Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8U85kowb2qfQFicqPb4Re0P8qt4.roa
File: 8U85kowb2qfQFicqPb4Re0P8qt4.roa (raw, json)
Hash identifier: CFfHPc4KiKtaUOvHhxRKQWExICsLxEJ+eC93uAlo0sM=
Subject key identifier: F1:4F:39:92:8C:1B:DA:A7:D0:16:27:2A:3D:BE:11:7B:43:FC:AA:DE
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191919BF57B90FF7305B614A0513224803D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8U85kowb2qfQFicqPb4Re0P8qt4.roa
Signing time: Tue 27 Aug 2024 02:13:22 +0000
ROA not before: Tue 27 Aug 2024 02:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 27 Aug 2024 03:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:91:9b:f5:7b:90:ff:73:05:b6:14:a0:51:32:24:80:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 27 02:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f14f39928c1bdaa7d016272a3dbe117b43fcaade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:20:d6:c8:26:38:24:e5:0b:e9:84:f9:3b:4d:
95:90:07:ac:35:58:98:16:35:26:e0:cb:99:84:26:
79:c8:47:8c:3e:61:56:61:33:e2:06:3c:7c:4a:e1:
6c:39:66:fc:0f:af:cf:58:c3:b1:99:81:65:4a:0e:
2b:de:30:60:73:dd:b9:71:4f:55:7d:18:42:dd:5a:
11:97:b1:34:ff:54:25:0b:2f:1a:4b:13:e1:be:ae:
ba:85:ff:c9:a1:1e:43:56:b9:70:74:13:b1:8b:32:
bd:92:d8:ac:61:3b:af:c3:bb:f7:cd:d5:c4:1d:4b:
c6:f8:2b:05:bf:65:75:48:8c:7d:cd:57:68:25:2a:
f3:de:aa:f1:2d:cc:e7:1c:9a:a9:f0:9b:9e:a9:e0:
0d:3e:a3:ab:e0:9d:fd:39:b6:42:a0:9d:8a:91:8b:
4c:bd:b5:48:76:07:15:7c:57:d5:e4:bd:c1:70:7d:
38:db:e8:8b:e3:e6:00:52:17:69:99:02:21:f2:f9:
33:27:2c:f2:23:81:b4:7e:1c:73:26:50:87:8a:54:
18:8e:82:17:6b:a3:e5:c0:3f:98:e1:b7:bf:41:c4:
a1:ec:a3:e6:a2:f6:09:c3:f3:d2:a0:94:8a:dc:a3:
9f:d9:62:01:b7:ea:17:35:af:ed:df:d6:9e:4f:b2:
f1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:4F:39:92:8C:1B:DA:A7:D0:16:27:2A:3D:BE:11:7B:43:FC:AA:DE
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8U85kowb2qfQFicqPb4Re0P8qt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
63:13:26:a2:ec:79:3f:9f:05:8d:95:fe:c1:7c:48:bc:fc:c9:
32:49:1f:ba:17:84:ec:a2:3d:2c:d5:c6:49:b5:bd:6f:e9:00:
87:a5:a2:aa:06:b2:82:df:69:ea:f9:3f:03:f5:4f:19:82:96:
be:2a:06:1e:d4:da:24:f2:07:ed:73:de:fc:f6:89:12:03:06:
31:ba:04:e8:f1:d9:d1:8b:1f:eb:0e:2a:55:0c:4b:ef:28:73:
cc:09:b2:25:85:91:96:c8:31:a5:54:7b:26:0b:b7:42:86:92:
d8:f2:23:0a:47:e8:a8:8e:cf:4a:9f:a2:cc:00:e9:51:00:e8:
d6:82:0d:89:e1:31:8e:6f:ba:81:31:0d:48:b3:7e:6f:25:78:
8a:28:60:d7:d5:8d:15:f1:47:17:44:41:79:73:85:91:53:cd:
13:3d:86:f1:d8:ec:fa:dc:19:04:c8:c7:c6:49:ec:71:7d:10:
41:82:da:b4:38:78:7e:f0:57:ca:e8:46:5e:31:10:25:04:75:
b1:f2:9d:f0:57:b0:08:62:f6:1a:37:b8:05:c7:c0:98:22:25:
fd:6a:a2:e4:1e:08:77:cc:a9:fa:54:5e:ab:68:a6:0f:c2:c1:
17:90:80:6a:95:53:0c:59:67:71:de:2a:18:32:29:98:ac:75:
cb:bd:f4:5a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGRm/V7kP9zBbYUoFEyJIA9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI3MDIxMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTRmMzk5MjhjMWJkYWE3ZDAxNjI3MmEzZGJlMTE3YjQzZmNhYWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3SDWyCY4JOUL6YT5O02VkAesNViY
FjUm4MuZhCZ5yEeMPmFWYTPiBjx8SuFsOWb8D6/PWMOxmYFlSg4r3jBgc925cU9V
fRhC3VoRl7E0/1QlCy8aSxPhvq66hf/JoR5DVrlwdBOxizK9ktisYTuvw7v3zdXE
HUvG+CsFv2V1SIx9zVdoJSrz3qrxLcznHJqp8JueqeANPqOr4J39ObZCoJ2KkYtM
vbVIdgcVfFfV5L3BcH042+iL4+YAUhdpmQIh8vkzJyzyI4G0fhxzJlCHilQYjoIX
a6PlwD+Y4be/QcSh7KPmovYJw/PSoJSK3KOf2WIBt+oXNa/t39aeT7LxOQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPFPOZKMG9qn0BYnKj2+EXtD/KreMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvOFU4NWtvd2IycWZRRmljcVBiNFJlMFA4cXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAYxMmoux5P58FjZX+wXxIvPzJ
MkkfuheE7KI9LNXGSbW9b+kAh6Wiqgaygt9p6vk/A/VPGYKWvioGHtTaJPIH7XPe
/PaJEgMGMboE6PHZ0Ysf6w4qVQxL7yhzzAmyJYWRlsgxpVR7Jgu3QoaS2PIjCkfo
qI7PSp+izADpUQDo1oINieExjm+6gTENSLN+byV4iihg19WNFfFHF0RBeXOFkVPN
Ez2G8djs+twZBMjHxknscX0QQYLatDh4fvBXyuhGXjEQJQR1sfKd8FewCGL2Gje4
BcfAmCIl/Wqi5B4Id8yp+lReq2imD8LBF5CAapVTDFlncd4qGDIpmKx1y730Wg==
-----END CERTIFICATE-----
Generated at Tue Aug 27 06:17:24 2024 by rpki-client on console-ams.rpki-client.org