:
13:9d:c6:20:fd:a7:c8:36:e0:8b:a6:9f:f3:18:2d:
c0:3a:8c:b6:54:77:0f:32:78:b1:83:20:6a:fd:ee:
d1:88:f9:1a:c2:0d:e6:a8:30:17:35:12:f4:ec:08:
f9:e2:24:2e:24:94:05:bf:52:33:8d:2f:61:f0:05:
99:f4:75:02:9b:d5:f9:ba:26:fb:33:32:4b:d0:04:
41:13:7c:02:13:bc:c2:a7:c8:d9:42:28:25:34:2d:
c9:b0:18:36:5d:3a:23:14:2a:7f:56:b7:d2:eb:c7:
a1:f8:85:98:5f:e6:2c:db:53:dd:da:1a:6a:b4:79:
f4:2d:55:cf:eb:3d:b6:f4:6b:be:cf:4f:71:d0:25:
89:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:CC:36:E7:7C:66:50:D0:55:E6:2E:1A:17:03:C7:C0:F9:86:AC:28
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zcw253xmUNBV5i4aFwPHwPmGrCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5a:3d:f3:24:4a:71:88:50:4d:be:c7:51:06:ea:48:65:07:b8:
9f:b7:8d:41:8d:c7:ce:e5:9d:1a:bc:9f:de:f9:44:1a:30:d0:
2f:96:e5:fd:58:97:3b:99:b7:e1:b4:9a:05:a6:b5:c6:04:e1:
5b:d9:1a:9a:14:67:33:98:59:de:b4:33:2d:2b:9d:e6:02:ca:
fd:9d:0a:5f:80:46:07:85:bd:96:57:59:e8:e3:db:a9:0c:41:
97:42:7e:42:4d:34:44:25:41:59:8e:36:e4:c1:9e:7a:95:5e:
51:c4:e7:38:f3:ae:85:e0:f5:6d:30:91:eb:bc:db:fb:e8:14:
bf:57:54:a0:0a:fb:cc:6d:cb:8c:0b:d0:32:3b:1f:45:3e:d8:
ec:08:ef:9c:59:4f:dd:bb:39:ec:29:3b:62:0f:56:13:ce:8f:
9a:5d:13:9d:a4:35:b9:cd:0f:59:c4:b7:0e:c9:20:c3:8c:19:
de:f1:4f:82:d9:23:f2:9d:9d:85:fc:3b:cc:ef:db:f9:0c:d5:
5b:b8:29:45:30:07:55:33:14:f8:d8:4a:ca:52:c2:e9:9f:41:
c9:b4:6b:70:45:74:20:b2:ad:a2:8b:f5:2c:d5:03:e3:dd:70:
c4:78:3b:79:17:a4:ac:4a:89:d2:e5:1d:70:84:af:86:07:b6:
01:ee:56:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAFtW0PVFF9x24m7dKdg7xwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjExMDUxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGNjMzZlNzdjNjY1MGQwNTVlNjJlMWExNzAzYzdjMGY5ODZhYzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UY61SwqQVyJcFhMUfPCn20flfEd
fMvP6ggRDFzVHS/Vx4KqSsmzfldWySlNPvDf6J2At6geaIUsJ+Fm9M7aC3MWTd3O
5F6xt6iumh6vWEdaukTgEUk6YOIZg+cspQ1cM+XVn6dpdR8V+qa3rJkllxGEMZZA
cBsTncYg/afINuCLpp/zGC3AOoy2VHcPMnixgyBq/e7RiPkawg3mqDAXNRL07Aj5
4iQuJJQFv1IzjS9h8AWZ9HUCm9X5uib7MzJL0ARBE3wCE7zCp8jZQiglNC3JsBg2
XTojFCp/VrfS68eh+IWYX+Ys21Pd2hpqtHn0LVXP6z229Gu+z09x0CWJ4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM3MNud8ZlDQVeYuGhcDx8D5hqwoMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvemN3MjUzeG1VTkJWNWk0YUZ3UEh3UG1HckNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFo98yRKcYhQTb7HUQbq
SGUHuJ+3jUGNx87lnRq8n975RBow0C+W5f1YlzuZt+G0mgWmtcYE4VvZGpoUZzOY
Wd60My0rneYCyv2dCl+ARgeFvZZXWejj26kMQZdCfkJNNEQlQVmONuTBnnqVXlHE
5zjzroXg9W0wkeu82/voFL9XVKAK+8xty4wL0DI7H0U+2OwI75xZT927OewpO2IP
VhPOj5pdE52kNbnND1nEtw7JIMOMGd7xT4LZI/KdnYX8O8zv2/kM1Vu4KUUwB1Uz
FPjYSspSwumfQcm0a3BFdCCyraKL9SzVA+PdcMR4O3kXpKxKidLlHXCEr4YHtgHu
VvY=
-----END CERTIFICATE-----
Generated at Tue Jun 11 06:43:48 2024 by rpki-client on console-fra.rpki-client.org