Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CbB1UU4zGAdmKVbovaHDSLL2jMU.roa
File: CbB1UU4zGAdmKVbovaHDSLL2jMU.roa (raw, json)
Hash identifier: pynh0Sak7dVgExTnRAtmcuPXdslL+54r03zpkOXM5KU=
Subject key identifier: 09:B0:75:51:4E:33:18:07:66:29:56:E8:BD:A1:C3:48:B2:F6:8C:C5
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0192E276FC111D1F6213BB33A1D2E7794763
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CbB1UU4zGAdmKVbovaHDSLL2jMU.roa
Signing time: Thu 31 Oct 2024 12:05:01 +0000
ROA not before: Thu 31 Oct 2024 12:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:192:e276:9f71/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 31 Oct 2024 12:12:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e2:76:fc:11:1d:1f:62:13:bb:33:a1:d2:e7:79:47:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Oct 31 12:05:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09b075514e331807662956e8bda1c348b2f68cc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:09:47:51:7f:ef:44:a9:7b:ea:e2:01:4f:7b:
33:a9:a1:e9:cd:b5:34:d1:e7:4b:a6:fa:a4:9d:6a:
77:2c:4c:66:78:73:6d:6c:5a:28:5c:14:f9:42:2f:
52:71:27:0e:7b:bc:6a:c4:29:7c:1e:c2:bc:4f:ba:
ba:76:fb:45:3b:86:a0:10:c8:10:5f:b5:11:c4:df:
33:86:96:33:df:32:3a:e3:5a:30:30:3c:68:bd:71:
0c:a7:2b:1c:95:e4:ad:b5:49:e8:29:03:6d:4a:d7:
89:79:2c:48:c5:fd:b3:b5:7e:d2:bd:2b:0b:7a:22:
27:3b:0a:d9:57:c5:f9:b6:60:35:6f:ce:14:de:f2:
3c:c4:7b:01:91:a9:41:f6:36:f1:80:f4:6b:9d:71:
b0:c7:ed:93:09:0a:2a:a2:17:71:1d:cc:24:ad:af:
d2:f7:b2:e3:fd:47:4f:c0:20:62:28:a8:f1:7a:84:
0e:c5:70:17:36:04:4c:f9:38:f0:b1:ea:1a:48:0a:
1d:25:39:65:90:45:8c:30:99:d8:09:a1:7f:ee:4d:
c7:0a:42:fc:f8:84:74:62:9b:53:af:e6:50:71:6e:
23:45:dd:a0:b8:67:17:ce:29:13:fa:7b:cc:a3:b1:
f1:e4:d4:76:82:a4:91:34:77:9d:a0:f3:f9:c4:16:
3f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B0:75:51:4E:33:18:07:66:29:56:E8:BD:A1:C3:48:B2:F6:8C:C5
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CbB1UU4zGAdmKVbovaHDSLL2jMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:192:e276:9f71/128
Signature Algorithm: sha256WithRSAEncryption
20:6f:f1:73:d7:5d:e5:14:7a:f8:42:62:96:bc:5a:ce:60:f9:
26:77:35:2d:39:b7:0f:15:93:ac:dd:d6:77:08:3c:4a:b9:1f:
d7:07:1a:fa:f6:f9:76:bb:dd:16:ac:47:eb:04:ae:4b:4d:d2:
11:c8:61:d3:b5:b9:78:0c:05:9d:65:26:cd:46:5b:22:65:09:
0b:7c:1d:4f:6f:c9:f3:c8:a0:7c:bd:9e:48:25:03:35:1f:5a:
c9:c7:90:d6:84:7a:4f:f7:e4:b1:4a:53:ef:c8:e9:7a:a4:93:
c2:21:52:a6:96:ac:79:68:34:11:52:01:5d:4a:71:32:36:f9:
fb:37:a1:50:55:34:35:dc:82:33:97:3c:96:ef:61:0b:34:3f:
e0:71:4b:d2:8c:7c:4e:58:7a:e9:5b:e1:2c:d0:35:23:c6:83:
bf:90:6b:2b:e1:bd:bd:f7:01:52:9b:e6:49:12:f6:da:37:00:
e3:8b:10:c8:9b:ef:5e:78:67:da:d8:c5:a4:02:82:62:62:f5:
ea:3d:b1:ff:b4:db:ec:82:17:13:65:3a:26:5d:dd:00:d7:41:
00:10:b9:a9:be:38:17:9c:af:50:0c:2e:8a:29:93:32:64:a1:
49:61:09:83:ac:4c:75:49:1b:b4:92:a6:f9:26:e7:be:01:c7:
3d:06:b0:41
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZLidvwRHR9iE7szodLneUdjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMDMxMTIwNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWIwNzU1MTRlMzMxODA3NjYyOTU2ZThiZGExYzM0OGIyZjY4Y2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQlHUX/vRKl76uIBT3szqaHpzbU0
0edLpvqknWp3LExmeHNtbFooXBT5Qi9ScScOe7xqxCl8HsK8T7q6dvtFO4agEMgQ
X7URxN8zhpYz3zI641owMDxovXEMpyscleSttUnoKQNtSteJeSxIxf2ztX7SvSsL
eiInOwrZV8X5tmA1b84U3vI8xHsBkalB9jbxgPRrnXGwx+2TCQoqohdxHcwkra/S
97Lj/UdPwCBiKKjxeoQOxXAXNgRM+TjwseoaSAodJTllkEWMMJnYCaF/7k3HCkL8
+IR0YptTr+ZQcW4jRd2guGcXzikT+nvMo7Hx5NR2gqSRNHedoPP5xBY/8QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAmwdVFOMxgHZilW6L2hw0iy9ozFMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQ2JCMVVVNHpHQWRtS1Zib3ZhSERTTEwyak1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGS4nafcTANBgkqhkiG9w0BAQsFAAOCAQEAIG/xc9dd5RR6+EJilrxazmD5
Jnc1LTm3DxWTrN3Wdwg8Srkf1wca+vb5drvdFqxH6wSuS03SEchh07W5eAwFnWUm
zUZbImUJC3wdT2/J88igfL2eSCUDNR9ayceQ1oR6T/fksUpT78jpeqSTwiFSppas
eWg0EVIBXUpxMjb5+zehUFU0NdyCM5c8lu9hCzQ/4HFL0ox8Tlh66VvhLNA1I8aD
v5BrK+G9vfcBUpvmSRL22jcA44sQyJvvXnhn2tjFpAKCYmL16j2x/7Tb7IIXE2U6
Jl3dANdBABC5qb44F5yvUAwuiimTMmShSWEJg6xMdUkbtJKm+SbnvgHHPQawQQ==
-----END CERTIFICATE-----
Generated at Thu Oct 31 15:31:01 2024 by rpki-client on console-fra.rpki-client.org