Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/JhKWI1Xyqn8-bd1dA0qBkVoLnfU.roa
File: JhKWI1Xyqn8-bd1dA0qBkVoLnfU.roa (raw, json)
Hash identifier: DN9k4qMycf6auGwNCvBWkxMNanUNf+UhgL9LZ3MPs/4=
Subject key identifier: 26:12:96:23:55:F2:AA:7F:3E:6D:DD:5D:03:4A:81:91:5A:0B:9D:F5
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019106582205D741252489F82106840CA2EE
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/JhKWI1Xyqn8-bd1dA0qBkVoLnfU.roa
Signing time: Wed 31 Jul 2024 01:12:04 +0000
ROA not before: Wed 31 Jul 2024 01:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 31 Jul 2024 02:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:06:58:22:05:d7:41:25:24:89:f8:21:06:84:0c:a2:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 31 01:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2612962355f2aa7f3e6ddd5d034a81915a0b9df5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:23:9a:5d:07:2a:28:27:94:e5:34:bc:00:5d:
12:b6:98:17:f9:14:60:4f:9b:e3:7e:75:50:a4:63:
a2:c3:a5:9a:b8:08:95:66:44:ba:46:f4:b6:c2:23:
ee:11:f4:27:df:4c:bf:05:51:47:bd:85:ca:40:04:
29:6c:a4:f6:00:9c:2b:85:87:d4:c1:8e:23:88:0f:
7a:f0:83:27:0a:0f:ba:ac:4d:3d:7f:bc:a0:5e:ab:
d5:87:29:2a:d4:ca:04:c9:40:18:e0:23:50:56:5d:
e8:29:40:e5:08:25:98:49:9a:54:f5:aa:a0:f9:de:
50:92:6b:2b:96:b4:a1:6a:af:fa:a7:6b:24:5f:dd:
e4:b8:94:9a:f3:97:09:4a:4d:c5:61:b3:2f:82:9b:
ca:11:cb:bd:8e:44:89:f3:8b:76:8d:64:07:a7:d6:
98:3f:10:bd:8a:e0:30:89:2a:1c:ba:7b:70:b0:7e:
6f:e3:95:84:3c:0a:a7:ad:6a:f7:10:03:b4:b6:b7:
10:61:33:9c:d5:2f:87:b9:5b:33:e8:a2:56:b1:c0:
cc:05:28:e0:91:a7:02:ef:f2:fe:70:8a:26:2e:65:
82:2b:5d:5b:8d:61:4a:45:98:a0:ce:4d:0d:6f:3d:
a9:24:18:63:8e:e0:f2:e4:80:2b:1f:93:da:74:b3:
c4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:12:96:23:55:F2:AA:7F:3E:6D:DD:5D:03:4A:81:91:5A:0B:9D:F5
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/JhKWI1Xyqn8-bd1dA0qBkVoLnfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
20:25:f4:2b:07:f7:3a:22:ea:be:90:a2:17:ac:da:cf:dc:e5:
04:ad:e1:88:61:8e:79:a0:dc:75:88:30:ac:97:56:cc:a1:e6:
31:6d:4a:75:60:4e:a5:34:5b:f4:f0:24:24:cb:d8:f9:b8:91:
a1:06:4b:fc:61:10:9b:5b:5d:11:6b:43:89:17:0d:96:a8:eb:
d0:0f:b5:f2:b6:ba:9c:75:f2:9a:2b:1a:de:91:1d:dc:7c:a2:
d6:48:96:5d:03:9c:67:67:da:1c:7f:ab:9d:73:59:27:fb:52:
6f:42:6f:29:01:2a:b9:6c:97:0a:ae:42:db:b3:aa:96:15:60:
47:02:99:34:63:33:72:f0:61:0d:0c:09:d2:c4:c3:1d:8d:d2:
65:af:db:9c:ad:56:d6:68:e7:84:4e:49:ad:32:c5:ae:f0:86:
f3:fd:99:e5:17:e3:09:9e:a2:db:18:6e:39:fa:a8:4c:5c:28:
e8:d7:6f:0b:70:74:e7:52:e5:cc:d0:59:a6:de:30:93:6e:e4:
5b:d1:c3:6e:62:01:f7:61:f6:bc:97:d1:25:ed:f2:74:c2:57:
69:3a:ff:1b:0e:9a:15:97:d0:42:69:82:23:13:91:e7:52:9f:
42:fb:15:28:c9:5a:8b:26:9e:33:69:67:31:ae:e1:eb:a9:1e:
75:2c:fa:e5
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEGWCIF10ElJIn4IQaEDKLuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzMxMDExMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjEyOTYyMzU1ZjJhYTdmM2U2ZGRkNWQwMzRhODE5MTVhMGI5ZGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyOaXQcqKCeU5TS8AF0StpgX+RRg
T5vjfnVQpGOiw6WauAiVZkS6RvS2wiPuEfQn30y/BVFHvYXKQAQpbKT2AJwrhYfU
wY4jiA968IMnCg+6rE09f7ygXqvVhykq1MoEyUAY4CNQVl3oKUDlCCWYSZpU9aqg
+d5QkmsrlrShaq/6p2skX93kuJSa85cJSk3FYbMvgpvKEcu9jkSJ84t2jWQHp9aY
PxC9iuAwiSocuntwsH5v45WEPAqnrWr3EAO0trcQYTOc1S+HuVsz6KJWscDMBSjg
kacC7/L+cIomLmWCK11bjWFKRZigzk0Nbz2pJBhjjuDy5IArH5PadLPEpwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCYSliNV8qp/Pm3dXQNKgZFaC531MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSmhLV0kxWHlxbjgtYmQxZEEwcUJrVm9MbmZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAICX0Kwf3OiLqvpCiF6zaz9zl
BK3hiGGOeaDcdYgwrJdWzKHmMW1KdWBOpTRb9PAkJMvY+biRoQZL/GEQm1tdEWtD
iRcNlqjr0A+18ra6nHXymisa3pEd3Hyi1kiWXQOcZ2faHH+rnXNZJ/tSb0JvKQEq
uWyXCq5C27OqlhVgRwKZNGMzcvBhDQwJ0sTDHY3SZa/bnK1W1mjnhE5JrTLFrvCG
8/2Z5RfjCZ6i2xhuOfqoTFwo6NdvC3B051LlzNBZpt4wk27kW9HDbmIB92H2vJfR
Je3ydMJXaTr/Gw6aFZfQQmmCIxOR51KfQvsVKMlaiyaeM2lnMa7h66kedSz65Q==
-----END CERTIFICATE-----
Generated at Wed Jul 31 04:27:01 2024 by rpki-client on console-ams.rpki-client.org