Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1TWcfYpts2EQPHPZAGsQ00dqnGI.roa
File: 1TWcfYpts2EQPHPZAGsQ00dqnGI.roa (raw, json)
Hash identifier: 6sLxLqVF8psmOh/D2GijoKjAL6k4sWDpHRVJHhgM2Gg=
Subject key identifier: D5:35:9C:7D:8A:6D:B3:61:10:3C:73:D9:00:6B:10:D3:47:6A:9C:62
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190FFB22AA61DDED0124871B31F939207FE
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1TWcfYpts2EQPHPZAGsQ00dqnGI.roa
Signing time: Mon 29 Jul 2024 18:13:04 +0000
ROA not before: Mon 29 Jul 2024 18:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 29 Jul 2024 19:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ff:b2:2a:a6:1d:de:d0:12:48:71:b3:1f:93:92:07:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 29 18:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5359c7d8a6db361103c73d9006b10d3476a9c62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:92:f4:dc:c8:b6:d9:ce:3a:49:1d:12:50:b6:
3d:6e:67:fc:79:17:f9:78:19:76:df:b6:99:da:e5:
d3:1f:ba:58:1b:98:0a:73:25:21:ce:0e:e8:34:63:
b6:5c:94:7c:dc:c2:1f:c3:de:11:1d:f9:00:06:e3:
5a:63:59:73:b4:35:fd:34:f3:c9:0b:78:37:24:bf:
2b:33:6c:8f:15:bd:d0:26:fa:dd:ee:30:65:aa:40:
93:4e:9b:f6:15:dc:0f:14:2a:7d:f7:cb:42:28:be:
f0:f8:53:e3:6e:27:8d:34:10:f4:7b:ab:8c:99:ce:
a0:44:b1:32:55:61:5e:a4:84:0e:b1:62:7a:37:9c:
33:a2:23:95:e8:12:15:c3:d8:ed:7d:54:8d:e2:60:
28:5c:98:d9:04:0c:0d:e0:28:b4:af:31:06:79:3d:
aa:ca:b8:45:2e:24:18:d9:54:87:ca:22:f9:20:cd:
19:ba:99:99:ac:46:38:99:7a:92:fe:36:0a:7c:44:
c8:49:d5:3d:1b:9d:29:d4:be:4b:6c:04:ea:1a:c0:
d3:4e:eb:e0:e4:c7:7e:99:19:7b:02:79:16:04:9c:
b0:3c:e0:bf:5e:16:ff:fc:50:71:0d:84:41:7d:a1:
cf:0f:7b:b1:75:af:ec:d9:b9:7c:1f:71:ed:72:9f:
a1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:35:9C:7D:8A:6D:B3:61:10:3C:73:D9:00:6B:10:D3:47:6A:9C:62
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1TWcfYpts2EQPHPZAGsQ00dqnGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
90:8a:be:45:4b:8a:57:49:bb:5d:d4:96:64:34:bd:87:55:76:
f3:12:5c:77:9c:56:87:33:30:54:4f:1e:cf:8f:3f:62:7d:02:
53:2e:a0:3b:d1:1a:dd:b8:48:e3:2e:1e:18:fd:a2:c2:67:3d:
a7:22:1a:a0:38:61:25:c7:65:1e:00:90:4b:02:d3:3a:48:8f:
b8:9a:c8:88:85:fc:06:2d:6a:26:f8:0b:67:27:55:ee:5c:90:
75:f0:a7:bd:b2:87:b2:75:a3:4c:29:57:ff:d3:c7:6c:99:3c:
37:2a:8f:e2:d1:05:1d:a4:cc:3d:78:90:53:ac:4f:84:ab:66:
75:4d:d6:85:fd:d4:70:93:6a:36:da:23:4e:51:57:80:88:65:
70:65:66:37:99:fc:a0:2f:a7:40:0b:d9:0e:be:b2:e2:1b:ef:
f1:15:bc:0b:94:43:94:b0:59:2f:ef:8d:f9:58:94:0f:4f:2a:
cb:2b:c8:d2:76:46:5c:e8:50:a0:8d:ef:c3:31:36:2d:c6:30:
f1:a5:3d:21:f3:de:3d:5f:45:3c:43:2f:30:c1:a6:85:8b:ca:
e0:c6:54:0f:ad:3b:e5:4f:c4:b4:88:d4:ad:81:27:29:4e:05:
34:a7:e6:e3:87:31:26:e9:55:a9:bc:55:e0:29:d4:a9:b8:49:
cd:5e:a7:83
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZD/siqmHd7QEkhxsx+Tkgf+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzI5MTgxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTM1OWM3ZDhhNmRiMzYxMTAzYzczZDkwMDZiMTBkMzQ3NmE5YzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JL03Mi22c46SR0SULY9bmf8eRf5
eBl237aZ2uXTH7pYG5gKcyUhzg7oNGO2XJR83MIfw94RHfkABuNaY1lztDX9NPPJ
C3g3JL8rM2yPFb3QJvrd7jBlqkCTTpv2FdwPFCp998tCKL7w+FPjbieNNBD0e6uM
mc6gRLEyVWFepIQOsWJ6N5wzoiOV6BIVw9jtfVSN4mAoXJjZBAwN4Ci0rzEGeT2q
yrhFLiQY2VSHyiL5IM0ZupmZrEY4mXqS/jYKfETISdU9G50p1L5LbATqGsDTTuvg
5Md+mRl7AnkWBJywPOC/Xhb//FBxDYRBfaHPD3uxda/s2bl8H3Htcp+h+wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNU1nH2KbbNhEDxz2QBrENNHapxiMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMVRXY2ZZcHRzMkVRUEhQWkFHc1EwMGRxbkdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAkIq+RUuKV0m7XdSWZDS9h1V2
8xJcd5xWhzMwVE8ez48/Yn0CUy6gO9Ea3bhI4y4eGP2iwmc9pyIaoDhhJcdlHgCQ
SwLTOkiPuJrIiIX8Bi1qJvgLZydV7lyQdfCnvbKHsnWjTClX/9PHbJk8NyqP4tEF
HaTMPXiQU6xPhKtmdU3Whf3UcJNqNtojTlFXgIhlcGVmN5n8oC+nQAvZDr6y4hvv
8RW8C5RDlLBZL++N+ViUD08qyyvI0nZGXOhQoI3vwzE2LcYw8aU9IfPePV9FPEMv
MMGmhYvK4MZUD6075U/EtIjUrYEnKU4FNKfm44cxJulVqbxV4CnUqbhJzV6ngw==
-----END CERTIFICATE-----
Generated at Mon Jul 29 21:26:06 2024 by rpki-client on console-fra.rpki-client.org