Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7cDR0wnB4F320WB-z8D6tTVPX0Q.roa
File: 7cDR0wnB4F320WB-z8D6tTVPX0Q.roa (raw, json)
Hash identifier: lNjVLLUx/v1yiX3ei9udzrEi2Sspu3cHKA+6sJTcB0I=
Subject key identifier: ED:C0:D1:D3:09:C1:E0:5D:F6:D1:60:7E:CF:C0:FA:B5:35:4F:5F:44
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01929E70FB6839841AE2553346509B58C20E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7cDR0wnB4F320WB-z8D6tTVPX0Q.roa
Signing time: Fri 18 Oct 2024 07:04:17 +0000
ROA not before: Fri 18 Oct 2024 07:04:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:192:9e70:f663/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 18 Oct 2024 07:11:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9e:70:fb:68:39:84:1a:e2:55:33:46:50:9b:58:c2:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Oct 18 07:04:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=edc0d1d309c1e05df6d1607ecfc0fab5354f5f44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d2:18:f8:be:01:ca:3f:91:ac:71:37:1e:59:
f4:3b:c8:7f:be:73:d3:e1:33:3c:8c:eb:b1:0b:02:
8b:3e:c0:e2:e0:46:35:10:33:43:63:3f:e2:02:60:
96:9c:d9:23:d1:fb:d8:68:8e:ef:f8:4c:2b:93:5d:
9e:2a:50:ed:74:ed:92:ae:c3:4c:43:16:27:c2:e6:
84:b3:b7:c4:c4:12:e3:a7:77:07:d2:f7:2b:ac:88:
74:49:9b:23:00:cb:54:ac:b5:7a:2c:5d:e8:49:78:
ba:1f:37:c8:6e:8e:62:91:74:bc:ae:a8:fd:00:c3:
84:e7:14:86:2d:39:e5:ec:af:dc:15:2b:d8:78:d2:
63:08:4a:01:97:a4:08:13:af:f9:ed:68:b5:58:d4:
d4:11:55:18:d2:7c:39:13:43:e4:cc:54:eb:1f:09:
99:de:b2:e0:5f:b1:84:cb:f0:bf:1c:0f:60:ab:6b:
e0:1d:8c:f2:f4:a9:f4:04:f5:b0:e2:24:89:95:0d:
1b:76:58:f9:e4:8e:e9:7c:55:8c:bd:52:e8:78:86:
b4:06:a4:01:bc:21:fb:e0:7d:fb:41:e5:cc:d6:a0:
fd:04:ff:95:91:9b:20:e5:24:c6:96:12:1c:84:2a:
7d:30:2c:89:b1:9b:91:30:a9:a3:a0:ac:2b:ad:9c:
5a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:C0:D1:D3:09:C1:E0:5D:F6:D1:60:7E:CF:C0:FA:B5:35:4F:5F:44
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7cDR0wnB4F320WB-z8D6tTVPX0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:192:9e70:f663/128
Signature Algorithm: sha256WithRSAEncryption
68:fa:0d:35:25:fa:c9:48:df:7a:18:29:29:e1:04:24:a7:23:
02:40:5b:c9:43:ab:06:94:81:c5:a5:3d:a5:ae:b7:19:eb:0b:
f1:cf:df:dd:c4:d4:60:76:d3:69:c1:b2:a5:39:a9:84:99:a7:
bf:93:a1:68:6a:d4:57:08:b9:dc:6a:f5:5e:b3:a5:e5:84:33:
bc:e3:75:55:8f:24:92:5b:d4:57:e5:1c:e0:72:73:a7:4c:c5:
7a:25:04:58:80:f6:5c:18:ac:4c:00:4a:a4:2b:e3:83:83:8e:
27:51:2c:af:53:27:4f:45:8f:71:66:b6:95:25:a7:14:05:7d:
6f:22:8b:b0:9d:6a:fa:10:a3:27:82:18:1a:49:5b:06:46:7d:
a1:46:ab:ac:46:3a:64:84:3f:94:1c:7a:ad:70:1c:a7:74:9a:
c3:d0:48:3a:5d:31:65:ce:5b:05:86:81:17:e7:37:07:49:f6:
ba:90:c1:bc:83:4f:c8:43:81:0b:c1:e7:1a:04:0e:03:c9:ee:
89:91:ca:ba:12:79:e2:37:02:2f:6f:ff:63:ba:5d:2a:3b:b3:
20:30:c6:1c:42:5a:f3:5f:7b:77:49:93:ab:8d:13:54:6a:e9:
27:c2:02:b0:d1:d2:c2:26:4c:fe:4e:70:ff:2d:15:c3:d0:0d:
b0:55:c9:53
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZKecPtoOYQa4lUzRlCbWMIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMDE4MDcwNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGMwZDFkMzA5YzFlMDVkZjZkMTYwN2VjZmMwZmFiNTM1NGY1ZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydIY+L4Byj+RrHE3Hln0O8h/vnPT
4TM8jOuxCwKLPsDi4EY1EDNDYz/iAmCWnNkj0fvYaI7v+Ewrk12eKlDtdO2SrsNM
QxYnwuaEs7fExBLjp3cH0vcrrIh0SZsjAMtUrLV6LF3oSXi6HzfIbo5ikXS8rqj9
AMOE5xSGLTnl7K/cFSvYeNJjCEoBl6QIE6/57Wi1WNTUEVUY0nw5E0PkzFTrHwmZ
3rLgX7GEy/C/HA9gq2vgHYzy9Kn0BPWw4iSJlQ0bdlj55I7pfFWMvVLoeIa0BqQB
vCH74H37QeXM1qD9BP+VkZsg5STGlhIchCp9MCyJsZuRMKmjoKwrrZxaXQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFO3A0dMJweBd9tFgfs/A+rU1T19EMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvN2NEUjB3bkI0RjMyMFdCLXo4RDZ0VFZQWDBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGSnnD2YzANBgkqhkiG9w0BAQsFAAOCAQEAaPoNNSX6yUjfehgpKeEEJKcj
AkBbyUOrBpSBxaU9pa63GesL8c/f3cTUYHbTacGypTmphJmnv5OhaGrUVwi53Gr1
XrOl5YQzvON1VY8kklvUV+Uc4HJzp0zFeiUEWID2XBisTABKpCvjg4OOJ1Esr1Mn
T0WPcWa2lSWnFAV9byKLsJ1q+hCjJ4IYGklbBkZ9oUarrEY6ZIQ/lBx6rXAcp3Sa
w9BIOl0xZc5bBYaBF+c3B0n2upDBvINPyEOBC8HnGgQOA8nuiZHKuhJ54jcCL2//
Y7pdKjuzIDDGHEJa8197d0mTq40TVGrpJ8ICsNHSwiZM/k5w/y0Vw9ANsFXJUw==
-----END CERTIFICATE-----
Generated at Fri Oct 18 09:59:26 2024 by rpki-client on console-fra.rpki-client.org