Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IH3-pr6c4HJd_Zz8KSROl7YAXxI.roa
File: IH3-pr6c4HJd_Zz8KSROl7YAXxI.roa (raw, json)
Hash identifier: jw3OundBKlpKOfVnpkjWzqBEA1hePqWbFR81d2b2X7s=
Subject key identifier: 20:7D:FE:A6:BE:9C:E0:72:5D:FD:9C:FC:29:24:4E:97:B6:00:5F:12
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019146EE7B1F9FB6FB36BD98B562501E4591
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IH3-pr6c4HJd_Zz8KSROl7YAXxI.roa
Signing time: Mon 12 Aug 2024 14:11:59 +0000
ROA not before: Mon 12 Aug 2024 14:11:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 12 Aug 2024 15:04:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:46:ee:7b:1f:9f:b6:fb:36:bd:98:b5:62:50:1e:45:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 12 14:11:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=207dfea6be9ce0725dfd9cfc29244e97b6005f12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5a:5d:b4:fb:b6:46:3e:bb:82:48:4e:a9:59:
a4:49:17:47:f1:97:e2:ea:87:09:3e:3f:10:e1:9f:
e4:6a:b4:f7:28:e3:b8:de:4e:f9:84:b6:49:a5:e1:
6b:9f:73:65:07:47:77:71:55:dd:d0:02:eb:45:08:
43:9a:47:dc:c7:86:77:0d:a5:0e:ca:cb:c5:2b:4b:
ea:b1:72:86:9f:89:a2:31:be:bd:73:91:14:d6:03:
f4:f8:90:f9:73:a0:76:b7:a2:d3:a4:d2:89:2e:f2:
78:f1:a0:b5:0a:a2:25:db:0a:f0:59:f6:c5:71:4f:
39:c7:8d:eb:e8:9c:97:76:a0:86:a0:69:d3:ba:47:
74:9e:10:fd:02:e4:a9:ae:37:4c:5b:dd:6b:20:01:
e2:6c:82:67:4d:3b:13:34:22:ca:a7:a4:f7:0f:ed:
e4:d8:a4:ba:ad:1e:34:0d:8d:41:41:21:5d:99:72:
a2:69:a5:00:32:a4:8f:72:a7:c6:07:10:6b:ca:d4:
8e:f3:d9:36:94:28:8e:d7:42:29:05:f7:19:32:39:
a6:d8:17:65:e1:ea:33:35:01:83:f4:8b:a7:30:ec:
bd:a4:1b:c1:52:67:6f:e8:28:4c:25:15:54:c1:07:
e7:e5:9a:a6:e5:a2:90:7c:3f:43:85:b9:ee:cc:fe:
23:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:7D:FE:A6:BE:9C:E0:72:5D:FD:9C:FC:29:24:4E:97:B6:00:5F:12
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IH3-pr6c4HJd_Zz8KSROl7YAXxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
22:e2:47:f2:63:67:82:89:ac:bd:7f:65:f1:2f:62:ac:ad:d6:
66:f4:d0:7f:f1:f1:68:a4:a5:39:f1:a3:d8:75:2e:12:ba:2d:
db:02:79:d0:91:af:65:f9:bc:ae:c4:e6:78:4e:59:b6:92:ee:
b4:d7:44:09:2e:a2:a6:1d:05:6c:4f:a0:1b:a0:23:35:22:95:
0f:bc:8f:54:74:28:25:a1:95:d7:d9:6b:3b:48:0b:6a:16:af:
85:c0:e9:45:02:ea:86:c4:78:22:96:1a:f4:fc:c6:49:fd:5a:
64:ba:da:73:e8:5f:cc:57:24:28:ec:f1:2d:9f:08:55:ae:b4:
a6:1f:de:bd:86:ac:5d:76:a3:e5:46:8e:fe:cb:ea:b2:0a:ef:
dd:16:3d:64:20:f9:d1:75:98:ab:72:08:c4:28:4c:7c:3a:f4:
87:39:76:75:95:f4:57:c4:15:91:93:fc:94:ea:f4:d7:19:f7:
54:0b:94:6d:ba:3b:f6:6a:fa:e9:3e:0f:09:bd:dc:07:9d:99:
a5:d5:6a:9b:6a:d3:6e:21:4d:23:3d:c8:ec:f3:5a:29:d2:e5:
4a:14:78:53:f7:ef:98:3a:70:42:dc:77:63:1b:6a:8c:be:92:
a3:df:5f:df:57:cb:a9:b8:d7:db:30:7d:be:ff:4f:27:c6:53:
ec:d5:e1:36
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFG7nsfn7b7Nr2YtWJQHkWRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODEyMTQxMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDdkZmVhNmJlOWNlMDcyNWRmZDljZmMyOTI0NGU5N2I2MDA1ZjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVpdtPu2Rj67gkhOqVmkSRdH8Zfi
6ocJPj8Q4Z/karT3KOO43k75hLZJpeFrn3NlB0d3cVXd0ALrRQhDmkfcx4Z3DaUO
ysvFK0vqsXKGn4miMb69c5EU1gP0+JD5c6B2t6LTpNKJLvJ48aC1CqIl2wrwWfbF
cU85x43r6JyXdqCGoGnTukd0nhD9AuSprjdMW91rIAHibIJnTTsTNCLKp6T3D+3k
2KS6rR40DY1BQSFdmXKiaaUAMqSPcqfGBxBrytSO89k2lCiO10IpBfcZMjmm2Bdl
4eozNQGD9IunMOy9pBvBUmdv6ChMJRVUwQfn5Zqm5aKQfD9DhbnuzP4juwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCB9/qa+nOByXf2c/CkkTpe2AF8SMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSUgzLXByNmM0SEpkX1p6OEtTUk9sN1lBWHhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAIuJH8mNngomsvX9l8S9irK3W
ZvTQf/HxaKSlOfGj2HUuErot2wJ50JGvZfm8rsTmeE5ZtpLutNdECS6iph0FbE+g
G6AjNSKVD7yPVHQoJaGV19lrO0gLahavhcDpRQLqhsR4IpYa9PzGSf1aZLrac+hf
zFckKOzxLZ8IVa60ph/evYasXXaj5UaO/svqsgrv3RY9ZCD50XWYq3IIxChMfDr0
hzl2dZX0V8QVkZP8lOr01xn3VAuUbbo79mr66T4PCb3cB52ZpdVqm2rTbiFNIz3I
7PNaKdLlShR4U/fvmDpwQtx3YxtqjL6So99f31fLqbjX2zB9vv9PJ8ZT7NXhNg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:18 2025 by rpki-client