Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MsD-8KjRSMCw6dRUQQAlTFVEoUQ.roa
File: MsD-8KjRSMCw6dRUQQAlTFVEoUQ.roa (raw, json)
Hash identifier: ePLPseqneSYCf8pWpsT3TheuTM4HsjrhR+H43aZrsyA=
Subject key identifier: 32:C0:FE:F0:A8:D1:48:C0:B0:E9:D4:54:41:00:25:4C:55:44:A1:44
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019223B48FD28127498A233EFF8A681782CD
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MsD-8KjRSMCw6dRUQQAlTFVEoUQ.roa
Signing time: Tue 24 Sep 2024 11:04:48 +0000
ROA not before: Tue 24 Sep 2024 11:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:192:23b4:986/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 24 Sep 2024 11:10:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:23:b4:8f:d2:81:27:49:8a:23:3e:ff:8a:68:17:82:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 24 11:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32c0fef0a8d148c0b0e9d4544100254c5544a144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:74:cf:f6:12:d9:03:49:8f:20:bc:92:19:b3:
34:5a:03:0a:80:b9:19:10:1f:7b:6c:54:c5:ad:2c:
dd:60:a3:29:b3:f0:1c:3e:75:6c:1c:9e:39:5c:5a:
c6:a9:cc:00:a9:cb:71:44:e3:d8:a3:04:d9:b9:b3:
20:cc:25:90:87:b0:b7:03:7c:ca:b1:f6:14:29:a0:
c2:55:5f:0a:97:fd:19:a5:d3:36:54:6e:a0:9e:0a:
53:2a:de:dd:67:39:7c:01:f7:02:07:c4:5b:f9:7f:
c5:14:ec:25:22:58:19:e7:6b:4a:de:d6:e1:f7:83:
6d:a8:bf:d8:75:e4:bd:40:65:00:29:22:ed:2d:2b:
86:f6:c1:bf:b2:4d:9e:54:70:c0:6d:07:02:29:7e:
a2:da:06:f5:4e:57:30:83:82:65:c4:91:c3:89:40:
2c:b0:30:81:8f:e7:21:6d:f8:55:b9:e5:55:90:e4:
bf:d1:0c:c0:a4:c7:cc:54:8c:6b:d1:2c:a8:07:e1:
29:b7:11:f5:16:b3:c8:f8:74:7b:32:ed:b8:f0:64:
79:bc:f1:00:47:c6:eb:0e:27:5b:8f:cb:00:13:7f:
c2:93:79:7c:81:ba:e9:48:67:d7:76:66:bc:8e:65:
2e:03:67:f9:c8:b7:79:e0:11:96:ef:12:d7:43:45:
1c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C0:FE:F0:A8:D1:48:C0:B0:E9:D4:54:41:00:25:4C:55:44:A1:44
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MsD-8KjRSMCw6dRUQQAlTFVEoUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:192:23b4:986/128
Signature Algorithm: sha256WithRSAEncryption
0b:80:ef:9e:a1:8a:ac:33:51:a4:b3:3a:54:17:f4:c1:52:3a:
b1:ed:df:d9:fa:c9:9e:c1:54:ac:35:2b:b5:e5:79:4d:68:4a:
3d:55:0f:45:e8:e7:c8:86:0e:fc:88:ae:a3:05:2c:1e:a5:01:
88:79:25:6d:e4:76:44:8f:b4:26:14:97:b0:0c:6d:c1:17:59:
7b:90:46:bc:f8:b4:26:9e:d6:c8:99:47:7b:d4:76:5b:a8:ec:
b6:c9:50:74:f3:1b:4b:58:63:95:c7:63:f4:7f:3e:2c:30:5a:
01:f5:2d:23:e5:c3:ae:31:8d:02:ea:61:51:66:35:0a:67:02:
c4:0a:db:ad:72:05:d3:7b:1d:ad:86:67:90:54:bc:27:6e:81:
c1:f5:37:56:5f:5e:92:7d:c5:2d:55:ea:b4:c5:87:3b:1a:3e:
2a:11:1e:86:87:c7:c1:92:08:2d:36:dc:f0:58:32:60:45:04:
fd:31:01:1e:c8:3c:19:84:79:f1:58:6b:e1:6c:ec:0d:75:08:
71:84:3b:09:c3:01:e6:12:ef:f0:e1:d0:1b:d4:e7:ed:8b:ba:
e9:02:78:18:d6:60:eb:72:02:a4:aa:69:65:37:e7:26:21:54:
73:f2:25:37:dc:38:f1:b9:dc:70:fc:c3:c8:00:ba:f6:3a:4c:
98:a9:b8:d4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZIjtI/SgSdJiiM+/4poF4LNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTI0MTEwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmMwZmVmMGE4ZDE0OGMwYjBlOWQ0NTQ0MTAwMjU0YzU1NDRhMTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXTP9hLZA0mPILySGbM0WgMKgLkZ
EB97bFTFrSzdYKMps/AcPnVsHJ45XFrGqcwAqctxROPYowTZubMgzCWQh7C3A3zK
sfYUKaDCVV8Kl/0ZpdM2VG6gngpTKt7dZzl8AfcCB8Rb+X/FFOwlIlgZ52tK3tbh
94NtqL/YdeS9QGUAKSLtLSuG9sG/sk2eVHDAbQcCKX6i2gb1Tlcwg4JlxJHDiUAs
sDCBj+chbfhVueVVkOS/0QzApMfMVIxr0SyoB+EptxH1FrPI+HR7Mu248GR5vPEA
R8brDidbj8sAE3/Ck3l8gbrpSGfXdma8jmUuA2f5yLd54BGW7xLXQ0UcKQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDLA/vCo0UjAsOnUVEEAJUxVRKFEMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTXNELThLalJTTUN3NmRSVVFRQWxURlZFb1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGSI7QJhjANBgkqhkiG9w0BAQsFAAOCAQEAC4DvnqGKrDNRpLM6VBf0wVI6
se3f2frJnsFUrDUrteV5TWhKPVUPRejnyIYO/IiuowUsHqUBiHklbeR2RI+0JhSX
sAxtwRdZe5BGvPi0Jp7WyJlHe9R2W6jstslQdPMbS1hjlcdj9H8+LDBaAfUtI+XD
rjGNAuphUWY1CmcCxArbrXIF03sdrYZnkFS8J26BwfU3Vl9ekn3FLVXqtMWHOxo+
KhEehofHwZIILTbc8FgyYEUE/TEBHsg8GYR58Vhr4WzsDXUIcYQ7CcMB5hLv8OHQ
G9Tn7Yu66QJ4GNZg63ICpKppZTfnJiFUc/IlN9w48bnccPzDyAC69jpMmKm41A==
-----END CERTIFICATE-----
Generated at Tue Sep 24 14:45:35 2024 by rpki-client on console-fra.rpki-client.org