Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0nr0pl8vKr1v25SmSyDA_fIo24w.roa
File: 0nr0pl8vKr1v25SmSyDA_fIo24w.roa (raw, json)
Hash identifier: aWWZU+DXlWCXttOeij/DEyyZXeo/Xq1XVp3wGVdl3ZU=
Subject key identifier: D2:7A:F4:A6:5F:2F:2A:BD:6F:DB:94:A6:4B:20:C0:FD:F2:28:DB:8C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019192E2CBEFBB50392FFDC6EDF7C3D0B172
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0nr0pl8vKr1v25SmSyDA_fIo24w.roa
Signing time: Tue 27 Aug 2024 08:10:22 +0000
ROA not before: Tue 27 Aug 2024 08:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 27 Aug 2024 09:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:92:e2:cb:ef:bb:50:39:2f:fd:c6:ed:f7:c3:d0:b1:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 27 08:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d27af4a65f2f2abd6fdb94a64b20c0fdf228db8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:27:a9:13:86:72:f3:a2:b4:3a:91:4d:7c:33:
c7:63:7d:4f:4c:ac:db:94:c7:51:95:6c:14:00:57:
ed:13:4f:76:c1:3e:70:3f:ca:0a:47:ff:7c:72:9b:
f6:26:c8:9d:19:f8:a4:bd:cb:b9:da:30:e6:0b:1b:
4a:89:13:3a:61:89:7c:38:15:be:fa:2f:48:1b:91:
87:03:b5:c3:cd:90:d2:c7:1b:f2:2a:1f:54:be:30:
a8:b7:60:7d:91:12:b0:5f:90:c3:ce:58:7f:82:aa:
e2:57:4d:2e:cf:1d:3e:b6:c2:a5:91:0c:b2:42:cb:
31:03:5f:c0:d9:05:dd:74:80:43:36:d6:d2:0f:c6:
f7:6d:1a:7d:26:32:88:1a:24:d7:a2:e0:74:56:dc:
0c:6c:6f:0b:3e:90:88:2e:54:0f:64:51:7e:0e:9a:
37:a4:e7:90:9d:68:75:4f:86:f1:85:36:b1:56:7b:
e0:56:cd:57:55:b7:66:a5:2c:a0:a5:84:c1:e5:cd:
02:be:4e:7b:e8:f2:33:9a:b8:a8:32:07:b9:b0:56:
af:e5:73:c9:bc:5e:02:a5:02:b0:e4:c9:e9:19:c5:
b5:7f:c0:18:bc:f4:41:cb:7c:db:59:54:f5:ea:2c:
69:5c:fb:7e:dc:44:e9:db:b6:2c:35:52:37:03:9c:
75:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:7A:F4:A6:5F:2F:2A:BD:6F:DB:94:A6:4B:20:C0:FD:F2:28:DB:8C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0nr0pl8vKr1v25SmSyDA_fIo24w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
85:fd:e4:2d:29:96:78:68:53:64:00:f7:a1:20:ff:bd:aa:4d:
fb:9b:c4:86:f0:1e:db:10:1a:ff:39:8d:00:52:05:2f:45:38:
2e:e7:26:2e:f4:34:06:ad:c5:6b:bb:db:07:dc:23:14:94:a7:
bf:d7:9f:fd:c3:52:e1:65:5e:af:c2:d1:f4:b9:8c:5b:7e:eb:
22:a4:07:95:02:c1:fd:e1:05:0d:ca:51:bf:b9:7b:b6:89:74:
9d:2b:dd:e3:d6:c5:09:82:72:4e:59:96:34:11:cb:c2:fd:02:
85:a9:71:8b:8d:7e:b1:68:3e:4f:21:d1:c8:c7:22:97:1b:8f:
08:ed:d8:0c:35:a1:0a:ae:3f:24:e0:87:d0:73:6d:aa:1d:39:
03:4c:e3:d1:90:ec:2c:e9:26:4d:91:77:42:15:cf:08:c9:56:
33:28:8f:d4:a2:97:9a:45:54:80:d2:8d:94:db:4f:f7:11:9b:
b9:07:d4:ca:cf:5a:c7:52:2b:33:ff:f9:89:ff:66:29:31:9a:
ee:64:33:c4:8c:3d:93:48:71:f3:fd:d4:92:2f:fb:d6:8f:4d:
ae:53:8c:6d:c7:a0:1c:e8:4c:64:d1:cd:88:8c:27:2b:99:10:
e8:36:75:93:95:c4:a8:f5:98:53:f5:ff:b3:4d:9e:01:81:06:
e5:db:2d:45
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGS4svvu1A5L/3G7ffD0LFyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI3MDgxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjdhZjRhNjVmMmYyYWJkNmZkYjk0YTY0YjIwYzBmZGYyMjhkYjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiepE4Zy86K0OpFNfDPHY31PTKzb
lMdRlWwUAFftE092wT5wP8oKR/98cpv2JsidGfikvcu52jDmCxtKiRM6YYl8OBW+
+i9IG5GHA7XDzZDSxxvyKh9UvjCot2B9kRKwX5DDzlh/gqriV00uzx0+tsKlkQyy
QssxA1/A2QXddIBDNtbSD8b3bRp9JjKIGiTXouB0VtwMbG8LPpCILlQPZFF+Dpo3
pOeQnWh1T4bxhTaxVnvgVs1XVbdmpSygpYTB5c0Cvk576PIzmrioMge5sFav5XPJ
vF4CpQKw5MnpGcW1f8AYvPRBy3zbWVT16ixpXPt+3ETp27YsNVI3A5x1nwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNJ69KZfLyq9b9uUpksgwP3yKNuMMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMG5yMHBsOHZLcjF2MjVTbVN5REFfZklvMjR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAhf3kLSmWeGhTZAD3oSD/vapN
+5vEhvAe2xAa/zmNAFIFL0U4LucmLvQ0Bq3Fa7vbB9wjFJSnv9ef/cNS4WVer8LR
9LmMW37rIqQHlQLB/eEFDcpRv7l7tol0nSvd49bFCYJyTlmWNBHLwv0Chalxi41+
sWg+TyHRyMcilxuPCO3YDDWhCq4/JOCH0HNtqh05A0zj0ZDsLOkmTZF3QhXPCMlW
MyiP1KKXmkVUgNKNlNtP9xGbuQfUys9ax1IrM//5if9mKTGa7mQzxIw9k0hx8/3U
ki/71o9NrlOMbcegHOhMZNHNiIwnK5kQ6DZ1k5XEqPWYU/X/s02eAYEG5dstRQ==
-----END CERTIFICATE-----
Generated at Tue Aug 27 13:22:43 2024 by rpki-client on console-ams.rpki-client.org