Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/6OQAk3e9tJiqh1cbYH7k4xBD2kg.roa
File: 6OQAk3e9tJiqh1cbYH7k4xBD2kg.roa (raw, json)
Hash identifier: zdPTgI1Il2wgqbJ5LijyWMpy8fTnEWtLaYyCaEz3Sdg=
Subject key identifier: E8:E4:00:93:77:BD:B4:98:AA:87:57:1B:60:7E:E4:E3:10:43:DA:48
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191D943DCE8C34EF6B1162557B0CEAAD40B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/6OQAk3e9tJiqh1cbYH7k4xBD2kg.roa
Signing time: Tue 10 Sep 2024 00:09:48 +0000
ROA not before: Tue 10 Sep 2024 00:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 10 Sep 2024 01:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d9:43:dc:e8:c3:4e:f6:b1:16:25:57:b0:ce:aa:d4:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 10 00:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8e4009377bdb498aa87571b607ee4e31043da48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:7e:e8:f8:ae:0b:87:e8:ee:b4:c7:b4:14:ae:
7f:52:7e:90:96:b5:d3:2d:d2:d4:58:95:67:a5:02:
24:22:cb:cb:39:b2:59:67:ed:6e:f2:51:b7:f2:bf:
b8:06:43:46:a7:cc:fc:ed:17:f6:e1:da:86:c3:85:
12:b0:5f:f4:e2:a8:bc:4e:a4:ae:6c:d2:34:7a:ff:
c8:23:69:44:9d:86:44:02:dd:bf:00:df:ec:29:01:
b4:f0:5c:6b:f5:43:5f:67:f5:ae:17:dc:55:75:25:
ae:19:6f:10:9f:98:39:c5:0b:a2:9e:83:97:1a:25:
81:88:59:79:71:a1:6d:39:a2:7d:e4:77:03:78:1f:
3c:50:64:32:2a:67:8a:a4:c9:d4:7c:7e:87:d9:cb:
c3:74:03:6e:0b:f8:2b:fc:a8:3e:78:73:a6:54:e9:
ef:7f:af:a2:95:10:67:6d:52:86:e3:22:58:db:02:
d6:c2:f4:49:aa:ae:dd:98:d6:5d:46:bb:25:bf:57:
3f:48:06:19:4b:31:77:3c:cf:cd:ac:d9:8c:a6:b0:
a5:30:21:03:0b:eb:56:47:3d:d0:43:a2:1e:74:34:
5a:ff:cc:bf:e0:00:2b:05:e4:ea:e7:fd:af:eb:e6:
26:71:0a:67:0e:db:85:76:3f:be:5c:d3:5e:ac:d7:
76:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:E4:00:93:77:BD:B4:98:AA:87:57:1B:60:7E:E4:E3:10:43:DA:48
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/6OQAk3e9tJiqh1cbYH7k4xBD2kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
37:f9:a0:79:42:52:5f:a7:4e:7a:37:f6:68:3b:a9:9c:6e:4a:
0c:1a:39:02:78:d9:0d:90:6f:15:ef:81:f3:1d:2b:4c:72:93:
55:de:d9:0f:d5:cb:2c:6c:c8:40:25:be:fa:64:3d:4d:7d:31:
70:16:28:93:dc:6e:a1:cd:cb:86:c3:3c:ae:33:50:2a:03:66:
0b:7b:54:23:74:15:3c:fa:ed:07:19:48:0c:9b:1e:28:01:f0:
f5:6d:f7:99:46:de:17:f9:66:2e:05:1f:07:09:d7:42:33:6b:
c7:bb:9b:cd:76:01:41:7b:b6:24:79:c3:00:63:a0:4f:a4:9e:
1c:97:67:de:2d:55:47:e6:99:28:2a:f4:5a:4b:68:86:1f:fb:
00:8d:c5:6f:25:82:d0:02:46:40:72:38:95:02:39:87:8a:68:
8e:37:14:a4:4f:94:6d:bc:a7:47:3d:6e:af:0b:6b:b2:a1:12:
2b:fa:75:4c:e7:66:16:45:71:18:56:ac:f4:e3:81:b0:15:6e:
24:e3:6f:9a:68:8c:34:58:62:15:0b:59:62:b1:16:c0:4a:7d:
d4:b4:32:ba:71:ff:91:02:92:1f:a2:3e:bd:ce:ac:b9:32:53:
26:72:b8:51:b9:23:d6:9b:e6:71:85:82:19:00:ff:39:85:8f:
75:e0:72:4c
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHZQ9zow072sRYlV7DOqtQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTEwMDAwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGU0MDA5Mzc3YmRiNDk4YWE4NzU3MWI2MDdlZTRlMzEwNDNkYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiH7o+K4Lh+jutMe0FK5/Un6QlrXT
LdLUWJVnpQIkIsvLObJZZ+1u8lG38r+4BkNGp8z87Rf24dqGw4USsF/04qi8TqSu
bNI0ev/II2lEnYZEAt2/AN/sKQG08Fxr9UNfZ/WuF9xVdSWuGW8Qn5g5xQuinoOX
GiWBiFl5caFtOaJ95HcDeB88UGQyKmeKpMnUfH6H2cvDdANuC/gr/Kg+eHOmVOnv
f6+ilRBnbVKG4yJY2wLWwvRJqq7dmNZdRrslv1c/SAYZSzF3PM/NrNmMprClMCED
C+tWRz3QQ6IedDRa/8y/4AArBeTq5/2v6+YmcQpnDtuFdj++XNNerNd2fQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFOjkAJN3vbSYqodXG2B+5OMQQ9pIMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNk9RQWszZTl0SmlxaDFjYllIN2s0eEJEMmtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wDEQAgAQZ8AGT//wAAAZHYLDcb
MA0GCSqGSIb3DQEBCwUAA4IBAQA3+aB5QlJfp056N/ZoO6mcbkoMGjkCeNkNkG8V
74HzHStMcpNV3tkP1cssbMhAJb76ZD1NfTFwFiiT3G6hzcuGwzyuM1AqA2YLe1Qj
dBU8+u0HGUgMmx4oAfD1bfeZRt4X+WYuBR8HCddCM2vHu5vNdgFBe7YkecMAY6BP
pJ4cl2feLVVH5pkoKvRaS2iGH/sAjcVvJYLQAkZAcjiVAjmHimiONxSkT5RtvKdH
PW6vC2uyoRIr+nVM52YWRXEYVqz044GwFW4k42+aaIw0WGIVC1lisRbASn3UtDK6
cf+RApIfoj69zqy5MlMmcrhRuSPWm+ZxhYIZAP85hY914HJM
Generated at Tue Sep 10 04:08:45 2024 by rpki-client on console-ams.rpki-client.org