Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3OObDWWHfkNxdOlLmd9xtRZtWhQ.roa
File: 3OObDWWHfkNxdOlLmd9xtRZtWhQ.roa (raw, json)
Hash identifier: jzWGcy1fdf7dmRrxqm/Xb3vKK2wCp2Mkh7RM5lathK4=
Subject key identifier: DC:E3:9B:0D:65:87:7E:43:71:74:E9:4B:99:DF:71:B5:16:6D:5A:14
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01910FC74AA3AE170C5C3C7376DAA1BB7D47
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3OObDWWHfkNxdOlLmd9xtRZtWhQ.roa
Signing time: Thu 01 Aug 2024 21:10:04 +0000
ROA not before: Thu 01 Aug 2024 21:10:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 01 Aug 2024 22:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0f:c7:4a:a3:ae:17:0c:5c:3c:73:76:da:a1:bb:7d:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 1 21:10:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dce39b0d65877e437174e94b99df71b5166d5a14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ec:19:07:06:75:9f:58:96:e0:0f:70:37:6a:
60:d1:f7:57:33:83:cd:80:44:ef:93:99:2a:a3:1b:
8e:f8:f8:69:41:8b:24:5c:f6:6c:ea:1c:0b:0e:31:
1a:85:d3:bb:b3:41:fa:30:21:9f:67:e5:b7:95:62:
3b:91:1d:25:42:db:e7:28:e0:6c:4c:79:ff:ae:5b:
b0:18:4a:62:8b:01:5d:1d:3a:9a:e3:c7:78:f9:44:
cd:b7:9d:83:7a:5b:75:02:ae:4d:58:45:38:28:d7:
f1:bc:ca:25:7e:9a:a5:ab:5f:4f:17:14:13:86:e8:
51:46:c4:94:18:12:6e:71:7d:52:98:1d:10:9e:b9:
a0:78:90:99:ba:3b:1a:ef:aa:ea:4c:69:54:e0:d1:
5a:44:08:7b:74:68:b0:90:ee:74:20:ff:13:a5:cf:
9b:f6:7e:03:0c:70:ba:8f:a2:3a:b4:6b:e6:ea:80:
f1:59:6f:41:67:cf:31:41:54:0b:52:36:06:bf:5a:
4f:ff:5f:87:b5:41:fd:a8:4e:22:1e:85:82:6d:e9:
29:a1:06:0e:ba:90:b7:4f:52:58:9c:c6:2f:47:df:
3b:3c:82:c0:8b:e9:fb:bb:67:af:aa:2c:c3:13:28:
18:e6:0e:4c:f2:cd:a4:55:c1:ac:a2:95:48:5c:4e:
86:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:E3:9B:0D:65:87:7E:43:71:74:E9:4B:99:DF:71:B5:16:6D:5A:14
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3OObDWWHfkNxdOlLmd9xtRZtWhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
62:cb:21:9c:7b:40:bb:99:97:68:a7:d0:f8:21:ac:ca:47:92:
3a:07:c5:b6:ee:77:2c:26:d2:64:5d:4f:63:6c:ec:0c:9d:d2:
89:22:21:fc:bf:8a:36:93:7c:d1:d0:4b:26:79:16:4a:d6:46:
0c:e1:e5:6b:49:a1:57:49:15:d5:3b:df:eb:7e:8e:c3:be:f1:
c8:8d:66:75:96:cf:1a:19:22:80:9d:8f:87:0f:1c:75:64:d3:
5c:8f:62:e3:43:41:b3:02:56:e8:a4:91:1a:f6:64:49:bd:75:
03:58:13:c5:4a:24:dc:de:f9:6d:56:89:bc:87:89:76:da:e0:
c7:73:6b:e3:66:6d:5c:f1:7b:f2:ac:ce:e0:8a:00:05:2f:09:
00:42:c9:f0:c0:e4:c0:f5:40:13:8b:d6:ac:1f:0e:1b:d0:c7:
26:6b:5c:5a:64:6e:ac:1f:d6:ee:30:b9:1e:2e:c0:b7:4e:77:
a8:80:51:7b:70:a1:a6:a4:12:83:9d:0d:63:5a:8b:a4:0e:12:
ca:7c:7b:77:f5:2d:9b:34:36:73:48:e6:da:a9:5d:18:ca:0f:
4d:c8:0e:d1:12:c3:ae:b3:dc:ce:a5:01:72:63:73:30:ff:04:
bd:59:04:2d:2e:26:28:43:75:ca:e8:8d:c3:99:84:4c:b2:d3:
51:17:97:0c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEPx0qjrhcMXDxzdtqhu31HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODAxMjExMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2UzOWIwZDY1ODc3ZTQzNzE3NGU5NGI5OWRmNzFiNTE2NmQ1YTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOwZBwZ1n1iW4A9wN2pg0fdXM4PN
gETvk5kqoxuO+PhpQYskXPZs6hwLDjEahdO7s0H6MCGfZ+W3lWI7kR0lQtvnKOBs
THn/rluwGEpiiwFdHTqa48d4+UTNt52Delt1Aq5NWEU4KNfxvMolfpqlq19PFxQT
huhRRsSUGBJucX1SmB0QnrmgeJCZujsa76rqTGlU4NFaRAh7dGiwkO50IP8Tpc+b
9n4DDHC6j6I6tGvm6oDxWW9BZ88xQVQLUjYGv1pP/1+HtUH9qE4iHoWCbekpoQYO
upC3T1JYnMYvR987PILAi+n7u2evqizDEygY5g5M8s2kVcGsopVIXE6GfwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNzjmw1lh35DcXTpS5nfcbUWbVoUMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvM09PYkRXV0hma054ZE9sTG1kOXh0Ulp0V2hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAYsshnHtAu5mXaKfQ+CGsykeS
OgfFtu53LCbSZF1PY2zsDJ3SiSIh/L+KNpN80dBLJnkWStZGDOHla0mhV0kV1Tvf
636Ow77xyI1mdZbPGhkigJ2Phw8cdWTTXI9i40NBswJW6KSRGvZkSb11A1gTxUok
3N75bVaJvIeJdtrgx3Nr42ZtXPF78qzO4IoABS8JAELJ8MDkwPVAE4vWrB8OG9DH
JmtcWmRurB/W7jC5Hi7At053qIBRe3ChpqQSg50NY1qLpA4Synx7d/UtmzQ2c0jm
2qldGMoPTcgO0RLDrrPczqUBcmNzMP8EvVkELS4mKEN1yuiNw5mETLLTUReXDA==
Generated at Thu Aug 1 23:33:48 2024 by rpki-client on console-fra.rpki-client.org