Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/L_oekYjb7YL-EH4nNDY-LXiOBmg.roa
File: L_oekYjb7YL-EH4nNDY-LXiOBmg.roa (raw, json)
Hash identifier: TCDASzKjdbHjsR3UEoZCqlBd5e52TaQQUVI2U18k+Lw=
Subject key identifier: 2F:FA:1E:91:88:DB:ED:82:FE:10:7E:27:34:36:3E:2D:78:8E:06:68
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191716A60E2CC4C4EDF564078B18ECDC002
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/L_oekYjb7YL-EH4nNDY-LXiOBmg.roa
Signing time: Tue 20 Aug 2024 20:11:22 +0000
ROA not before: Tue 20 Aug 2024 20:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 20 Aug 2024 21:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:71:6a:60:e2:cc:4c:4e:df:56:40:78:b1:8e:cd:c0:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 20 20:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ffa1e9188dbed82fe107e2734363e2d788e0668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:69:19:b4:3c:01:f2:1c:46:14:8d:0f:81:bc:
75:c2:d0:51:0d:4f:fa:e7:76:af:bf:0e:31:17:85:
ff:5e:b3:94:e6:2a:70:3c:c1:d8:97:86:de:d1:25:
88:01:5d:ec:aa:8b:25:13:da:2e:32:e6:2f:81:d7:
7e:b9:d9:4e:5a:f4:4b:e1:7e:99:ab:82:22:a9:af:
5b:50:39:5a:f8:19:9c:6c:28:98:f5:f0:b3:6e:3f:
8e:d2:c9:16:e5:c5:30:ed:ef:11:82:f6:67:0f:c4:
92:6d:a0:ec:64:3f:25:2e:11:eb:24:ab:81:20:86:
f8:36:42:6b:27:1b:ec:d8:79:be:19:06:ea:ab:02:
a0:7f:1a:66:cc:d8:70:b6:59:86:8c:f7:e8:f5:f2:
8f:e2:69:45:2c:5a:76:91:cb:c5:a4:4b:29:d5:f8:
e2:15:d5:6e:a7:6d:f1:72:9d:87:02:51:0f:b8:a0:
b9:af:c7:bd:6b:cf:20:15:61:19:49:e5:ee:82:c1:
a0:51:d2:c7:85:9a:6d:e2:3d:e4:52:d7:89:b6:f8:
65:35:2f:6a:d2:da:a3:cd:ad:cf:90:55:3b:33:5c:
41:b1:b4:85:07:00:a9:f8:27:ea:eb:dd:f2:53:cb:
f3:03:27:0c:a3:a2:6b:be:43:16:5c:0e:2d:a9:80:
df:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:FA:1E:91:88:DB:ED:82:FE:10:7E:27:34:36:3E:2D:78:8E:06:68
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/L_oekYjb7YL-EH4nNDY-LXiOBmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
65:95:a8:9b:dd:74:52:3e:91:37:d4:48:2b:8e:3f:f4:cd:cc:
04:5b:34:2b:6a:fd:ec:ee:f1:0e:4d:01:d6:dc:5f:5d:27:19:
a4:d6:2e:5c:96:98:7b:29:3e:dc:57:c6:fe:fa:e9:66:03:04:
91:69:cb:9c:40:14:9a:7f:64:6d:86:d4:fd:49:b5:7b:f8:d6:
54:1f:08:82:b3:33:71:a9:d6:c6:2a:f4:79:e8:80:e6:cc:00:
8b:b4:02:c5:b9:2d:0b:37:18:d1:b2:f6:2c:04:dc:8d:e1:cd:
14:2d:7f:a7:2f:a2:da:36:9d:cd:dc:f8:e1:bb:06:2f:47:48:
c7:e3:b2:7a:05:95:db:84:9b:58:fe:d0:96:b1:2b:ba:28:42:
00:cd:f5:08:1b:5e:d8:51:6e:6f:a0:34:5c:7f:c5:0b:22:16:
2a:64:43:98:01:f2:34:cf:51:2d:e9:bf:5c:7f:7f:6d:ea:81:
60:f3:c8:54:f2:2b:be:b7:4b:74:a4:03:ba:93:83:2b:e1:9f:
71:c4:2c:16:9e:df:d1:03:85:0e:2d:5e:4b:d0:10:81:85:f9:
cc:30:8a:a6:8c:ff:63:ed:b5:21:df:5a:22:e8:7d:4d:8c:4c:
83:30:14:ff:bd:0a:ae:54:d6:92:d4:5c:80:6b:6e:c7:da:74:
fb:72:d3:d3
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFxamDizExO31ZAeLGOzcACMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODIwMjAxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmZhMWU5MTg4ZGJlZDgyZmUxMDdlMjczNDM2M2UyZDc4OGUwNjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2kZtDwB8hxGFI0Pgbx1wtBRDU/6
53avvw4xF4X/XrOU5ipwPMHYl4be0SWIAV3sqoslE9ouMuYvgdd+udlOWvRL4X6Z
q4Iiqa9bUDla+BmcbCiY9fCzbj+O0skW5cUw7e8RgvZnD8SSbaDsZD8lLhHrJKuB
IIb4NkJrJxvs2Hm+GQbqqwKgfxpmzNhwtlmGjPfo9fKP4mlFLFp2kcvFpEsp1fji
FdVup23xcp2HAlEPuKC5r8e9a88gFWEZSeXugsGgUdLHhZpt4j3kUteJtvhlNS9q
0tqjza3PkFU7M1xBsbSFBwCp+Cfq693yU8vzAycMo6JrvkMWXA4tqYDfkwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFC/6HpGI2+2C/hB+JzQ2Pi14jgZoMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTF9vZWtZamI3WUwtRUg0bk5EWS1MWGlPQm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAZZWom910Uj6RN9RIK44/9M3M
BFs0K2r97O7xDk0B1txfXScZpNYuXJaYeyk+3FfG/vrpZgMEkWnLnEAUmn9kbYbU
/Um1e/jWVB8IgrMzcanWxir0eeiA5swAi7QCxbktCzcY0bL2LATcjeHNFC1/py+i
2jadzdz44bsGL0dIx+OyegWV24SbWP7QlrEruihCAM31CBte2FFub6A0XH/FCyIW
KmRDmAHyNM9RLem/XH9/beqBYPPIVPIrvrdLdKQDupODK+GfccQsFp7f0QOFDi1e
S9AQgYX5zDCKpoz/Y+21Id9aIuh9TYxMgzAU/70KrlTWktRcgGtux9p0+3LT0w==
-----END CERTIFICATE-----
Generated at Tue Aug 20 23:49:46 2024 by rpki-client on console-fra.rpki-client.org