Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0n6FvhPeVl9pzHNO-mka68xNDTU.roa
File: 0n6FvhPeVl9pzHNO-mka68xNDTU.roa (raw, json)
Hash identifier: cbJp1tXxEL+YVrH1+JMDBbnED2MljIFJ4phme3lULIw=
Subject key identifier: D2:7E:85:BE:13:DE:56:5F:69:CC:73:4E:FA:69:1A:EB:CC:4D:0D:35
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191BB72FA702AB490A4A7878D25BABC1C8A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0n6FvhPeVl9pzHNO-mka68xNDTU.roa
Signing time: Wed 04 Sep 2024 05:12:40 +0000
ROA not before: Wed 04 Sep 2024 05:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 04 Sep 2024 06:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bb:72:fa:70:2a:b4:90:a4:a7:87:8d:25:ba:bc:1c:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 4 05:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d27e85be13de565f69cc734efa691aebcc4d0d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:eb:d0:ee:b4:81:db:91:4a:c0:04:7a:9e:ec:
e0:63:39:37:bc:9a:27:c1:20:92:75:49:53:75:41:
56:a8:20:68:5a:66:1d:bf:73:db:ba:aa:fb:a7:d2:
c8:45:ff:b5:3e:5f:d1:be:7c:e3:78:27:10:08:f1:
9f:e7:57:1b:df:e5:6b:a2:03:0c:69:90:bc:79:b1:
e8:24:36:24:8b:34:36:20:85:41:f7:8c:8e:8a:88:
2c:95:81:25:21:b0:ec:92:9d:44:5c:8a:0e:52:02:
a5:07:3e:75:f5:cd:7e:0b:46:36:ad:7e:86:0b:95:
e8:b1:c1:70:0d:86:14:c7:51:56:6f:0d:e2:3d:e0:
3c:57:c2:09:52:a3:61:cb:be:7d:59:aa:02:53:3e:
4d:4d:16:e9:ad:84:f4:61:67:cc:48:76:17:50:11:
85:6a:e8:55:b0:9b:7f:4d:85:aa:df:fa:4e:08:7e:
dc:32:04:5c:b7:6b:69:4e:bf:fd:95:4f:aa:4a:16:
9b:01:7b:75:58:c2:58:79:c2:ae:3b:06:bb:64:7b:
d8:66:76:c4:6f:5b:a0:8e:bd:d4:5f:1e:59:91:aa:
37:ad:87:a2:f9:ec:66:8c:fa:b9:7b:99:b4:95:fe:
da:06:b5:e6:d2:a2:43:01:18:ea:12:85:87:b9:aa:
a0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:7E:85:BE:13:DE:56:5F:69:CC:73:4E:FA:69:1A:EB:CC:4D:0D:35
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0n6FvhPeVl9pzHNO-mka68xNDTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
06:d0:99:a7:fe:e3:9a:ee:b0:0e:cf:c3:e7:ad:5d:e2:c8:5b:
41:ac:5c:96:ac:b1:c1:e4:7d:a8:ed:1d:55:2b:c5:d1:8f:c9:
eb:32:4d:53:8a:89:a6:fc:7a:65:07:8a:d1:f2:bc:7e:75:ee:
3d:a6:5c:7e:0c:f0:31:ef:18:c3:62:72:47:df:2b:bc:53:ac:
c4:d2:c6:62:04:9f:70:ee:b3:b6:9d:a7:a0:d9:28:3e:62:4d:
b4:e0:4d:5a:db:24:99:ab:8a:e1:ae:f5:f3:26:ef:0a:5f:09:
c6:1e:37:f9:92:b8:c0:8d:bc:7d:be:fe:22:af:0f:4c:7f:79:
a6:32:b1:65:36:42:38:b2:9d:f5:53:54:03:82:23:cd:d0:99:
c3:7b:9e:0d:e6:c8:64:ed:9e:5e:b0:38:46:a8:7a:62:cd:34:
a9:18:3b:b4:f6:e7:38:2c:a5:f6:b0:8f:1a:fb:77:01:46:ec:
9c:fe:ba:e7:16:4d:74:cf:2d:05:04:b6:20:82:4d:69:b9:81:
0a:65:63:2d:2c:37:83:fb:7d:8b:61:1c:5d:87:eb:b9:03:02:
31:24:9f:53:ad:fd:2f:ed:7b:14:31:1c:8b:29:00:2f:95:88:
0e:e0:04:b2:9a:bb:6a:1f:e8:af:92:fb:0d:e9:48:df:e5:81:
ad:d2:ba:3b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZG7cvpwKrSQpKeHjSW6vByKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA0MDUxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjdlODViZTEzZGU1NjVmNjljYzczNGVmYTY5MWFlYmNjNGQwZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApevQ7rSB25FKwAR6nuzgYzk3vJon
wSCSdUlTdUFWqCBoWmYdv3Pbuqr7p9LIRf+1Pl/RvnzjeCcQCPGf51cb3+VrogMM
aZC8ebHoJDYkizQ2IIVB94yOiogslYElIbDskp1EXIoOUgKlBz519c1+C0Y2rX6G
C5XoscFwDYYUx1FWbw3iPeA8V8IJUqNhy759WaoCUz5NTRbprYT0YWfMSHYXUBGF
auhVsJt/TYWq3/pOCH7cMgRct2tpTr/9lU+qShabAXt1WMJYecKuOwa7ZHvYZnbE
b1ugjr3UXx5Zkao3rYei+exmjPq5e5m0lf7aBrXm0qJDARjqEoWHuaqg1QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNJ+hb4T3lZfacxzTvppGuvMTQ01MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMG42RnZoUGVWbDlwekhOTy1ta2E2OHhORFRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEABtCZp/7jmu6wDs/D561d4shb
QaxclqyxweR9qO0dVSvF0Y/J6zJNU4qJpvx6ZQeK0fK8fnXuPaZcfgzwMe8Yw2Jy
R98rvFOsxNLGYgSfcO6ztp2noNkoPmJNtOBNWtskmauK4a718ybvCl8Jxh43+ZK4
wI28fb7+Iq8PTH95pjKxZTZCOLKd9VNUA4IjzdCZw3ueDebIZO2eXrA4Rqh6Ys00
qRg7tPbnOCyl9rCPGvt3AUbsnP665xZNdM8tBQS2IIJNabmBCmVjLSw3g/t9i2Ec
XYfruQMCMSSfU639L+17FDEciykAL5WIDuAEspq7ah/or5L7DelI3+WBrdK6Ow==
-----END CERTIFICATE-----
Generated at Wed Sep 4 07:35:30 2024 by rpki-client on console-fra.rpki-client.org