Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/86hmyg2I8XkLBWr5diDFnL5tnpE.roa
File: 86hmyg2I8XkLBWr5diDFnL5tnpE.roa (raw, json)
Hash identifier: kJxTs5IR0+QDbREA58GdeartINbdZkdSjFzCQ6yxR3M=
Subject key identifier: F3:A8:66:CA:0D:88:F1:79:0B:05:6A:F9:76:20:C5:9C:BE:6D:9E:91
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019106C5FE630B8EF007C31370DF60F46400
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/86hmyg2I8XkLBWr5diDFnL5tnpE.roa
Signing time: Wed 31 Jul 2024 03:12:04 +0000
ROA not before: Wed 31 Jul 2024 03:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 31 Jul 2024 04:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:06:c5:fe:63:0b:8e:f0:07:c3:13:70:df:60:f4:64:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 31 03:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3a866ca0d88f1790b056af97620c59cbe6d9e91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:04:af:41:62:7b:f3:8c:8a:d5:56:b2:53:02:
6d:d0:7b:ba:48:52:20:11:94:63:1c:c3:a3:58:9c:
70:e6:60:8d:20:47:66:c7:a0:f9:e2:15:09:ce:b1:
c5:31:f9:95:a7:38:b3:b4:9c:90:5c:00:4e:e0:0d:
b0:3b:b3:7b:23:51:c2:3d:45:16:59:23:8a:bd:98:
9e:77:91:21:23:3d:e7:fc:24:75:20:dc:13:50:b0:
e4:01:ef:eb:23:90:71:d5:e9:6f:bb:8a:2c:bd:de:
bb:8d:e5:fd:34:5a:d2:92:9b:8d:8b:b9:0e:17:4d:
03:8d:3b:07:7d:16:f9:c9:9d:a8:be:cb:7b:a3:11:
60:05:3f:d2:fb:38:a6:f3:77:27:be:d6:d4:8d:50:
9d:87:a9:2e:a2:d1:cb:42:7a:af:15:70:40:4a:29:
ca:19:08:83:6e:5b:23:b1:92:52:c9:95:68:8d:f4:
ce:3d:d2:50:2b:52:88:79:05:53:13:01:95:8a:bb:
bd:18:52:c8:f2:4b:3e:10:1b:99:13:5e:48:0e:ab:
84:95:af:d8:50:8a:7f:01:20:eb:fb:8f:c5:21:b3:
5f:ee:3e:0c:48:aa:f0:fa:23:32:d6:4d:5d:87:b0:
ef:fa:c1:53:1e:9c:52:be:b8:82:1b:01:b6:97:ab:
41:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A8:66:CA:0D:88:F1:79:0B:05:6A:F9:76:20:C5:9C:BE:6D:9E:91
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/86hmyg2I8XkLBWr5diDFnL5tnpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
3d:23:05:c9:83:d0:f7:f8:b8:ab:b9:e6:51:d0:47:fe:9f:90:
76:94:49:02:ec:a3:32:98:89:77:f4:e2:ed:cd:b1:89:f1:a7:
07:93:4e:c2:45:90:d8:93:28:5e:42:09:76:64:f1:6c:70:a8:
75:d3:de:a0:d6:29:15:a3:78:de:be:4f:2c:63:05:20:6a:43:
08:85:f8:50:38:e4:fd:55:1d:ad:a1:8f:56:1e:11:c7:aa:8c:
c1:08:9a:6a:b2:29:ef:c2:ab:b1:30:f1:ce:92:c0:d4:71:e4:
e3:68:69:de:c5:5d:f3:aa:48:b8:3a:9e:03:cb:1a:bb:d4:a4:
8a:d3:94:3f:eb:37:ea:05:02:53:e6:d9:fd:8c:d3:b4:7a:e1:
08:aa:40:db:77:24:de:2e:ba:17:f9:9c:5a:2b:68:18:56:a1:
28:2d:18:3a:e1:1f:f6:ec:c1:9a:6d:aa:92:cc:4c:99:10:16:
05:15:f7:1a:cd:a1:6a:02:38:a6:e8:df:b4:93:b3:55:24:a1:
29:59:c1:9e:93:38:25:e3:2d:c5:f7:f9:53:8a:b4:0d:94:b7:
e0:37:1e:74:5a:22:3c:98:a6:5f:a8:00:39:a8:ed:d5:b0:83:
40:c2:59:11:3a:0c:25:95:80:a7:b7:57:1c:2d:c2:02:c0:e0:
01:a9:b4:21
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEGxf5jC47wB8MTcN9g9GQAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzMxMDMxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2E4NjZjYTBkODhmMTc5MGIwNTZhZjk3NjIwYzU5Y2JlNmQ5ZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QSvQWJ784yK1VayUwJt0Hu6SFIg
EZRjHMOjWJxw5mCNIEdmx6D54hUJzrHFMfmVpziztJyQXABO4A2wO7N7I1HCPUUW
WSOKvZied5EhIz3n/CR1INwTULDkAe/rI5Bx1elvu4osvd67jeX9NFrSkpuNi7kO
F00DjTsHfRb5yZ2ovst7oxFgBT/S+zim83cnvtbUjVCdh6kuotHLQnqvFXBASinK
GQiDblsjsZJSyZVojfTOPdJQK1KIeQVTEwGViru9GFLI8ks+EBuZE15IDquEla/Y
UIp/ASDr+4/FIbNf7j4MSKrw+iMy1k1dh7Dv+sFTHpxSvriCGwG2l6tBiwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPOoZsoNiPF5CwVq+XYgxZy+bZ6RMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvODZobXlnMkk4WGtMQldyNWRpREZuTDV0bnBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAPSMFyYPQ9/i4q7nmUdBH/p+Q
dpRJAuyjMpiJd/Ti7c2xifGnB5NOwkWQ2JMoXkIJdmTxbHCoddPeoNYpFaN43r5P
LGMFIGpDCIX4UDjk/VUdraGPVh4Rx6qMwQiaarIp78KrsTDxzpLA1HHk42hp3sVd
86pIuDqeA8sau9SkitOUP+s36gUCU+bZ/YzTtHrhCKpA23ck3i66F/mcWitoGFah
KC0YOuEf9uzBmm2qksxMmRAWBRX3Gs2hagI4pujftJOzVSShKVnBnpM4JeMtxff5
U4q0DZS34DcedFoiPJimX6gAOajt1bCDQMJZEToMJZWAp7dXHC3CAsDgAam0IQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:26 2025 by rpki-client