Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mD-lxaTdTbMSQ9j_UDAcKozn7PQ.roa
File: mD-lxaTdTbMSQ9j_UDAcKozn7PQ.roa (raw, json)
Hash identifier: 9PSdMXXx1HaH4GBKpm/xA+E14weFveBlWoAdUpxLFHQ=
Subject key identifier: 98:3F:A5:C5:A4:DD:4D:B3:12:43:D8:FF:50:30:1C:2A:8C:E7:EC:F4
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01903935F107A142016906D919F30D7C2E84
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mD-lxaTdTbMSQ9j_UDAcKozn7PQ.roa
Signing time: Fri 21 Jun 2024 05:12:34 +0000
ROA not before: Fri 21 Jun 2024 05:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Jun 2024 06:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:39:35:f1:07:a1:42:01:69:06:d9:19:f3:0d:7c:2e:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 21 05:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=983fa5c5a4dd4db31243d8ff50301c2a8ce7ecf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:0b:b8:6c:d1:14:48:d8:0d:ed:cb:94:67:c5:
05:f4:2a:84:2d:ab:96:e5:af:7c:38:27:6a:1d:42:
c6:c3:18:9a:eb:ec:96:2d:c0:d6:f8:7d:f3:c5:89:
bf:47:51:14:43:81:a5:fe:9b:d4:f0:c6:57:c0:4d:
e9:d8:5f:12:40:4c:57:8f:21:ec:eb:9f:2f:12:7a:
cb:3f:09:84:af:77:a1:df:36:ec:a1:bf:4f:56:13:
68:2f:22:a1:38:6c:6a:df:a5:cc:c1:9d:cf:41:39:
d9:82:72:fe:43:99:9c:5e:5b:9f:66:2f:24:2d:20:
ed:f4:e1:e1:e5:8b:77:82:de:f1:bc:8c:24:70:55:
80:1b:70:79:08:e9:ef:1e:d5:3a:e5:aa:17:94:a0:
36:c8:10:45:ae:28:35:7e:57:3b:44:6c:fd:55:0b:
75:5b:b4:17:3c:57:77:eb:8a:3c:6a:ea:26:76:7f:
b7:8e:1d:9d:d9:d3:8c:35:c0:f2:69:e5:58:7f:5f:
dc:ec:22:1c:5b:77:f9:4d:a1:78:95:9d:85:a0:58:
62:75:7e:11:05:82:b8:38:48:b4:bc:fb:de:8e:4b:
9d:d6:40:9f:db:b8:71:36:1a:e0:8c:f7:c9:12:f4:
1b:f6:67:eb:44:f4:53:55:6d:bc:5b:df:33:1c:50:
7e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:3F:A5:C5:A4:DD:4D:B3:12:43:D8:FF:50:30:1C:2A:8C:E7:EC:F4
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mD-lxaTdTbMSQ9j_UDAcKozn7PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:45:b1:3d:a6:35:1e:40:2d:e9:07:85:f0:89:4e:68:be:8a:
a9:48:83:53:9b:5b:e0:90:1e:50:f9:f7:bd:4b:ee:e4:14:a6:
92:9b:8d:20:92:f0:d5:c1:a1:06:8d:00:1c:c4:eb:fa:74:41:
e6:33:3f:42:22:4c:e4:f0:fa:8a:cc:fb:fc:9d:24:fb:84:f5:
7a:ea:1d:17:59:e5:12:9e:95:62:b0:33:42:94:38:f7:3e:06:
ef:e4:60:2b:dd:b8:68:84:e5:ef:c7:5f:7f:c3:d0:b6:12:7b:
4f:ca:c6:f7:e0:ee:0e:f0:e3:ee:59:cc:c5:a6:fe:aa:dd:6b:
be:dd:34:7f:58:56:4b:bb:a3:d3:3a:58:e6:b7:75:da:4f:cf:
6d:1b:ce:b8:c8:3d:3b:3c:7d:15:cc:ad:b2:a6:11:49:69:5b:
1a:0c:a4:bc:b3:9d:18:52:73:de:61:5b:e8:fc:78:4b:fc:73:
3d:0c:f6:e6:10:69:40:64:cf:70:66:f5:19:1e:51:e3:71:d3:
81:9d:2d:c8:bc:80:a3:4b:5c:f3:48:67:23:22:c2:7f:c9:a2:
e2:02:58:35:d5:cf:3f:3a:8a:c1:4c:74:25:27:7a:a1:5b:f4:
88:34:b0:de:b1:b0:7d:ad:f6:0e:8d:1b:57:79:d9:28:97:9b:
91:9e:3a:ce
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZA5NfEHoUIBaQbZGfMNfC6EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIxMDUxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODNmYTVjNWE0ZGQ0ZGIzMTI0M2Q4ZmY1MDMwMWMyYThjZTdlY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gu4bNEUSNgN7cuUZ8UF9CqELauW
5a98OCdqHULGwxia6+yWLcDW+H3zxYm/R1EUQ4Gl/pvU8MZXwE3p2F8SQExXjyHs
658vEnrLPwmEr3eh3zbsob9PVhNoLyKhOGxq36XMwZ3PQTnZgnL+Q5mcXlufZi8k
LSDt9OHh5Yt3gt7xvIwkcFWAG3B5COnvHtU65aoXlKA2yBBFrig1flc7RGz9VQt1
W7QXPFd364o8auomdn+3jh2d2dOMNcDyaeVYf1/c7CIcW3f5TaF4lZ2FoFhidX4R
BYK4OEi0vPvejkud1kCf27hxNhrgjPfJEvQb9mfrRPRTVW28W98zHFB+wQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJg/pcWk3U2zEkPY/1AwHCqM5+z0MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbUQtbHhhVGRUYk1TUTlqX1VEQWNLb3puN1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIxFsT2mNR5ALekHhfCJ
Tmi+iqlIg1ObW+CQHlD5971L7uQUppKbjSCS8NXBoQaNABzE6/p0QeYzP0IiTOTw
+orM+/ydJPuE9XrqHRdZ5RKelWKwM0KUOPc+Bu/kYCvduGiE5e/HX3/D0LYSe0/K
xvfg7g7w4+5ZzMWm/qrda77dNH9YVku7o9M6WOa3ddpPz20bzrjIPTs8fRXMrbKm
EUlpWxoMpLyznRhSc95hW+j8eEv8cz0M9uYQaUBkz3Bm9RkeUeNx04GdLci8gKNL
XPNIZyMiwn/JouICWDXVzz86isFMdCUneqFb9Ig0sN6xsH2t9g6NG1d52SiXm5Ge
Os4=
-----END CERTIFICATE-----
Generated at Fri Jun 21 13:52:43 2024 by rpki-client on console.sobornost.net