Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1ZMG2NDQ1-M4CuW6559TBXwjDYU.roa
File: 1ZMG2NDQ1-M4CuW6559TBXwjDYU.roa (raw, json)
Hash identifier: x55R88cXvAsGNpMvIJbkaMaIRcRCBUGZY0M7rCCN1l8=
Subject key identifier: D5:93:06:D8:D0:D0:D7:E3:38:0A:E5:BA:E7:9F:53:05:7C:23:0D:85
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01915B51BBF8FD0F7DFD30CF2CF19231D579
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1ZMG2NDQ1-M4CuW6559TBXwjDYU.roa
Signing time: Fri 16 Aug 2024 13:12:48 +0000
ROA not before: Fri 16 Aug 2024 13:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 16 Aug 2024 14:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5b:51:bb:f8:fd:0f:7d:fd:30:cf:2c:f1:92:31:d5:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 16 13:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d59306d8d0d0d7e3380ae5bae79f53057c230d85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:90:29:e6:98:f7:3d:b8:7d:a9:39:38:f3:0b:
03:ae:23:d2:a5:75:9b:e5:6d:6a:37:ee:01:62:ea:
54:57:be:5a:37:55:e7:9e:14:e2:ca:b2:36:b9:22:
47:65:e7:38:24:4a:08:a9:37:4c:a1:2e:c2:26:e3:
c3:4c:b4:66:d5:02:02:5a:58:bc:37:b5:6f:d9:5b:
15:0d:77:e9:c5:cb:b6:25:f9:66:60:8f:68:ca:33:
ae:20:fb:3d:95:d1:a1:e4:59:16:d4:31:85:62:b3:
c5:d8:08:54:3e:56:ff:c2:96:9b:cb:3a:a4:7f:02:
8d:4a:55:02:84:96:dd:eb:d4:a8:e5:41:d2:7d:6c:
81:35:34:30:91:4e:f0:af:01:fc:a0:f6:86:86:90:
73:04:ac:95:82:d9:bc:33:4f:f9:4e:44:78:37:81:
c8:cb:be:ce:67:e0:59:8f:5c:98:5c:1b:94:ff:1e:
9e:e1:e5:c8:e5:dd:74:9d:94:26:e1:b3:4c:c7:14:
b4:92:fc:5a:16:ce:5b:9b:34:a3:a2:c9:d8:f8:bc:
32:56:2e:fc:61:a2:7e:54:e6:df:1d:4e:e6:d6:f8:
c6:43:f1:b6:ac:e7:26:ac:1a:82:11:55:f4:78:38:
a3:29:0c:3a:de:ed:42:3a:86:7f:9d:a7:3a:aa:17:
6e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:93:06:D8:D0:D0:D7:E3:38:0A:E5:BA:E7:9F:53:05:7C:23:0D:85
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1ZMG2NDQ1-M4CuW6559TBXwjDYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
0e:39:e6:0b:9f:56:6d:04:be:f7:f2:1d:5a:fd:c0:d2:e8:53:
12:c5:a1:48:03:32:75:b8:ec:36:ca:10:6f:21:f0:06:ee:b3:
15:7d:09:db:89:2f:f3:84:8e:e9:3b:bd:45:1c:e2:22:13:ff:
42:41:ee:e5:d8:f2:22:af:fe:0d:a7:22:da:a5:73:e9:9b:5d:
b7:7d:37:82:5f:88:6e:39:68:e2:58:41:16:16:bd:0e:f9:fd:
84:dd:85:c1:5e:4a:b5:a3:42:0c:14:02:e0:3e:2e:af:b4:91:
07:ea:1a:33:e1:01:c9:f3:f4:cc:a5:cc:ea:3e:8a:9c:54:8c:
5a:56:dc:47:08:4f:42:92:fd:69:8e:8d:64:9e:38:de:6b:0d:
3e:22:9d:6d:42:a4:34:24:89:6c:0f:b9:a7:42:b2:fa:d8:c2:
52:b7:61:7f:af:8f:c7:a7:d3:4b:81:68:7b:c8:24:ba:12:85:
1a:3f:6f:90:72:ba:f0:9f:72:ec:dc:f0:3b:28:d9:46:3b:eb:
a9:b8:f3:22:e1:0f:f4:4c:eb:e4:9f:4d:7b:8e:22:0e:3f:30:
21:82:c9:f5:27:9c:0f:b4:bd:51:43:7b:59:ce:3e:51:8b:5b:
72:7f:a6:7e:e9:b8:a3:44:e1:e7:aa:c7:95:c7:7a:2f:3f:b2:
3d:98:c4:6d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFbUbv4/Q99/TDPLPGSMdV5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODE2MTMxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTkzMDZkOGQwZDBkN2UzMzgwYWU1YmFlNzlmNTMwNTdjMjMwZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZAp5pj3Pbh9qTk48wsDriPSpXWb
5W1qN+4BYupUV75aN1XnnhTiyrI2uSJHZec4JEoIqTdMoS7CJuPDTLRm1QICWli8
N7Vv2VsVDXfpxcu2JflmYI9oyjOuIPs9ldGh5FkW1DGFYrPF2AhUPlb/wpabyzqk
fwKNSlUChJbd69So5UHSfWyBNTQwkU7wrwH8oPaGhpBzBKyVgtm8M0/5TkR4N4HI
y77OZ+BZj1yYXBuU/x6e4eXI5d10nZQm4bNMxxS0kvxaFs5bmzSjosnY+LwyVi78
YaJ+VObfHU7m1vjGQ/G2rOcmrBqCEVX0eDijKQw63u1COoZ/nac6qhdu/QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNWTBtjQ0NfjOArluuefUwV8Iw2FMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMVpNRzJORFExLU00Q3VXNjU1OVRCWHdqRFlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEADjnmC59WbQS+9/IdWv3A0uhT
EsWhSAMydbjsNsoQbyHwBu6zFX0J24kv84SO6Tu9RRziIhP/QkHu5djyIq/+Daci
2qVz6Ztdt303gl+Ibjlo4lhBFha9Dvn9hN2FwV5KtaNCDBQC4D4ur7SRB+oaM+EB
yfP0zKXM6j6KnFSMWlbcRwhPQpL9aY6NZJ443msNPiKdbUKkNCSJbA+5p0Ky+tjC
Urdhf6+Px6fTS4Foe8gkuhKFGj9vkHK68J9y7NzwOyjZRjvrqbjzIuEP9Ezr5J9N
e44iDj8wIYLJ9SecD7S9UUN7Wc4+UYtbcn+mfum4o0Th56rHlcd6Lz+yPZjEbQ==
-----END CERTIFICATE-----
Generated at Fri Aug 16 18:39:58 2024 by rpki-client on console-fra.rpki-client.org