Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4ldS84KgZK4gOYogqU_3Wn53Qj0.roa
File: 4ldS84KgZK4gOYogqU_3Wn53Qj0.roa (raw, json)
Hash identifier: gu9P0kETHsGME0jSR8uoaFhODmfSmt753BLRP/MKSoU=
Subject key identifier: E2:57:52:F3:82:A0:64:AE:20:39:8A:20:A9:4F:F7:5A:7E:77:42:3D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019140E572E53E25DFD219C154C874B74299
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4ldS84KgZK4gOYogqU_3Wn53Qj0.roa
Signing time: Sun 11 Aug 2024 10:04:24 +0000
ROA not before: Sun 11 Aug 2024 10:04:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:40e5:4e75/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 11 Aug 2024 10:10:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:40:e5:72:e5:3e:25:df:d2:19:c1:54:c8:74:b7:42:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 11 10:04:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e25752f382a064ae20398a20a94ff75a7e77423d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b2:5e:2e:57:1d:70:39:c4:c3:46:86:1e:45:
ee:31:63:bd:60:4b:9e:74:28:21:a0:f6:b8:42:bb:
2a:8d:24:c4:e6:1a:db:16:a9:62:f7:95:e3:21:55:
6a:16:a1:b3:d9:eb:ee:9d:1a:a2:c6:67:6a:59:ce:
c7:d0:8a:13:77:c4:b2:1c:09:c5:70:93:7d:4e:9b:
d1:00:b0:6f:91:ef:91:48:b6:aa:24:93:f9:91:c1:
33:7e:a9:12:01:4c:98:d9:56:47:60:4c:e9:2b:41:
70:58:e6:f3:db:e4:1a:3f:83:1b:0d:62:23:db:1f:
63:3b:12:43:f6:d5:e0:ab:e8:d7:ee:3a:e4:4e:bb:
a4:ff:83:86:f0:69:15:33:43:73:9d:1f:f1:26:43:
76:49:12:ed:6d:cf:fa:f0:e3:31:92:30:2e:39:c6:
b7:85:1f:09:cc:b5:7a:0c:bc:c5:1e:d2:f4:4f:1e:
eb:bd:a2:65:46:d2:f5:2f:17:5e:96:56:30:07:dd:
5c:07:f4:1b:d6:1a:67:2d:76:b6:63:97:c6:37:d2:
fe:f9:38:2e:54:f7:91:f6:24:72:41:03:0b:7b:4a:
14:45:f8:70:96:bc:e5:db:73:87:36:dc:40:99:29:
fe:7e:0d:20:f6:ed:34:5b:88:7d:89:62:7f:80:68:
ab:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:57:52:F3:82:A0:64:AE:20:39:8A:20:A9:4F:F7:5A:7E:77:42:3D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4ldS84KgZK4gOYogqU_3Wn53Qj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:40e5:4e75/128
Signature Algorithm: sha256WithRSAEncryption
33:9a:aa:45:e5:c8:42:bb:47:4e:26:bc:71:09:6e:71:92:74:
46:40:8d:37:f0:b3:1d:4d:ef:2a:2c:bd:16:c0:f8:a4:2d:9b:
86:67:83:92:94:dd:ea:3b:92:9e:02:24:24:a2:ed:66:23:15:
ba:d0:3e:30:73:e7:2d:e2:74:b0:ca:0e:dc:23:d7:80:93:b6:
78:c6:c1:8a:cc:ed:84:43:1a:c9:b1:16:90:2f:51:04:33:d5:
a5:bb:32:57:2f:47:a2:af:c4:41:d4:b5:22:81:0b:93:0e:1c:
fa:cd:5c:58:0a:cf:6c:cb:1b:32:ff:2a:92:5d:fc:6f:d4:56:
5e:e4:fd:12:d5:be:19:70:db:1d:b0:17:84:41:c6:0a:8b:a0:
e5:37:dd:22:12:bd:b0:ee:46:98:11:47:a2:4c:8f:12:09:2d:
d7:26:60:38:a4:89:b8:3e:f3:61:ff:11:14:c6:54:46:45:03:
a7:17:8f:ff:90:ed:a9:6b:04:04:cf:99:78:e5:f8:8c:dd:95:
df:37:46:89:64:6e:71:4c:d0:52:80:20:33:38:1c:73:1e:42:
91:27:14:1f:f9:ca:1f:ce:58:b5:96:a8:b5:45:aa:38:b7:6c:
e2:e1:ea:2a:49:28:b3:45:1f:7a:ae:96:58:ed:89:ea:d5:ee:
03:0d:15:a5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZFA5XLlPiXf0hnBVMh0t0KZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODExMTAwNDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjU3NTJmMzgyYTA2NGFlMjAzOThhMjBhOTRmZjc1YTdlNzc0MjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbJeLlcdcDnEw0aGHkXuMWO9YEue
dCghoPa4QrsqjSTE5hrbFqli95XjIVVqFqGz2evunRqixmdqWc7H0IoTd8SyHAnF
cJN9TpvRALBvke+RSLaqJJP5kcEzfqkSAUyY2VZHYEzpK0FwWObz2+QaP4MbDWIj
2x9jOxJD9tXgq+jX7jrkTruk/4OG8GkVM0NznR/xJkN2SRLtbc/68OMxkjAuOca3
hR8JzLV6DLzFHtL0Tx7rvaJlRtL1LxdellYwB91cB/Qb1hpnLXa2Y5fGN9L++Tgu
VPeR9iRyQQMLe0oURfhwlrzl23OHNtxAmSn+fg0g9u00W4h9iWJ/gGirswIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOJXUvOCoGSuIDmKIKlP91p+d0I9MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNGxkUzg0S2daSzRnT1lvZ3FVXzNXbjUzUWowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkUDlTnUwDQYJKoZIhvcNAQELBQADggEB
ADOaqkXlyEK7R04mvHEJbnGSdEZAjTfwsx1N7yosvRbA+KQtm4Zng5KU3eo7kp4C
JCSi7WYjFbrQPjBz5y3idLDKDtwj14CTtnjGwYrM7YRDGsmxFpAvUQQz1aW7Mlcv
R6KvxEHUtSKBC5MOHPrNXFgKz2zLGzL/KpJd/G/UVl7k/RLVvhlw2x2wF4RBxgqL
oOU33SISvbDuRpgRR6JMjxIJLdcmYDikibg+82H/ERTGVEZFA6cXj/+Q7alrBATP
mXjl+Izdld83RolkbnFM0FKAIDM4HHMeQpEnFB/5yh/OWLWWqLVFqji3bOLh6ipJ
KLNFH3qulljtierV7gMNFaU=
-----END CERTIFICATE-----
Generated at Sun Aug 11 13:09:05 2024 by rpki-client on console-fra.rpki-client.org