Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0manENGzpta5iA2Pv-voA3oserQ.roa
File: 0manENGzpta5iA2Pv-voA3oserQ.roa (raw, json)
Hash identifier: pt8mvgGt9qzsTwzmcHwaEo2p9INsbjhMpzU0yCn6IiE=
Subject key identifier: D2:66:A7:10:D1:B3:A6:D6:B9:88:0D:8F:BF:EB:E8:03:7A:2C:7A:B4
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019111B697D7D30736897F9A7323846ED562
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0manENGzpta5iA2Pv-voA3oserQ.roa
Signing time: Fri 02 Aug 2024 06:11:04 +0000
ROA not before: Fri 02 Aug 2024 06:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 02 Aug 2024 07:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:11:b6:97:d7:d3:07:36:89:7f:9a:73:23:84:6e:d5:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 2 06:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d266a710d1b3a6d6b9880d8fbfebe8037a2c7ab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b1:7f:7a:ca:58:a3:8f:65:4e:67:fa:6f:06:
f1:cd:1d:b8:3c:9a:fb:9e:28:3c:1e:f3:60:53:a8:
4d:b7:0c:98:7a:6d:f4:48:9d:a3:84:ba:f1:3a:86:
6b:16:b6:1e:ec:34:4b:93:24:b9:0a:b8:14:e9:3c:
90:c5:ae:15:06:cc:5b:cf:1c:5b:25:54:10:4b:7a:
33:0f:db:85:2a:97:25:72:97:79:8e:0f:9c:c2:d9:
0d:b1:e3:1f:95:c9:88:31:f1:5b:c3:5f:d1:fb:a6:
3d:85:04:d1:a5:2b:31:55:49:86:f4:7c:e7:27:f3:
d8:7e:a3:95:fe:7d:a8:d4:fc:bd:ac:52:e4:6c:6e:
02:55:56:3a:5a:e9:5d:00:9d:0f:69:5f:1d:7d:9f:
66:1f:71:32:b1:bf:21:9c:80:aa:28:9a:75:34:8c:
cc:8c:2d:34:2f:77:ab:00:a5:ad:d0:27:f6:68:73:
2d:ec:a7:20:4b:4b:82:d3:90:4b:d8:3c:bd:48:8f:
66:33:25:20:6d:51:7b:d9:5d:eb:d4:8c:bf:da:73:
56:30:f4:9b:0e:5a:0d:4c:18:a7:40:db:26:22:76:
8d:c0:e7:41:dd:61:08:27:bd:52:f9:b1:80:4e:00:
97:85:d6:1d:89:b9:67:df:b0:02:01:a5:a3:47:5f:
1a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:66:A7:10:D1:B3:A6:D6:B9:88:0D:8F:BF:EB:E8:03:7A:2C:7A:B4
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0manENGzpta5iA2Pv-voA3oserQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
39:80:07:ef:4c:d2:58:96:f8:db:1c:e9:2e:ce:51:5f:08:a0:
b2:3e:87:a3:42:5e:81:ce:99:cb:82:20:ce:54:eb:f6:a3:ac:
0d:e6:da:b3:26:e2:fc:a4:c8:31:b9:96:03:f6:bf:87:15:4b:
cf:6d:35:55:04:8f:97:82:52:38:08:b8:68:c6:bc:92:f5:02:
28:8b:a1:c1:b4:52:60:de:69:55:ea:77:0d:c7:66:f4:a2:f8:
0b:0c:eb:dd:73:0e:3b:7f:ea:3c:02:45:31:48:8b:33:0a:cd:
c2:aa:18:54:84:f4:f5:46:c5:18:b2:15:9e:c6:59:dd:92:85:
02:e6:77:1d:8a:9c:d1:f3:a9:1d:0e:d9:a5:31:04:18:41:40:
4d:f1:85:c7:a3:ad:76:a1:e2:8d:ea:cd:4b:27:ab:a2:65:c8:
ef:c2:f4:e4:4f:b2:55:b8:2b:6c:8b:f2:fc:06:ff:bd:e1:7c:
7a:8a:bb:a4:d0:c2:71:c5:cc:56:7a:04:8e:e4:94:f7:34:70:
6b:ae:c1:38:44:88:43:c2:99:ec:0b:dc:33:48:b4:58:05:0b:
9f:05:f2:a8:f4:ff:60:c6:d2:bf:3c:5c:75:f0:14:26:2a:4f:
0c:f6:fb:e5:44:11:aa:0e:a4:ee:85:87:47:b9:1e:a2:a1:b9:
94:19:74:1b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZERtpfX0wc2iX+acyOEbtViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODAyMDYxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjY2YTcxMGQxYjNhNmQ2Yjk4ODBkOGZiZmViZTgwMzdhMmM3YWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprF/espYo49lTmf6bwbxzR24PJr7
nig8HvNgU6hNtwyYem30SJ2jhLrxOoZrFrYe7DRLkyS5CrgU6TyQxa4VBsxbzxxb
JVQQS3ozD9uFKpclcpd5jg+cwtkNseMflcmIMfFbw1/R+6Y9hQTRpSsxVUmG9Hzn
J/PYfqOV/n2o1Py9rFLkbG4CVVY6WuldAJ0PaV8dfZ9mH3Eysb8hnICqKJp1NIzM
jC00L3erAKWt0Cf2aHMt7KcgS0uC05BL2Dy9SI9mMyUgbVF72V3r1Iy/2nNWMPSb
DloNTBinQNsmInaNwOdB3WEIJ71S+bGATgCXhdYdibln37ACAaWjR18a8wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNJmpxDRs6bWuYgNj7/r6AN6LHq0MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMG1hbkVOR3pwdGE1aUEyUHYtdm9BM29zZXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAOYAH70zSWJb42xzpLs5RXwig
sj6Ho0Jegc6Zy4IgzlTr9qOsDebasybi/KTIMbmWA/a/hxVLz201VQSPl4JSOAi4
aMa8kvUCKIuhwbRSYN5pVep3Dcdm9KL4Cwzr3XMOO3/qPAJFMUiLMwrNwqoYVIT0
9UbFGLIVnsZZ3ZKFAuZ3HYqc0fOpHQ7ZpTEEGEFATfGFx6OtdqHijerNSyeromXI
78L05E+yVbgrbIvy/Ab/veF8eoq7pNDCccXMVnoEjuSU9zRwa67BOESIQ8KZ7Avc
M0i0WAULnwXyqPT/YMbSvzxcdfAUJipPDPb75UQRqg6k7oWHR7keoqG5lBl0Gw==
-----END CERTIFICATE-----
Generated at Fri Aug 2 10:00:18 2024 by rpki-client on console-ams.rpki-client.org