Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7Y5-r5aO_iJgImWoBJDBaIgrFjk.roa
File: 7Y5-r5aO_iJgImWoBJDBaIgrFjk.roa (raw, json)
Hash identifier: nARSERPjOreLsWwc8nqE58HAWl92xzQB3iinQAkFTqI=
Subject key identifier: ED:8E:7E:AF:96:8E:FE:22:60:22:65:A8:04:90:C1:68:88:2B:16:39
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191448C33D44EFF46621DF5A41C3832B2FA
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7Y5-r5aO_iJgImWoBJDBaIgrFjk.roa
Signing time: Mon 12 Aug 2024 03:05:24 +0000
ROA not before: Mon 12 Aug 2024 03:05:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:448b:de03/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 12 Aug 2024 03:13:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:44:8c:33:d4:4e:ff:46:62:1d:f5:a4:1c:38:32:b2:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 12 03:05:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed8e7eaf968efe22602265a80490c168882b1639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b3:17:d3:54:3c:ac:ad:fb:84:64:c2:8b:37:
64:03:b0:ea:8b:1a:98:0b:9d:5f:aa:15:90:a0:94:
98:ef:64:5f:0c:83:82:2c:e6:a1:8f:d5:9e:87:52:
19:fa:27:49:2f:59:37:e1:00:fe:9a:22:06:e4:47:
15:f7:9b:08:a2:06:7e:04:96:00:af:b1:b0:64:9b:
e4:11:ae:50:f5:4b:e1:c4:52:d2:7f:c9:73:25:1b:
ae:37:6d:be:60:49:20:87:5f:16:63:d3:cd:a8:f5:
a8:96:b2:a9:0c:2f:6f:2b:c7:1b:9f:54:f6:09:a2:
84:4a:78:44:cb:6f:0d:ef:8b:d7:52:8b:6c:1d:a5:
0d:8d:36:ff:4a:dc:eb:b4:d5:88:3a:75:da:58:cd:
ca:c9:9f:55:79:d0:55:2f:b8:a4:91:35:45:34:e0:
13:73:ce:02:cf:3c:e0:8e:19:e8:69:c2:f9:fc:df:
da:66:7c:b1:c3:92:d1:79:94:b8:27:f6:29:2b:c2:
45:00:56:30:68:39:95:90:13:56:4b:85:7f:33:f0:
73:6b:74:53:cf:47:e9:2c:7f:4a:1a:b1:68:1e:b8:
d9:9a:81:eb:a9:39:e3:cc:1c:76:08:f5:67:ab:a5:
01:89:c7:e6:06:4b:c4:37:fc:6c:99:51:c6:7c:51:
a0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:8E:7E:AF:96:8E:FE:22:60:22:65:A8:04:90:C1:68:88:2B:16:39
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7Y5-r5aO_iJgImWoBJDBaIgrFjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:448b:de03/128
Signature Algorithm: sha256WithRSAEncryption
49:51:1d:07:52:3c:2a:53:2f:a9:0d:21:a8:0b:51:dc:35:bd:
cc:3e:da:80:47:38:d4:ea:bd:c8:79:5c:bc:ad:5d:1c:7b:8b:
01:cd:2a:d2:9d:5a:09:53:3f:24:8b:2c:0e:7c:87:97:11:b7:
e6:e1:d9:cc:71:a4:66:d7:cd:de:e1:49:3d:f2:e4:61:02:33:
c4:3f:0a:95:60:18:19:70:fb:f4:99:b0:20:1c:9a:e4:77:33:
8d:cc:7e:65:3f:9d:e5:75:08:f7:52:cf:28:85:56:f2:99:44:
b0:67:7c:dd:60:ec:1c:f8:ab:7d:97:43:41:f8:83:92:12:3d:
80:b7:29:45:a0:a7:54:81:20:2e:20:29:28:b7:4a:c3:e5:89:
75:e9:7a:9f:e4:ba:a6:8a:f0:c3:68:be:ed:a3:2e:d6:c9:53:
06:da:df:46:65:9f:e9:d7:85:59:b7:c2:42:be:d4:a4:60:46:
cc:22:f6:54:dd:ed:7f:5b:7c:48:b0:4c:f0:0c:e6:89:71:02:
fc:ec:18:0d:92:d1:eb:e7:6e:56:64:bc:b8:4e:c0:e9:93:de:
5e:a4:67:37:26:d6:50:82:12:b5:d7:0f:75:9a:29:00:9a:a4:
6d:16:06:ed:0f:1c:14:fe:a0:1e:be:2a:18:49:b0:8e:f5:9c:
a7:3f:b6:d3
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZFEjDPUTv9GYh31pBw4MrL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODEyMDMwNTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDhlN2VhZjk2OGVmZTIyNjAyMjY1YTgwNDkwYzE2ODg4MmIxNjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobMX01Q8rK37hGTCizdkA7DqixqY
C51fqhWQoJSY72RfDIOCLOahj9Weh1IZ+idJL1k34QD+miIG5EcV95sIogZ+BJYA
r7GwZJvkEa5Q9UvhxFLSf8lzJRuuN22+YEkgh18WY9PNqPWolrKpDC9vK8cbn1T2
CaKESnhEy28N74vXUotsHaUNjTb/StzrtNWIOnXaWM3KyZ9VedBVL7ikkTVFNOAT
c84CzzzgjhnoacL5/N/aZnyxw5LReZS4J/YpK8JFAFYwaDmVkBNWS4V/M/Bza3RT
z0fpLH9KGrFoHrjZmoHrqTnjzBx2CPVnq6UBicfmBkvEN/xsmVHGfFGgBwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFO2Ofq+Wjv4iYCJlqASQwWiIKxY5MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvN1k1LXI1YU9faUpnSW1Xb0JKREJhSWdyRmprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkUSL3gMwDQYJKoZIhvcNAQELBQADggEB
AElRHQdSPCpTL6kNIagLUdw1vcw+2oBHONTqvch5XLytXRx7iwHNKtKdWglTPySL
LA58h5cRt+bh2cxxpGbXzd7hST3y5GECM8Q/CpVgGBlw+/SZsCAcmuR3M43MfmU/
neV1CPdSzyiFVvKZRLBnfN1g7Bz4q32XQ0H4g5ISPYC3KUWgp1SBIC4gKSi3SsPl
iXXpep/kuqaK8MNovu2jLtbJUwba30Zln+nXhVm3wkK+1KRgRswi9lTd7X9bfEiw
TPAM5olxAvzsGA2S0evnblZkvLhOwOmT3l6kZzcm1lCCErXXD3WaKQCapG0WBu0P
HBT+oB6+KhhJsI71nKc/ttM=
-----END CERTIFICATE-----
Generated at Mon Aug 12 05:43:53 2024 by rpki-client on console-fra.rpki-client.org