Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KrFc7EBeOFrzDHttXF6Fq5N72Co.roa
File: KrFc7EBeOFrzDHttXF6Fq5N72Co.roa (raw, json)
Hash identifier: XKFi+JgX2F15Gq2Mz4ZPM/2q9akjQKOmR7kQlMG/7YY=
Subject key identifier: 2A:B1:5C:EC:40:5E:38:5A:F3:0C:7B:6D:5C:5E:85:AB:93:7B:D8:2A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191768A54654F0F008DCED66044C71D3FC8
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KrFc7EBeOFrzDHttXF6Fq5N72Co.roa
Signing time: Wed 21 Aug 2024 20:04:22 +0000
ROA not before: Wed 21 Aug 2024 20:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:768a:3f22/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 21 Aug 2024 20:12:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:76:8a:54:65:4f:0f:00:8d:ce:d6:60:44:c7:1d:3f:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 21 20:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ab15cec405e385af30c7b6d5c5e85ab937bd82a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:95:79:92:63:24:e6:3b:da:6d:00:a9:e3:71:
a1:1b:af:f5:59:81:41:6f:2d:2c:95:d2:25:fe:b6:
a0:48:f3:ac:64:01:77:39:28:1c:c9:92:d7:e4:dd:
9f:f8:30:27:24:93:0e:3b:66:22:35:cb:13:95:d9:
dc:7f:f4:44:84:48:6e:a8:95:e7:7c:e9:b9:f3:e8:
d0:4f:2d:5c:63:8d:51:43:39:2b:8a:2d:4c:83:b3:
dd:26:ca:25:25:b7:ab:3b:0d:f0:bd:ed:a4:74:49:
4e:ab:8b:3b:60:4a:6e:bc:5c:c5:62:8e:bd:b2:9b:
04:70:8c:e5:de:17:69:5e:77:cb:da:12:c6:2b:d7:
ef:69:8e:64:ce:cb:82:a9:06:2c:12:59:c6:93:ff:
04:e4:fb:56:b2:be:18:64:10:5a:8d:4d:2a:ca:db:
07:ad:39:f0:e4:90:9f:95:bc:aa:9e:eb:6e:0b:80:
9a:34:a6:77:63:1a:0e:54:00:57:6d:34:a0:31:ce:
26:d5:8a:33:98:1b:80:62:c1:69:10:e6:a9:6d:63:
57:d5:92:1d:5e:c7:c1:9a:60:f9:22:bb:1d:e2:18:
80:8d:d5:08:e1:eb:cc:1f:dd:6f:e0:84:6b:6a:2b:
b7:ca:31:5f:f4:3d:36:5b:d0:98:36:9f:a5:28:4f:
e3:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:B1:5C:EC:40:5E:38:5A:F3:0C:7B:6D:5C:5E:85:AB:93:7B:D8:2A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KrFc7EBeOFrzDHttXF6Fq5N72Co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:768a:3f22/128
Signature Algorithm: sha256WithRSAEncryption
1a:59:1f:e5:0a:25:00:69:02:63:82:07:b3:d8:14:5f:96:6c:
7f:bd:66:88:24:e6:b3:73:03:cb:d4:50:0c:ec:e8:4e:46:ae:
1f:aa:5d:ff:a1:cc:9f:8b:53:0e:b0:b8:be:ea:2d:98:36:16:
33:e7:2e:03:8b:6e:3f:7f:40:cd:4b:8c:1d:4a:b4:d0:17:77:
19:9e:52:66:b0:ae:20:1f:29:a1:18:f9:ec:7d:70:5c:7d:f3:
76:5b:7e:2a:d4:cd:9d:8c:1d:89:da:9a:d0:30:93:7a:ad:31:
dc:52:f2:60:24:5f:ca:f5:26:ef:12:70:a1:82:dd:62:4e:f7:
05:a5:07:e0:d9:e7:fd:06:7e:71:42:38:f8:5e:4c:54:37:96:
ad:b3:c7:a9:e9:24:8d:d5:c0:62:6b:50:76:8c:d2:14:86:76:
76:52:61:fd:17:59:a0:7c:26:dc:c5:dd:b6:fe:14:59:99:f2:
d0:ab:9b:ee:74:a9:79:bd:bb:77:52:05:70:eb:36:21:b9:ed:
28:0a:6d:bc:c4:53:9e:c1:29:a4:3f:3e:f6:5b:6d:15:be:7e:
ae:3d:a3:8c:43:69:29:3a:1e:f3:ae:ba:95:69:0a:59:9f:da:
44:7b:33:5d:7e:5a:ce:4f:48:3d:78:50:c9:ed:91:c2:f7:65:
85:33:30:62
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZF2ilRlTw8Ajc7WYETHHT/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODIxMjAwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWIxNWNlYzQwNWUzODVhZjMwYzdiNmQ1YzVlODVhYjkzN2JkODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZV5kmMk5jvabQCp43GhG6/1WYFB
by0sldIl/ragSPOsZAF3OSgcyZLX5N2f+DAnJJMOO2YiNcsTldncf/REhEhuqJXn
fOm58+jQTy1cY41RQzkrii1Mg7PdJsolJberOw3wve2kdElOq4s7YEpuvFzFYo69
spsEcIzl3hdpXnfL2hLGK9fvaY5kzsuCqQYsElnGk/8E5PtWsr4YZBBajU0qytsH
rTnw5JCflbyqnutuC4CaNKZ3YxoOVABXbTSgMc4m1YozmBuAYsFpEOapbWNX1ZId
XsfBmmD5Irsd4hiAjdUI4evMH91v4IRraiu3yjFf9D02W9CYNp+lKE/jOwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCqxXOxAXjha8wx7bVxehauTe9gqMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvS3JGYzdFQmVPRnJ6REh0dFhGNkZxNU43MkNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkXaKPyIwDQYJKoZIhvcNAQELBQADggEB
ABpZH+UKJQBpAmOCB7PYFF+WbH+9Zogk5rNzA8vUUAzs6E5Grh+qXf+hzJ+LUw6w
uL7qLZg2FjPnLgOLbj9/QM1LjB1KtNAXdxmeUmawriAfKaEY+ex9cFx983ZbfirU
zZ2MHYnamtAwk3qtMdxS8mAkX8r1Ju8ScKGC3WJO9wWlB+DZ5/0GfnFCOPheTFQ3
lq2zx6npJI3VwGJrUHaM0hSGdnZSYf0XWaB8JtzF3bb+FFmZ8tCrm+50qXm9u3dS
BXDrNiG57SgKbbzEU57BKaQ/PvZbbRW+fq49o4xDaSk6HvOuupVpClmf2kR7M11+
Ws5PSD14UMntkcL3ZYUzMGI=
-----END CERTIFICATE-----
Generated at Thu Aug 22 01:51:12 2024 by rpki-client on console-fra.rpki-client.org