Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IOMbuPAain7hg9xKZANTEwWcj94.roa
File: IOMbuPAain7hg9xKZANTEwWcj94.roa (raw, json)
Hash identifier: AUxrYC15786IxhhocKjP4bHPKddA8KbTuODixfeqrx8=
Subject key identifier: 20:E3:1B:B8:F0:1A:8A:7E:E1:83:DC:4A:64:03:53:13:05:9C:8F:DE
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019108476F858154FDBFC58C6988AAEDA332
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IOMbuPAain7hg9xKZANTEwWcj94.roa
Signing time: Wed 31 Jul 2024 10:13:04 +0000
ROA not before: Wed 31 Jul 2024 10:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 31 Jul 2024 11:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:08:47:6f:85:81:54:fd:bf:c5:8c:69:88:aa:ed:a3:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 31 10:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20e31bb8f01a8a7ee183dc4a64035313059c8fde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6e:8a:8e:1e:46:37:9a:01:72:89:d0:c6:72:
a4:aa:de:a2:af:9e:e7:8d:6a:c3:fb:d5:4e:a8:6b:
be:87:19:40:73:58:ab:10:47:ad:f3:18:3b:5c:34:
9e:0a:21:c6:8b:ec:dd:98:71:0f:aa:bd:ef:40:21:
d0:56:46:a9:47:1c:57:ce:53:e4:25:10:a7:ce:da:
9d:71:7e:16:56:3b:79:01:7b:5a:08:4f:54:6e:e2:
d0:09:9d:e0:40:85:c6:c0:17:68:3a:00:9a:e6:9b:
2f:d4:fb:12:1d:28:f6:c1:cf:9b:a0:55:2c:24:b2:
85:a8:6e:b1:46:c1:41:32:b9:af:e1:fe:80:48:4e:
5f:bb:ed:cf:f4:f4:f9:53:85:a9:3e:2e:19:56:dc:
ca:0c:5b:22:a6:c5:33:4a:84:81:d8:9a:bf:02:43:
f7:b8:04:fc:21:3a:b3:25:04:58:4b:4c:1a:d5:d8:
3a:a1:97:98:e8:e6:50:b0:d9:16:d8:9e:ad:ad:17:
81:18:08:4d:22:d2:c8:32:c4:a5:bd:08:95:96:4e:
75:e0:d6:6a:99:43:ab:61:67:43:f0:f1:f2:01:99:
59:03:2a:6e:ab:a4:33:d4:d1:98:c2:68:47:ce:de:
d7:23:a8:60:46:80:b3:12:98:4c:d9:d1:9e:5d:d1:
7a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:E3:1B:B8:F0:1A:8A:7E:E1:83:DC:4A:64:03:53:13:05:9C:8F:DE
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IOMbuPAain7hg9xKZANTEwWcj94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
7c:42:11:63:c0:69:4c:f7:ff:f7:06:a5:14:b8:d0:2c:a3:18:
ed:45:c9:ad:2b:c4:8f:a0:7f:30:36:4d:1a:3c:1f:22:cd:16:
e4:92:de:87:75:05:f4:4b:b4:4e:17:af:10:dc:a6:1c:f8:01:
f0:57:34:ee:9f:cd:35:dc:b9:5c:2d:54:22:c4:a6:65:e8:58:
85:e3:0e:f2:26:be:80:49:dc:ee:fa:51:ac:eb:dd:18:f0:f8:
d8:6a:a5:d3:d3:57:20:40:55:51:a2:84:ce:86:62:18:fc:79:
3f:69:db:99:c3:25:9b:2e:19:b6:4e:f9:97:bc:6c:94:38:9a:
8b:fa:26:8a:2a:e7:c7:96:49:d8:a9:7c:40:ad:25:57:75:d0:
9f:db:9c:ae:22:4a:9a:f7:de:74:9b:4b:c1:5d:e5:eb:5b:e9:
1a:be:f6:15:07:45:3e:75:45:67:d0:ba:cb:30:cd:29:ae:67:
fa:2d:e6:a1:6b:1b:a1:1c:b0:b7:fe:0d:3b:58:11:09:f5:ab:
2d:16:b4:f9:16:5b:e4:18:26:51:a5:b8:88:d5:44:85:fb:2c:
31:dc:f4:9a:79:2e:4f:dd:e4:69:25:bc:b8:a6:09:ae:fd:e8:
4c:88:89:ce:e5:1b:f8:95:dd:ff:d1:aa:fb:5e:9c:1b:97:ec:
68:80:0e:6b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEIR2+FgVT9v8WMaYiq7aMyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzMxMTAxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGUzMWJiOGYwMWE4YTdlZTE4M2RjNGE2NDAzNTMxMzA1OWM4ZmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxm6Kjh5GN5oBconQxnKkqt6ir57n
jWrD+9VOqGu+hxlAc1irEEet8xg7XDSeCiHGi+zdmHEPqr3vQCHQVkapRxxXzlPk
JRCnztqdcX4WVjt5AXtaCE9UbuLQCZ3gQIXGwBdoOgCa5psv1PsSHSj2wc+boFUs
JLKFqG6xRsFBMrmv4f6ASE5fu+3P9PT5U4WpPi4ZVtzKDFsipsUzSoSB2Jq/AkP3
uAT8ITqzJQRYS0wa1dg6oZeY6OZQsNkW2J6trReBGAhNItLIMsSlvQiVlk514NZq
mUOrYWdD8PHyAZlZAypuq6Qz1NGYwmhHzt7XI6hgRoCzEphM2dGeXdF6DwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCDjG7jwGop+4YPcSmQDUxMFnI/eMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSU9NYnVQQWFpbjdoZzl4S1pBTlRFd1djajk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAfEIRY8BpTPf/9walFLjQLKMY
7UXJrSvEj6B/MDZNGjwfIs0W5JLeh3UF9Eu0ThevENymHPgB8Fc07p/NNdy5XC1U
IsSmZehYheMO8ia+gEnc7vpRrOvdGPD42Gql09NXIEBVUaKEzoZiGPx5P2nbmcMl
my4Ztk75l7xslDiai/omiirnx5ZJ2Kl8QK0lV3XQn9ucriJKmvfedJtLwV3l61vp
Gr72FQdFPnVFZ9C6yzDNKa5n+i3moWsboRywt/4NO1gRCfWrLRa0+RZb5BgmUaW4
iNVEhfssMdz0mnkuT93kaSW8uKYJrv3oTIiJzuUb+JXd/9Gq+16cG5fsaIAOaw==
-----END CERTIFICATE-----
Generated at Wed Jul 31 14:29:34 2024 by rpki-client on console-fra.rpki-client.org