Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CXCQ87I-KJOx8oF6nnKFnPkeeRU.roa
File: CXCQ87I-KJOx8oF6nnKFnPkeeRU.roa (raw, json)
Hash identifier: e++uN4+69CxKXvA8vQmzfJCRscPcKikanwTLFC8z+Q0=
Subject key identifier: 09:70:90:F3:B2:3E:28:93:B1:F2:81:7A:9E:72:85:9C:F9:1E:79:15
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01931AB93D575F953D290B085EDB57185307
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CXCQ87I-KJOx8oF6nnKFnPkeeRU.roa
Signing time: Mon 11 Nov 2024 10:16:07 +0000
ROA not before: Mon 11 Nov 2024 10:16:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:193:1aae:71c0/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 11 Nov 2024 10:22:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1a:b9:3d:57:5f:95:3d:29:0b:08:5e:db:57:18:53:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Nov 11 10:16:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=097090f3b23e2893b1f2817a9e72859cf91e7915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f7:a4:d9:06:95:12:9d:c9:61:0e:a8:08:13:
2a:e1:3d:9a:58:50:20:a6:ed:07:97:0b:36:bd:28:
15:ea:2d:81:2b:c2:79:f4:38:ea:51:34:5d:37:9b:
43:53:71:2c:6a:58:b9:60:7e:2a:c1:a8:9c:7e:5e:
a9:2b:13:4f:2e:77:d1:77:7e:a4:53:f6:51:c7:b5:
b3:40:1f:0c:41:c8:eb:3e:ea:7f:30:6d:7e:ba:4d:
c7:92:54:c6:75:3c:50:91:ff:e4:f2:1f:0f:d0:76:
4a:1c:9a:8a:8a:82:17:52:ee:72:98:d5:8f:32:4e:
e7:86:37:77:ca:d8:d6:ad:9e:bd:48:e3:ce:df:68:
21:d5:c6:a5:6b:84:fe:b9:eb:4a:3c:93:3a:20:7a:
17:67:40:d8:f7:24:c8:cd:1f:b4:b3:49:a1:ad:9f:
57:4f:4b:ca:91:e8:aa:af:b0:f9:ff:62:cd:28:55:
1a:8e:73:35:d8:16:65:33:db:bd:ab:e9:92:f9:7b:
35:d4:a6:57:28:64:86:db:f0:f3:8b:a7:47:7f:4b:
f5:3e:65:a1:73:25:7b:87:7b:89:5f:1a:bf:63:cf:
53:b9:1c:13:e6:45:97:36:54:eb:46:3c:8b:d2:f3:
83:de:a6:8d:02:0a:5e:4a:f7:3c:8b:68:6c:d4:21:
98:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:70:90:F3:B2:3E:28:93:B1:F2:81:7A:9E:72:85:9C:F9:1E:79:15
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CXCQ87I-KJOx8oF6nnKFnPkeeRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:193:1aae:71c0/128
Signature Algorithm: sha256WithRSAEncryption
4a:7a:73:84:d8:45:8e:0e:b0:df:1f:01:9c:42:3f:34:a9:23:
5f:6c:c8:89:38:0a:9c:2b:4d:e3:91:75:5a:8d:04:a1:f2:33:
c8:12:8a:08:2f:08:09:a9:f1:90:3b:af:ca:60:21:fd:57:d0:
24:fd:f4:0e:5f:17:ca:3b:d7:ad:66:b2:01:20:d0:77:2d:07:
51:6e:06:7f:c4:9b:bb:30:d2:3d:32:49:63:5a:54:f4:ef:02:
ec:eb:e6:c5:9d:00:38:51:ce:f4:bc:97:55:3e:61:5d:76:12:
08:7a:00:4b:49:33:27:af:10:4c:93:aa:bf:7f:58:c1:0b:e5:
ef:17:bf:ca:c3:79:b1:0d:ef:d1:49:9f:22:bc:a9:54:29:23:
d0:28:6a:b4:59:8f:b1:11:4a:4b:8c:75:c8:a5:42:12:83:cd:
c3:64:06:c1:c9:b2:cb:4a:5b:a4:76:25:bc:f2:66:33:9e:a8:
d7:b5:a8:f0:08:60:c8:a7:15:3c:28:2b:6c:35:be:31:9b:37:
9c:86:42:1c:2c:b0:c5:7d:d3:1f:32:c2:7d:5a:aa:fa:c1:95:
69:bf:8c:41:be:19:9d:fd:55:5f:1b:55:a0:1f:e2:6e:8b:ed:
fb:0d:31:ca:02:96:7a:94:70:1e:55:81:3c:69:a9:a5:82:37:
17:69:81:33
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZMauT1XX5U9KQsIXttXGFMHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMTExMTAxNjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTcwOTBmM2IyM2UyODkzYjFmMjgxN2E5ZTcyODU5Y2Y5MWU3OTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPek2QaVEp3JYQ6oCBMq4T2aWFAg
pu0Hlws2vSgV6i2BK8J59DjqUTRdN5tDU3Esali5YH4qwaicfl6pKxNPLnfRd36k
U/ZRx7WzQB8MQcjrPup/MG1+uk3HklTGdTxQkf/k8h8P0HZKHJqKioIXUu5ymNWP
Mk7nhjd3ytjWrZ69SOPO32gh1cala4T+uetKPJM6IHoXZ0DY9yTIzR+0s0mhrZ9X
T0vKkeiqr7D5/2LNKFUajnM12BZlM9u9q+mS+Xs11KZXKGSG2/Dzi6dHf0v1PmWh
cyV7h3uJXxq/Y89TuRwT5kWXNlTrRjyL0vOD3qaNAgpeSvc8i2hs1CGYtQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAlwkPOyPiiTsfKBep5yhZz5HnkVMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQ1hDUTg3SS1LSk94OG9GNm5uS0ZuUGtlZVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGTGq5xwDANBgkqhkiG9w0BAQsFAAOCAQEASnpzhNhFjg6w3x8BnEI/NKkj
X2zIiTgKnCtN45F1Wo0EofIzyBKKCC8ICanxkDuvymAh/VfQJP30Dl8XyjvXrWay
ASDQdy0HUW4Gf8SbuzDSPTJJY1pU9O8C7OvmxZ0AOFHO9LyXVT5hXXYSCHoAS0kz
J68QTJOqv39YwQvl7xe/ysN5sQ3v0UmfIrypVCkj0ChqtFmPsRFKS4x1yKVCEoPN
w2QGwcmyy0pbpHYlvPJmM56o17Wo8AhgyKcVPCgrbDW+MZs3nIZCHCywxX3THzLC
fVqq+sGVab+MQb4Znf1VXxtVoB/ibovt+w0xygKWepRwHlWBPGmppYI3F2mBMw==
-----END CERTIFICATE-----
Generated at Mon Nov 11 14:44:10 2024 by rpki-client on console-fra.rpki-client.org