Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Hlf-XlUmN6uCc04LLhhKXp2pyAM.roa
File: Hlf-XlUmN6uCc04LLhhKXp2pyAM.roa (raw, json)
Hash identifier: gMr+GeaMFg00TEwP5Gu79kiLHS65IEkXOYR4Jy2dNP8=
Subject key identifier: 1E:57:FE:5E:55:26:37:AB:82:73:4E:0B:2E:18:4A:5E:9D:A9:C8:03
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01916BA09B036C1520C82B0C31C9EE5AA588
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Hlf-XlUmN6uCc04LLhhKXp2pyAM.roa
Signing time: Mon 19 Aug 2024 17:12:53 +0000
ROA not before: Mon 19 Aug 2024 17:12:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 19 Aug 2024 18:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6b:a0:9b:03:6c:15:20:c8:2b:0c:31:c9:ee:5a:a5:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 19 17:12:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e57fe5e552637ab82734e0b2e184a5e9da9c803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:77:5a:ee:b2:0b:ca:b4:3b:69:89:7b:2d:cc:
c7:4a:3b:5e:16:35:a2:0f:77:9f:ee:65:16:99:25:
95:73:4a:48:6d:7a:3f:23:72:7d:a8:87:16:90:8d:
69:a6:c6:06:b8:8b:fa:2c:0d:6d:92:39:68:a3:5e:
1a:98:a5:d7:6e:1f:2e:d2:29:fa:96:18:65:e4:18:
f6:2f:97:31:56:53:5c:ce:4e:69:1f:41:06:4b:48:
da:ff:a9:24:70:74:a2:fa:29:25:9a:b8:66:76:cc:
a2:32:14:2d:e9:f9:1c:01:30:8f:f7:6e:e5:9d:9b:
a7:fd:b6:b8:d6:5c:8a:0e:4a:1e:9b:bd:33:00:e0:
37:d7:b8:8a:09:29:43:71:a6:20:32:aa:60:04:1b:
a4:64:62:83:fb:c9:21:f9:e9:e4:3b:c5:f5:a1:04:
44:b6:39:d3:5c:e8:06:ff:44:48:11:4e:b3:f3:a6:
d9:40:2f:2d:28:ac:53:b2:94:fb:bd:b4:1b:7d:66:
a7:4c:42:7e:07:4c:72:30:e2:1c:49:bd:45:4a:18:
b7:b3:72:6f:37:41:2e:dc:5f:13:52:f3:6e:0d:ec:
b0:4e:6e:b0:8e:39:c4:82:d8:4e:69:93:75:a0:b4:
f7:d5:e7:5a:cb:e7:d8:c1:43:80:99:f8:20:b6:1e:
24:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:57:FE:5E:55:26:37:AB:82:73:4E:0B:2E:18:4A:5E:9D:A9:C8:03
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Hlf-XlUmN6uCc04LLhhKXp2pyAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
03:41:81:ac:f2:a6:07:cf:c7:35:5e:62:c6:e4:54:10:62:8c:
41:dd:3a:3c:99:a1:ff:ee:0f:f6:d1:75:7f:90:d4:eb:d2:80:
1a:12:07:98:8e:e5:61:62:36:1f:e8:ae:5b:dc:b5:21:80:64:
40:ac:a8:6d:b4:b4:88:0d:f6:95:09:ac:72:82:73:3c:f4:ae:
7a:8e:d2:c4:93:db:d8:fd:ba:f4:97:ad:b5:0c:45:74:e3:e0:
ca:dd:30:16:52:85:ff:04:e8:65:69:4f:79:bc:2a:a2:af:ef:
c9:8d:2e:4b:12:d1:f1:aa:16:da:b9:54:ee:c5:b2:51:f3:33:
19:37:1f:00:8e:b9:a8:ec:39:d8:a8:97:ff:a3:c9:f6:ea:9c:
2e:1f:d1:0e:35:0f:01:48:3e:78:73:4d:8a:dd:1c:2c:b6:3a:
f1:66:3d:c5:3d:af:41:ed:da:fd:76:a1:c1:36:44:75:9d:5e:
45:d0:1f:fa:17:79:52:4d:3f:1b:84:78:24:8f:60:58:03:da:
fc:13:1a:e8:bd:6c:ee:a1:5b:fb:df:ac:2a:04:d3:1d:cf:ad:
d9:62:5e:83:fc:c9:ff:f0:40:b3:15:07:0c:7d:7a:ff:80:f8:
56:f5:a9:41:7f:6a:7b:f5:f9:32:b9:89:06:3d:dd:c9:a3:d5:
e7:67:26:66
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFroJsDbBUgyCsMMcnuWqWIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODE5MTcxMjUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTU3ZmU1ZTU1MjYzN2FiODI3MzRlMGIyZTE4NGE1ZTlkYTljODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3da7rILyrQ7aYl7LczHSjteFjWi
D3ef7mUWmSWVc0pIbXo/I3J9qIcWkI1ppsYGuIv6LA1tkjloo14amKXXbh8u0in6
lhhl5Bj2L5cxVlNczk5pH0EGS0ja/6kkcHSi+iklmrhmdsyiMhQt6fkcATCP927l
nZun/ba41lyKDkoem70zAOA317iKCSlDcaYgMqpgBBukZGKD+8kh+enkO8X1oQRE
tjnTXOgG/0RIEU6z86bZQC8tKKxTspT7vbQbfWanTEJ+B0xyMOIcSb1FShi3s3Jv
N0Eu3F8TUvNuDeywTm6wjjnEgthOaZN1oLT31eday+fYwUOAmfggth4krQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFB5X/l5VJjergnNOCy4YSl6dqcgDMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSGxmLVhsVW1ONnVDYzA0TExoaEtYcDJweUFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAA0GBrPKmB8/HNV5ixuRUEGKM
Qd06PJmh/+4P9tF1f5DU69KAGhIHmI7lYWI2H+iuW9y1IYBkQKyobbS0iA32lQms
coJzPPSueo7SxJPb2P269JettQxFdOPgyt0wFlKF/wToZWlPebwqoq/vyY0uSxLR
8aoW2rlU7sWyUfMzGTcfAI65qOw52KiX/6PJ9uqcLh/RDjUPAUg+eHNNit0cLLY6
8WY9xT2vQe3a/XahwTZEdZ1eRdAf+hd5Uk0/G4R4JI9gWAPa/BMa6L1s7qFb+9+s
KgTTHc+t2WJeg/zJ//BAsxUHDH16/4D4VvWpQX9qe/X5MrmJBj3dyaPV52cmZg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:58 2025 by rpki-client