Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9ZAslurF1vr5Du4cp5hOivldE2c.roa
File: 9ZAslurF1vr5Du4cp5hOivldE2c.roa (raw, json)
Hash identifier: Qco5rGBdoYaXYlQ97Utoq0cABgPT2RlGLcxCGcY+Ies=
Subject key identifier: F5:90:2C:96:EA:C5:D6:FA:F9:0E:EE:1C:A7:98:4E:8A:F9:5D:13:67
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01918416D3C48924E76C5CD04EFD4DB7CF9C
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9ZAslurF1vr5Du4cp5hOivldE2c.roa
Signing time: Sat 24 Aug 2024 11:12:54 +0000
ROA not before: Sat 24 Aug 2024 11:12:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 24 Aug 2024 12:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:84:16:d3:c4:89:24:e7:6c:5c:d0:4e:fd:4d:b7:cf:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 24 11:12:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5902c96eac5d6faf90eee1ca7984e8af95d1367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9d:40:53:34:8e:df:d3:2a:84:bf:42:fe:c5:
8d:8a:5e:e4:d1:8d:26:1b:be:78:9b:64:2f:49:d4:
65:1c:32:6b:3b:75:56:d3:c7:f7:70:4b:7f:45:28:
b9:c6:a7:00:0b:d8:6f:e5:97:b5:0a:61:0b:01:14:
ac:9d:d7:be:22:7f:89:ae:72:74:26:af:8f:70:a5:
1b:e0:b5:80:dc:5f:06:0c:74:8a:0c:f1:c8:5a:47:
89:f2:eb:fb:25:c1:f1:a5:0b:f0:50:ff:36:b9:8f:
32:65:37:48:74:89:23:d7:57:aa:33:c9:f2:db:c5:
29:97:0b:a7:81:86:7c:fc:45:95:ca:8b:7c:b5:b5:
ab:82:b7:19:64:33:50:bb:22:20:37:1c:ad:dc:04:
92:3e:70:ed:21:14:95:6d:27:11:87:7d:de:bc:2b:
6a:70:56:e8:85:1e:8b:36:51:92:68:2b:26:27:55:
8d:d1:25:f9:8f:3f:27:b8:ae:d6:c9:07:a6:5e:ed:
86:bc:79:20:52:88:70:5f:e2:43:35:6e:4b:88:10:
74:14:ad:36:3d:4e:6f:71:1f:a3:e4:ea:31:c2:a4:
f0:d3:1e:57:02:e0:a0:15:d9:38:90:c7:89:84:a6:
45:b1:0f:08:3d:92:f4:06:17:86:89:9e:87:f5:45:
94:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:90:2C:96:EA:C5:D6:FA:F9:0E:EE:1C:A7:98:4E:8A:F9:5D:13:67
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9ZAslurF1vr5Du4cp5hOivldE2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
6c:58:86:a0:a6:76:0b:47:73:7c:6a:eb:f9:de:aa:da:04:ca:
b8:3c:5c:05:3b:0e:e9:6d:4f:c3:74:45:43:ae:f9:4b:e4:f4:
0a:50:25:15:e8:52:7b:7a:88:03:0f:be:b0:9d:04:12:77:7a:
a6:e8:49:0c:f7:1f:a1:9a:7d:33:1d:3e:e0:f7:d6:f8:81:45:
23:8f:28:e9:7e:a5:f3:f0:81:b3:33:7b:20:35:d8:29:0b:bc:
03:ce:d1:12:8f:8b:76:24:81:c1:cf:27:1f:d2:a9:d5:59:c2:
08:82:f3:f8:01:a6:40:e3:31:16:8b:92:3e:8d:37:1f:32:34:
9a:59:80:5d:39:ee:87:98:37:6b:5c:76:01:05:d1:e1:58:23:
b8:b0:62:40:0a:c5:79:52:a9:47:43:e3:27:02:cc:a1:8c:45:
71:9c:7b:7b:41:de:f5:5c:d7:c7:d4:29:c2:a7:c9:67:07:bf:
fb:4e:e7:ee:25:f7:7a:a5:c8:48:87:be:0e:cc:51:0f:40:4e:
cf:8b:0e:84:18:8d:b7:68:dc:83:c3:d4:e4:45:fe:35:fa:ee:
88:d7:fd:10:34:43:34:71:f0:08:11:53:4a:92:a0:e0:2f:71:
3b:f5:12:ab:f6:bf:92:34:22:3e:0f:12:5e:e8:fa:fc:8c:e5:
93:72:ed:84
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGEFtPEiSTnbFzQTv1Nt8+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI0MTExMjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTkwMmM5NmVhYzVkNmZhZjkwZWVlMWNhNzk4NGU4YWY5NWQxMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJ1AUzSO39MqhL9C/sWNil7k0Y0m
G754m2QvSdRlHDJrO3VW08f3cEt/RSi5xqcAC9hv5Ze1CmELARSsnde+In+JrnJ0
Jq+PcKUb4LWA3F8GDHSKDPHIWkeJ8uv7JcHxpQvwUP82uY8yZTdIdIkj11eqM8ny
28UplwungYZ8/EWVyot8tbWrgrcZZDNQuyIgNxyt3ASSPnDtIRSVbScRh33evCtq
cFbohR6LNlGSaCsmJ1WN0SX5jz8nuK7WyQemXu2GvHkgUohwX+JDNW5LiBB0FK02
PU5vcR+j5OoxwqTw0x5XAuCgFdk4kMeJhKZFsQ8IPZL0BheGiZ6H9UWUYQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPWQLJbqxdb6+Q7uHKeYTor5XRNnMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvOVpBc2x1ckYxdnI1RHU0Y3A1aE9pdmxkRTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAbFiGoKZ2C0dzfGrr+d6q2gTK
uDxcBTsO6W1Pw3RFQ675S+T0ClAlFehSe3qIAw++sJ0EEnd6puhJDPcfoZp9Mx0+
4PfW+IFFI48o6X6l8/CBszN7IDXYKQu8A87REo+LdiSBwc8nH9Kp1VnCCILz+AGm
QOMxFouSPo03HzI0mlmAXTnuh5g3a1x2AQXR4VgjuLBiQArFeVKpR0PjJwLMoYxF
cZx7e0He9VzXx9QpwqfJZwe/+07n7iX3eqXISIe+DsxRD0BOz4sOhBiNt2jcg8PU
5EX+NfruiNf9EDRDNHHwCBFTSpKg4C9xO/USq/a/kjQiPg8SXuj6/Izlk3LthA==
-----END CERTIFICATE-----
Generated at Sat Aug 24 15:46:03 2024 by rpki-client on console-fra.rpki-client.org