Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OI_H9YHIkfAtuCOn3YT_S6_BTIc.roa
File: OI_H9YHIkfAtuCOn3YT_S6_BTIc.roa (raw, json)
Hash identifier: JxU1q32F3IteumNVwlaCel6WoVS1HTCtgEjzDaNYbMY=
Subject key identifier: 38:8F:C7:F5:81:C8:91:F0:2D:B8:23:A7:DD:84:FF:4B:AF:C1:4C:87
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191ACDB9F3FA57ED5B92AD5FB8B39AA1E7F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OI_H9YHIkfAtuCOn3YT_S6_BTIc.roa
Signing time: Sun 01 Sep 2024 09:12:39 +0000
ROA not before: Sun 01 Sep 2024 09:12:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 01 Sep 2024 10:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ac:db:9f:3f:a5:7e:d5:b9:2a:d5:fb:8b:39:aa:1e:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 1 09:12:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=388fc7f581c891f02db823a7dd84ff4bafc14c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:73:3c:1e:14:cd:b8:cf:62:3e:08:32:cc:35:
25:9a:29:8f:84:e2:f8:b9:1e:00:e1:60:51:05:0d:
08:30:2f:97:f1:0a:f4:c7:6d:48:22:52:06:79:33:
88:08:a7:5f:51:2a:86:ef:f3:2c:69:e7:0e:36:c2:
3f:c5:c4:21:fd:a3:3b:cf:de:e2:40:fe:53:b3:7c:
8a:86:35:7f:b1:73:a0:a9:30:4c:60:55:60:5f:0f:
39:41:4f:40:cc:81:e7:72:10:02:30:3e:45:cf:04:
4b:ca:e8:59:93:cb:ea:26:c7:30:4a:73:35:37:22:
ba:5e:18:d2:c7:b5:00:1a:85:a3:bb:22:77:12:59:
f1:8d:89:39:f7:41:4c:fa:f0:a6:d4:bf:25:17:e5:
31:74:d7:92:96:7c:6f:92:09:3c:4b:33:41:9a:b4:
50:39:f4:7b:ce:68:cc:59:a5:38:66:18:ba:52:38:
da:05:e8:b2:be:3a:a1:3d:28:94:f4:4d:33:a7:75:
b0:fe:f1:8a:67:98:44:83:a0:b3:29:fd:31:de:5c:
12:02:f2:53:2e:23:cf:c2:2e:be:75:24:71:0e:5c:
d9:ba:95:cc:ed:be:e1:80:80:7d:ab:69:97:f6:a4:
20:69:77:63:4b:e8:58:05:9b:a9:ed:e0:98:a4:9f:
f6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:8F:C7:F5:81:C8:91:F0:2D:B8:23:A7:DD:84:FF:4B:AF:C1:4C:87
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OI_H9YHIkfAtuCOn3YT_S6_BTIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
0d:ac:f3:9a:1a:ec:c1:65:d4:a6:27:d3:d6:46:08:68:cd:38:
fa:7b:c8:2f:0d:dc:0f:8a:8c:ae:29:ff:c5:be:42:26:89:db:
59:1c:14:8c:3e:1b:20:ce:c8:a0:fa:40:95:23:1d:15:7e:10:
95:64:02:28:55:f7:97:5e:7f:b0:26:1d:2f:35:5a:19:12:29:
31:fe:75:d6:62:06:39:98:d6:63:4d:47:98:74:e3:1f:2c:01:
eb:61:e6:cc:32:7a:61:d1:40:6f:83:0e:03:e9:b2:52:ee:72:
39:bf:7b:12:88:eb:71:a3:39:2d:3d:ac:65:92:dd:4a:4e:0d:
2e:d4:ca:0d:6c:3f:f3:54:21:74:e8:db:e6:15:1c:ee:53:de:
68:31:94:d9:67:dd:e0:91:23:71:66:a6:14:d8:f9:b5:ba:12:
6d:a8:36:82:05:b3:59:20:59:3d:2c:28:de:0c:47:d4:b5:2d:
ab:5a:ef:c8:c1:b6:60:7e:f1:44:d5:86:39:de:c3:61:3a:00:
01:81:25:bd:d7:3a:b9:c5:3b:61:c1:af:98:c6:9a:9c:cd:cf:
c7:69:4b:87:65:ad:06:3e:bb:e0:f2:6b:90:08:07:a5:9e:dc:
a6:ee:f9:5e:a8:9e:58:85:16:55:aa:a9:da:fe:72:58:36:3e:
d4:07:5e:5b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGs258/pX7VuSrV+4s5qh5/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAxMDkxMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODhmYzdmNTgxYzg5MWYwMmRiODIzYTdkZDg0ZmY0YmFmYzE0Yzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXM8HhTNuM9iPggyzDUlmimPhOL4
uR4A4WBRBQ0IMC+X8Qr0x21IIlIGeTOICKdfUSqG7/MsaecONsI/xcQh/aM7z97i
QP5Ts3yKhjV/sXOgqTBMYFVgXw85QU9AzIHnchACMD5FzwRLyuhZk8vqJscwSnM1
NyK6XhjSx7UAGoWjuyJ3ElnxjYk590FM+vCm1L8lF+UxdNeSlnxvkgk8SzNBmrRQ
OfR7zmjMWaU4Zhi6UjjaBeiyvjqhPSiU9E0zp3Ww/vGKZ5hEg6CzKf0x3lwSAvJT
LiPPwi6+dSRxDlzZupXM7b7hgIB9q2mX9qQgaXdjS+hYBZup7eCYpJ/2OwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDiPx/WByJHwLbgjp92E/0uvwUyHMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvT0lfSDlZSElrZkF0dUNPbjNZVF9TNl9CVEljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEADazzmhrswWXUpifT1kYIaM04
+nvILw3cD4qMrin/xb5CJonbWRwUjD4bIM7IoPpAlSMdFX4QlWQCKFX3l15/sCYd
LzVaGRIpMf511mIGOZjWY01HmHTjHywB62HmzDJ6YdFAb4MOA+myUu5yOb97Eojr
caM5LT2sZZLdSk4NLtTKDWw/81QhdOjb5hUc7lPeaDGU2Wfd4JEjcWamFNj5tboS
bag2ggWzWSBZPSwo3gxH1LUtq1rvyMG2YH7xRNWGOd7DYToAAYElvdc6ucU7YcGv
mMaanM3Px2lLh2WtBj674PJrkAgHpZ7cpu75XqieWIUWVaqp2v5yWDY+1AdeWw==
-----END CERTIFICATE-----
Generated at Sun Sep 1 11:45:42 2024 by rpki-client on console-fra.rpki-client.org