Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zwKu_PtLISu8OkOx5C4exAw7o1o.roa
File: zwKu_PtLISu8OkOx5C4exAw7o1o.roa (raw, json)
Hash identifier: KTBqHAQ4zIxPtvreyvhaxgkUm3olnsEm2zg/O76zaVY=
Subject key identifier: CF:02:AE:FC:FB:4B:21:2B:BC:3A:43:B1:E4:2E:1E:C4:0C:3B:A3:5A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01906E69145D7C6380D5A12B03E956AEE508
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zwKu_PtLISu8OkOx5C4exAw7o1o.roa
Signing time: Mon 01 Jul 2024 13:08:18 +0000
ROA not before: Mon 01 Jul 2024 13:08:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jul 2024 14:05:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6e:69:14:5d:7c:63:80:d5:a1:2b:03:e9:56:ae:e5:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 1 13:08:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf02aefcfb4b212bbc3a43b1e42e1ec40c3ba35a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:7e:eb:a4:b3:6b:54:e0:55:8e:53:99:76:ea:
56:9e:ba:bb:34:73:f4:7f:45:17:72:ab:63:9b:38:
c3:1c:10:4b:ba:d0:c4:8f:89:20:74:fe:93:27:83:
bf:ae:a6:89:5c:a1:78:17:4b:1a:4e:11:94:55:69:
a8:43:58:85:85:85:ff:62:c5:54:a8:53:c7:b4:52:
14:67:dd:d4:94:0d:df:fd:ed:9c:5b:12:c1:18:13:
33:d1:d2:c4:30:f3:e1:02:63:fe:6e:2b:f2:7c:b2:
2c:b5:63:b4:6c:f2:55:f8:91:73:c3:8c:17:f9:88:
17:65:9a:eb:2c:23:48:33:93:95:45:3c:98:b4:a3:
54:dc:18:9f:7a:32:d9:af:17:26:dc:9d:7a:b3:fa:
c3:d0:b1:ee:c4:10:19:13:f4:c3:75:2f:33:7c:36:
64:63:bb:db:ee:7c:3f:61:8c:02:44:11:f1:3e:1d:
df:ab:4c:c5:cb:91:8b:0f:ab:82:a3:7c:80:4c:4b:
a1:86:fd:e3:14:d8:17:4d:2a:d9:47:5c:4f:f7:e9:
64:dd:51:a2:92:2b:3b:19:fe:70:44:9c:55:2d:d4:
7e:dd:18:04:6a:a8:08:e9:3f:a2:7b:bd:c9:16:c7:
a9:3e:97:b8:ee:ec:bc:d4:6a:a4:4f:42:81:5c:3a:
42:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:02:AE:FC:FB:4B:21:2B:BC:3A:43:B1:E4:2E:1E:C4:0C:3B:A3:5A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zwKu_PtLISu8OkOx5C4exAw7o1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
11:f5:31:db:1a:15:cf:4e:0a:81:6a:26:4c:7c:55:e4:7b:27:
b0:81:b0:ac:9a:8b:98:4d:df:a1:a9:e1:b3:7d:0c:9a:f3:29:
81:e2:25:e4:32:ab:b3:c0:27:4e:ed:94:20:41:64:21:f0:d0:
58:6f:ae:67:d8:28:e4:46:16:55:d1:90:d1:75:0d:60:77:20:
c5:4f:bd:d8:b2:a7:59:8c:68:08:43:ab:42:0c:48:c8:01:4d:
3f:dd:19:b3:b7:1b:d9:12:00:3b:d0:0f:ac:f1:eb:e9:ec:0c:
14:78:fa:ba:f7:90:61:f4:c3:c0:54:50:12:01:f4:73:45:3d:
62:be:e9:9f:58:8a:07:38:c0:19:a0:cc:8e:f6:4b:67:19:64:
f4:88:0c:2d:34:46:43:16:d4:51:05:11:b3:c4:1f:ba:07:17:
ff:86:ae:86:dc:6e:ae:a0:2f:77:67:d1:32:0d:be:9c:12:94:
66:a5:95:d3:e8:4f:83:35:42:8f:c0:a1:bc:22:09:28:e3:fc:
8d:cf:1f:80:98:f8:21:7d:cf:d3:ff:b9:fe:71:93:17:45:0f:
5b:c4:58:f5:12:10:fb:33:7f:0c:fb:6b:03:c0:11:8c:86:0b:
d7:19:d9:3d:39:4f:3f:e3:0d:07:27:8a:98:5e:47:6d:c7:dc:
f3:97:25:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBuaRRdfGOA1aErA+lWruUIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAxMTMwODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjAyYWVmY2ZiNGIyMTJiYmMzYTQzYjFlNDJlMWVjNDBjM2JhMzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA537rpLNrVOBVjlOZdupWnrq7NHP0
f0UXcqtjmzjDHBBLutDEj4kgdP6TJ4O/rqaJXKF4F0saThGUVWmoQ1iFhYX/YsVU
qFPHtFIUZ93UlA3f/e2cWxLBGBMz0dLEMPPhAmP+bivyfLIstWO0bPJV+JFzw4wX
+YgXZZrrLCNIM5OVRTyYtKNU3BifejLZrxcm3J16s/rD0LHuxBAZE/TDdS8zfDZk
Y7vb7nw/YYwCRBHxPh3fq0zFy5GLD6uCo3yATEuhhv3jFNgXTSrZR1xP9+lk3VGi
kis7Gf5wRJxVLdR+3RgEaqgI6T+ie73JFsepPpe47uy81GqkT0KBXDpCmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM8Crvz7SyErvDpDseQuHsQMO6NaMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvendLdV9QdExJU3U4T2tPeDVDNGV4QXc3bzFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABH1MdsaFc9OCoFqJkx8
VeR7J7CBsKyai5hN36Gp4bN9DJrzKYHiJeQyq7PAJ07tlCBBZCHw0FhvrmfYKORG
FlXRkNF1DWB3IMVPvdiyp1mMaAhDq0IMSMgBTT/dGbO3G9kSADvQD6zx6+nsDBR4
+rr3kGH0w8BUUBIB9HNFPWK+6Z9Yigc4wBmgzI72S2cZZPSIDC00RkMW1FEFEbPE
H7oHF/+Grobcbq6gL3dn0TINvpwSlGalldPoT4M1Qo/AobwiCSjj/I3PH4CY+CF9
z9P/uf5xkxdFD1vEWPUSEPszfwz7awPAEYyGC9cZ2T05Tz/jDQcnipheR23H3POX
JfQ=
-----END CERTIFICATE-----
Generated at Mon Jul 1 16:21:27 2024 by rpki-client on console-ams.rpki-client.org