Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8MUS9StLwZJqR6p1RkK4LD_Cyh0.roa
File: 8MUS9StLwZJqR6p1RkK4LD_Cyh0.roa (raw, json)
Hash identifier: /A0oI5AQl5D4XI1YF4pt+08NYjz2yGTWIYq5UCVgAio=
Subject key identifier: F0:C5:12:F5:2B:4B:C1:92:6A:47:AA:75:46:42:B8:2C:3F:C2:CA:1D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01914DCC4A7376F871AA385847B446E1FC2B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8MUS9StLwZJqR6p1RkK4LD_Cyh0.roa
Signing time: Tue 13 Aug 2024 22:11:59 +0000
ROA not before: Tue 13 Aug 2024 22:11:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 13 Aug 2024 23:04:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4d:cc:4a:73:76:f8:71:aa:38:58:47:b4:46:e1:fc:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 13 22:11:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0c512f52b4bc1926a47aa754642b82c3fc2ca1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:2f:10:d7:9f:24:db:3c:a5:e5:21:25:97:d6:
0f:48:56:7b:17:62:37:c7:d4:7b:dd:c8:41:1a:59:
07:78:79:bb:da:e8:dc:87:d6:cd:4a:a4:d5:50:6a:
cc:72:6a:c8:09:b0:d2:ea:34:b5:61:5a:81:fb:3e:
8e:d8:c2:e7:4f:4f:b2:e9:e2:b6:5c:55:83:0d:79:
b4:6e:48:81:45:90:b8:13:8d:ae:36:88:44:b4:29:
ba:b5:a1:e6:f7:06:0b:6b:30:ac:da:e6:d7:b6:8c:
6b:7d:f2:e4:9a:cc:fb:50:ba:4c:b7:30:fd:51:4e:
9b:e3:b4:b4:d3:83:10:c9:52:98:e7:0a:18:54:54:
03:67:87:f3:4d:bb:56:1d:24:86:a7:55:cc:50:20:
b8:41:9e:e9:a0:e4:9d:0d:cd:43:8f:1a:8b:1a:07:
8d:c4:bc:f4:df:f4:d9:0d:d5:50:5b:45:df:ae:12:
1e:b3:63:14:be:64:6f:be:43:2b:32:aa:14:12:3c:
e1:50:5d:b9:21:97:cb:d5:42:60:64:59:cc:50:10:
90:0d:72:18:46:f8:90:d3:52:12:87:8d:99:c4:5d:
6f:bf:e2:d6:69:91:36:3d:13:33:4d:8d:96:63:88:
36:03:d8:16:0f:20:6e:41:e7:8c:81:9f:03:2b:9e:
26:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C5:12:F5:2B:4B:C1:92:6A:47:AA:75:46:42:B8:2C:3F:C2:CA:1D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8MUS9StLwZJqR6p1RkK4LD_Cyh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
30:81:e1:60:8b:b5:63:36:c0:e8:e5:5d:7d:45:2f:53:6a:4a:
68:49:01:f5:3c:c9:95:8d:2a:fb:98:3e:9d:14:26:d4:d4:d7:
12:d0:e2:85:e4:b2:f7:65:3d:e3:75:26:f4:d9:71:70:a4:65:
86:91:ab:4a:31:90:64:72:ba:cf:19:d6:9b:b2:9a:f6:2f:24:
20:71:02:a8:ed:a7:8d:24:0c:0c:f3:39:1a:a2:37:07:9f:4b:
7f:84:4a:84:28:80:39:1f:91:51:e3:c9:85:6c:ce:96:07:51:
70:19:2d:1f:c1:15:79:3d:12:c3:90:8a:4b:e6:1a:f5:e3:a3:
e9:f3:ce:49:ed:09:d7:73:59:11:24:ab:ca:0d:52:0d:65:f1:
be:86:c5:69:a4:f0:8a:84:21:b7:a8:84:39:81:2d:4c:ff:70:
de:66:a0:47:79:d0:f9:f4:c5:a2:b8:8d:ac:51:ce:f7:05:a1:
06:17:b0:ab:06:9f:a1:2a:d6:3c:38:48:24:bf:62:41:9d:a1:
8b:3a:32:e6:c3:3e:6a:78:a6:e5:59:77:b1:27:c5:67:84:b1:
ff:b8:57:dd:1d:08:ce:3c:32:73:3c:a1:86:36:63:6b:e5:b9:
ba:37:4d:f7:08:0f:dc:df:f7:bf:51:d5:53:68:a4:35:db:e4:
9d:c1:8f:24
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFNzEpzdvhxqjhYR7RG4fwrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODEzMjIxMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGM1MTJmNTJiNGJjMTkyNmE0N2FhNzU0NjQyYjgyYzNmYzJjYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5S8Q158k2zyl5SEll9YPSFZ7F2I3
x9R73chBGlkHeHm72ujch9bNSqTVUGrMcmrICbDS6jS1YVqB+z6O2MLnT0+y6eK2
XFWDDXm0bkiBRZC4E42uNohEtCm6taHm9wYLazCs2ubXtoxrffLkmsz7ULpMtzD9
UU6b47S004MQyVKY5woYVFQDZ4fzTbtWHSSGp1XMUCC4QZ7poOSdDc1DjxqLGgeN
xLz03/TZDdVQW0XfrhIes2MUvmRvvkMrMqoUEjzhUF25IZfL1UJgZFnMUBCQDXIY
RviQ01ISh42ZxF1vv+LWaZE2PRMzTY2WY4g2A9gWDyBuQeeMgZ8DK54mAwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPDFEvUrS8GSakeqdUZCuCw/wsodMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvOE1VUzlTdEx3WkpxUjZwMVJrSzRMRF9DeWgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAMIHhYIu1YzbA6OVdfUUvU2pK
aEkB9TzJlY0q+5g+nRQm1NTXEtDiheSy92U943Um9NlxcKRlhpGrSjGQZHK6zxnW
m7Ka9i8kIHECqO2njSQMDPM5GqI3B59Lf4RKhCiAOR+RUePJhWzOlgdRcBktH8EV
eT0Sw5CKS+Ya9eOj6fPOSe0J13NZESSryg1SDWXxvobFaaTwioQht6iEOYEtTP9w
3magR3nQ+fTForiNrFHO9wWhBhewqwafoSrWPDhIJL9iQZ2hizoy5sM+anim5Vl3
sSfFZ4Sx/7hX3R0IzjwyczyhhjZja+W5ujdN9wgP3N/3v1HVU2ikNdvkncGPJA==
-----END CERTIFICATE-----
Generated at Wed Aug 14 02:33:03 2024 by rpki-client on console-ams.rpki-client.org