Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Bl1iXETO47I9BQV5lmXbKkXpCG0.roa
File: Bl1iXETO47I9BQV5lmXbKkXpCG0.roa (raw, json)
Hash identifier: Gz2EBsnYDEHmmH2F+nm+ej6wXBKbM6pWHiR85sCUC3A=
Subject key identifier: 06:5D:62:5C:44:CE:E3:B2:3D:05:05:79:96:65:DB:2A:45:E9:08:6D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01913AEB99E9B8CFFBCF5343D00AD4CDEC58
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Bl1iXETO47I9BQV5lmXbKkXpCG0.roa
Signing time: Sat 10 Aug 2024 06:13:24 +0000
ROA not before: Sat 10 Aug 2024 06:13:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 10 Aug 2024 07:05:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3a:eb:99:e9:b8:cf:fb:cf:53:43:d0:0a:d4:cd:ec:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 10 06:13:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=065d625c44cee3b23d0505799665db2a45e9086d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3f:23:ea:a4:9f:2a:15:79:96:b7:ab:5f:31:
d4:b5:cd:eb:65:16:fa:bf:8f:c9:e1:63:bb:8b:86:
9e:06:f0:91:1f:a8:81:e7:46:64:f2:f7:49:62:c8:
d2:ad:0f:ad:01:f6:dd:5a:a6:a6:04:f4:97:40:cb:
e4:5a:9c:da:52:97:fd:f6:da:99:5f:f0:23:8b:7e:
75:d3:60:fe:b8:a4:89:e1:57:7f:76:2b:cd:c8:6d:
f8:b0:39:d9:0a:9d:a0:7c:45:82:25:9a:bf:06:06:
04:ba:47:06:70:cc:6e:e3:16:41:91:6d:a0:68:42:
8c:d6:3d:c4:d4:d7:6e:60:04:63:39:c3:9e:04:e1:
81:4f:83:84:5e:5c:19:91:f9:6d:12:bd:42:32:93:
f1:49:f2:c0:f9:e0:4e:91:52:26:f2:bd:75:d2:0a:
35:b7:c4:b9:7d:ee:31:82:17:3f:74:2b:c4:b3:df:
ec:d8:2a:b1:e7:9c:c3:20:95:14:3a:e7:37:ca:51:
65:4d:4c:00:59:c3:dc:2f:ad:b0:98:bc:f8:a2:55:
14:76:0b:2c:58:6a:96:37:6b:21:ce:53:d0:14:34:
38:75:f7:b7:74:1d:13:80:2a:68:db:db:33:42:88:
76:60:a3:6a:79:0c:02:1b:0e:56:e2:95:c6:cb:78:
21:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:5D:62:5C:44:CE:E3:B2:3D:05:05:79:96:65:DB:2A:45:E9:08:6D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Bl1iXETO47I9BQV5lmXbKkXpCG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
3e:5c:5c:3e:7d:ef:49:a8:cb:d7:d3:14:76:33:d0:a9:d9:9c:
74:f7:b1:85:c6:14:70:8d:a7:3c:f9:fc:aa:f1:af:48:7c:09:
2f:ea:65:f1:0e:63:07:20:d5:04:58:34:5a:2c:7e:7f:17:32:
02:ca:53:cf:97:79:c4:11:a2:de:c5:d2:b9:fa:0e:f3:1d:99:
06:05:62:03:10:2c:d4:1e:67:14:86:80:4e:0c:27:17:dd:43:
a8:0c:29:27:c4:e0:56:51:f6:08:fa:fe:7d:2d:36:12:63:de:
fc:59:f8:7a:de:aa:5c:6e:05:b1:e6:72:a3:f0:e1:99:df:f0:
82:3f:44:0f:86:d4:bc:ec:6b:4f:9e:71:5c:62:8d:9b:6b:73:
ec:15:d3:36:ae:14:fc:58:78:33:c1:be:6d:dd:48:5a:e8:40:
61:06:70:b6:82:4a:59:33:e0:33:db:a9:1c:e5:fd:a9:6b:c6:
39:0e:b2:16:4d:7e:ac:3b:79:f0:c7:36:c5:4a:7c:1d:ea:99:
09:33:ad:2c:05:1e:1e:ff:21:85:53:c3:0b:10:f1:76:6d:3a:
5e:b6:38:bd:4a:df:90:5d:94:88:1e:a1:c7:ce:ac:78:e3:ec:
42:b9:34:f3:c7:29:e9:4f:0d:8b:f9:4e:b5:49:f2:96:8a:a9:
34:c6:82:be
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZE665npuM/7z1ND0ArUzexYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODEwMDYxMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjVkNjI1YzQ0Y2VlM2IyM2QwNTA1Nzk5NjY1ZGIyYTQ1ZTkwODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT8j6qSfKhV5lrerXzHUtc3rZRb6
v4/J4WO7i4aeBvCRH6iB50Zk8vdJYsjSrQ+tAfbdWqamBPSXQMvkWpzaUpf99tqZ
X/Aji35102D+uKSJ4Vd/divNyG34sDnZCp2gfEWCJZq/BgYEukcGcMxu4xZBkW2g
aEKM1j3E1NduYARjOcOeBOGBT4OEXlwZkfltEr1CMpPxSfLA+eBOkVIm8r110go1
t8S5fe4xghc/dCvEs9/s2Cqx55zDIJUUOuc3ylFlTUwAWcPcL62wmLz4olUUdgss
WGqWN2shzlPQFDQ4dfe3dB0TgCpo29szQoh2YKNqeQwCGw5W4pXGy3ghUwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAZdYlxEzuOyPQUFeZZl2ypF6QhtMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQmwxaVhFVE80N0k5QlFWNWxtWGJLa1hwQ0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAPlxcPn3vSajL19MUdjPQqdmc
dPexhcYUcI2nPPn8qvGvSHwJL+pl8Q5jByDVBFg0Wix+fxcyAspTz5d5xBGi3sXS
ufoO8x2ZBgViAxAs1B5nFIaATgwnF91DqAwpJ8TgVlH2CPr+fS02EmPe/Fn4et6q
XG4FseZyo/Dhmd/wgj9ED4bUvOxrT55xXGKNm2tz7BXTNq4U/Fh4M8G+bd1IWuhA
YQZwtoJKWTPgM9upHOX9qWvGOQ6yFk1+rDt58Mc2xUp8HeqZCTOtLAUeHv8hhVPD
CxDxdm06XrY4vUrfkF2UiB6hx86seOPsQrk088cp6U8Ni/lOtUnyloqpNMaCvg==
-----END CERTIFICATE-----
Generated at Sat Aug 10 09:26:57 2024 by rpki-client on console-fra.rpki-client.org