Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/43IF4Rfto8-nSaP2YZ1A1PckXZk.roa
File: 43IF4Rfto8-nSaP2YZ1A1PckXZk.roa (raw, json)
Hash identifier: mEQmHB5c8Szem6FMyTIfSPk+wv2OK73/yMzsccxSfiw=
Subject key identifier: E3:72:05:E1:17:ED:A3:CF:A7:49:A3:F6:61:9D:40:D4:F7:24:5D:99
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191ACA299671FE44450E72F53398495DE79
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/43IF4Rfto8-nSaP2YZ1A1PckXZk.roa
Signing time: Sun 01 Sep 2024 08:10:22 +0000
ROA not before: Sun 01 Sep 2024 08:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 01 Sep 2024 09:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ac:a2:99:67:1f:e4:44:50:e7:2f:53:39:84:95:de:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 1 08:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e37205e117eda3cfa749a3f6619d40d4f7245d99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:6b:37:7e:14:a4:d9:d7:0a:bb:67:ce:ce:ff:
b6:4a:e4:81:f2:03:d9:c4:80:a4:a3:27:89:70:b9:
b4:10:a1:5e:29:11:ec:0b:f7:59:37:2a:3b:83:f2:
9b:60:0b:76:eb:e8:af:d6:14:e4:25:c1:b6:d4:41:
44:b1:1d:bc:e1:39:80:e3:47:a3:09:48:9e:9e:cd:
1b:d5:f6:b3:aa:7c:a3:cd:98:06:f7:2d:f1:9b:7e:
a4:2e:60:80:53:86:69:c8:aa:d3:ab:c0:77:47:e3:
f5:0f:ca:70:76:76:6f:7b:c9:6f:1a:bf:68:dd:a0:
7d:ea:98:2d:90:71:2e:c6:fa:5b:37:4c:b6:c5:db:
09:62:a8:c2:7d:fe:e1:8e:78:fa:89:ac:d4:40:85:
df:b1:3d:75:28:40:8d:39:58:9a:c0:42:f8:de:99:
43:b6:5e:00:54:d5:a7:55:dd:3b:2c:d8:d7:79:96:
cf:05:67:5a:04:f4:85:88:0b:5c:eb:ce:e3:1c:c3:
0a:7a:0b:fd:fa:1e:04:55:df:87:a0:0b:97:bd:27:
af:a5:b5:8b:3b:00:be:26:7a:6f:5d:1c:4a:7a:7c:
f1:5c:06:85:93:47:18:fa:a4:ac:bb:d0:0b:5a:61:
d7:d1:84:5d:ff:76:56:e6:89:17:43:e7:65:4a:54:
60:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:72:05:E1:17:ED:A3:CF:A7:49:A3:F6:61:9D:40:D4:F7:24:5D:99
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/43IF4Rfto8-nSaP2YZ1A1PckXZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
39:02:71:b5:51:03:7f:9e:b5:43:89:eb:21:9e:4a:21:f7:0a:
ab:85:16:e6:a0:2d:2b:7c:8f:30:e8:9b:99:82:a0:e9:6a:7e:
ef:e9:84:47:57:07:93:d6:fb:67:d8:db:84:4f:62:cf:87:27:
7b:16:cf:8a:d9:6c:1f:63:14:04:e6:ee:31:8b:d0:f9:96:71:
34:e5:76:5e:2c:43:8b:7c:a5:bb:99:d2:be:e3:3e:64:a5:76:
3c:f7:35:3e:e1:8f:df:c9:6b:38:b1:cc:85:7d:42:8b:45:ad:
70:89:96:6b:72:3b:9a:36:05:6d:c9:bd:56:22:94:3a:4d:47:
f4:23:f2:5d:34:a0:59:43:84:95:ec:17:e5:4e:b7:1e:c8:e4:
14:1b:5e:3c:13:0b:e3:f6:fb:78:84:5d:2d:0a:07:a4:cc:e3:
31:a5:92:3b:11:b4:ba:7a:78:9f:ac:20:7f:38:ec:11:3f:27:
24:55:1d:ea:90:4e:d1:f9:ae:96:b4:01:84:c5:40:93:2f:49:
a2:c0:38:57:91:c2:61:4a:45:84:77:a7:68:ac:9b:98:31:de:
95:b9:24:de:7a:6d:ed:81:28:be:5c:b3:de:b8:6e:fe:24:6d:
75:cc:54:a5:96:4b:7c:51:cc:78:df:8a:38:e1:90:da:82:b4:
c0:ea:38:3a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGsoplnH+REUOcvUzmEld55MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAxMDgxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzcyMDVlMTE3ZWRhM2NmYTc0OWEzZjY2MTlkNDBkNGY3MjQ1ZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ms3fhSk2dcKu2fOzv+2SuSB8gPZ
xICkoyeJcLm0EKFeKRHsC/dZNyo7g/KbYAt26+iv1hTkJcG21EFEsR284TmA40ej
CUiens0b1fazqnyjzZgG9y3xm36kLmCAU4ZpyKrTq8B3R+P1D8pwdnZve8lvGr9o
3aB96pgtkHEuxvpbN0y2xdsJYqjCff7hjnj6iazUQIXfsT11KECNOViawEL43plD
tl4AVNWnVd07LNjXeZbPBWdaBPSFiAtc687jHMMKegv9+h4EVd+HoAuXvSevpbWL
OwC+JnpvXRxKenzxXAaFk0cY+qSsu9ALWmHX0YRd/3ZW5okXQ+dlSlRgswIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFONyBeEX7aPPp0mj9mGdQNT3JF2ZMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNDNJRjRSZnRvOC1uU2FQMllaMUExUGNrWFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAOQJxtVEDf561Q4nrIZ5KIfcK
q4UW5qAtK3yPMOibmYKg6Wp+7+mER1cHk9b7Z9jbhE9iz4cnexbPitlsH2MUBObu
MYvQ+ZZxNOV2XixDi3ylu5nSvuM+ZKV2PPc1PuGP38lrOLHMhX1Ci0WtcImWa3I7
mjYFbcm9ViKUOk1H9CPyXTSgWUOElewX5U63HsjkFBtePBML4/b7eIRdLQoHpMzj
MaWSOxG0unp4n6wgfzjsET8nJFUd6pBO0fmulrQBhMVAky9JosA4V5HCYUpFhHen
aKybmDHelbkk3npt7YEovlyz3rhu/iRtdcxUpZZLfFHMeN+KOOGQ2oK0wOo4Og==
Generated at Sun Sep 1 09:56:45 2024 by rpki-client on console-fra.rpki-client.org