Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CfGneGn2vJOSe3LUTtO0oSTJjGU.roa
File: CfGneGn2vJOSe3LUTtO0oSTJjGU.roa (raw, json)
Hash identifier: s3LvkqVP6ckx92aYamywCI38wBav4fp8pdpS6K82lxA=
Subject key identifier: 09:F1:A7:78:69:F6:BC:93:92:7B:72:D4:4E:D3:B4:A1:24:C9:8C:65
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191AEC8D3B63FF39AA4C7595200869CAAE3
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CfGneGn2vJOSe3LUTtO0oSTJjGU.roa
Signing time: Sun 01 Sep 2024 18:11:22 +0000
ROA not before: Sun 01 Sep 2024 18:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 01 Sep 2024 19:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ae:c8:d3:b6:3f:f3:9a:a4:c7:59:52:00:86:9c:aa:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 1 18:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09f1a77869f6bc93927b72d44ed3b4a124c98c65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:83:44:fc:51:cf:82:1a:90:55:71:92:bc:42:
04:96:fb:ef:8b:7d:db:ac:69:4b:79:ce:b0:b1:2e:
21:d9:73:5d:6e:64:d5:44:a4:32:1a:ee:24:51:62:
46:ed:72:f8:4f:b3:a4:2b:0d:3e:0a:d4:a2:6d:2b:
37:10:df:ca:e4:a8:2f:e2:de:21:ec:f2:66:b5:cb:
cb:c8:79:e4:af:67:92:cb:62:a4:bb:0f:7c:30:28:
18:fd:d4:7b:5d:f4:78:23:71:4b:39:74:90:e2:af:
38:4f:ef:47:2f:88:03:df:a9:a3:00:45:60:7c:7a:
2f:8e:37:38:ed:23:88:68:54:5e:f6:d2:e6:a3:67:
6a:99:66:35:e8:da:b3:8e:f6:25:81:da:5a:77:01:
f5:13:4e:52:ab:8d:4c:ba:58:23:f0:be:65:41:83:
51:14:79:33:c7:87:30:b7:05:eb:ac:19:c9:7b:96:
4f:29:a8:41:31:7e:a8:c1:a0:92:6a:fc:aa:4b:ee:
f0:e9:e1:a2:80:18:ef:c3:be:be:89:19:cf:71:3f:
4d:af:ec:b3:c5:e8:b8:b3:49:82:e4:7f:ef:79:6e:
3e:21:ec:82:60:86:65:95:d8:bb:6a:3d:53:4f:f1:
c8:a3:92:7c:e1:78:20:8d:8e:88:c3:af:cc:f6:0c:
01:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:F1:A7:78:69:F6:BC:93:92:7B:72:D4:4E:D3:B4:A1:24:C9:8C:65
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CfGneGn2vJOSe3LUTtO0oSTJjGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
65:ff:42:1d:8b:06:33:c3:17:39:9f:be:95:b0:ae:d9:1b:72:
42:3c:3e:86:f0:61:66:8f:05:f1:01:ec:f9:71:5c:4d:60:3e:
cb:69:e4:60:35:1a:02:84:41:5c:48:d5:25:d7:83:bd:95:0b:
d4:80:3f:13:be:9d:d5:aa:34:7f:f5:71:16:40:91:44:3c:c2:
c8:51:4b:ab:e5:f1:e1:c3:aa:35:04:62:44:6f:50:ad:db:f3:
8b:3e:ae:26:4c:1d:b8:ac:ce:24:e4:6c:1b:b8:cb:b6:9f:dc:
1e:8c:e4:a0:80:91:d9:05:9b:6b:77:aa:da:2b:b4:d4:c9:a2:
12:10:77:f1:e0:bc:4b:aa:25:be:8d:74:6b:07:13:7a:c2:1b:
0d:fa:eb:1a:5a:f5:8d:36:fd:cc:70:90:d7:5a:b3:06:4b:1d:
f4:45:3d:1f:b8:42:42:de:82:e8:7d:fa:c2:ee:bb:74:68:c9:
72:f2:3c:ab:01:16:64:42:7b:6c:5d:a3:68:be:d7:a9:4c:d0:
59:97:01:05:03:7b:5e:6a:c5:a4:b9:09:e7:ae:c4:c0:5e:5c:
1e:f5:17:1b:44:67:30:d2:eb:9e:94:a1:21:4f:71:a4:6f:35:
31:2b:c2:cf:57:21:ef:f1:3f:27:f6:80:87:e2:82:45:0c:55:
00:1a:13:32
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGuyNO2P/OapMdZUgCGnKrjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAxMTgxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWYxYTc3ODY5ZjZiYzkzOTI3YjcyZDQ0ZWQzYjRhMTI0Yzk4YzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoNE/FHPghqQVXGSvEIElvvvi33b
rGlLec6wsS4h2XNdbmTVRKQyGu4kUWJG7XL4T7OkKw0+CtSibSs3EN/K5Kgv4t4h
7PJmtcvLyHnkr2eSy2Kkuw98MCgY/dR7XfR4I3FLOXSQ4q84T+9HL4gD36mjAEVg
fHovjjc47SOIaFRe9tLmo2dqmWY16NqzjvYlgdpadwH1E05Sq41Mulgj8L5lQYNR
FHkzx4cwtwXrrBnJe5ZPKahBMX6owaCSavyqS+7w6eGigBjvw76+iRnPcT9Nr+yz
xei4s0mC5H/veW4+IeyCYIZlldi7aj1TT/HIo5J84XggjY6Iw6/M9gwB9QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAnxp3hp9ryTknty1E7TtKEkyYxlMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQ2ZHbmVHbjJ2Sk9TZTNMVVR0TzBvU1RKakdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAZf9CHYsGM8MXOZ++lbCu2Rty
Qjw+hvBhZo8F8QHs+XFcTWA+y2nkYDUaAoRBXEjVJdeDvZUL1IA/E76d1ao0f/Vx
FkCRRDzCyFFLq+Xx4cOqNQRiRG9Qrdvziz6uJkwduKzOJORsG7jLtp/cHozkoICR
2QWba3eq2iu01MmiEhB38eC8S6olvo10awcTesIbDfrrGlr1jTb9zHCQ11qzBksd
9EU9H7hCQt6C6H36wu67dGjJcvI8qwEWZEJ7bF2jaL7XqUzQWZcBBQN7XmrFpLkJ
567EwF5cHvUXG0RnMNLrnpShIU9xpG81MSvCz1ch7/E/J/aAh+KCRQxVABoTMg==
-----END CERTIFICATE-----
Generated at Sun Sep 1 20:38:05 2024 by rpki-client on console-ams.rpki-client.org