Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PKvl1hM_b2NR_BPP8_5lrjzVbXo.roa
File: PKvl1hM_b2NR_BPP8_5lrjzVbXo.roa (raw, json)
Hash identifier: INVH0P5KRpQhgajAmpL70ktPMQEWPPnlb4TwEC2gBXg=
Subject key identifier: 3C:AB:E5:D6:13:3F:6F:63:51:FC:13:CF:F3:FE:65:AE:3C:D5:6D:7A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01912C521D2C44B21BAE8D923643553CA7CA
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PKvl1hM_b2NR_BPP8_5lrjzVbXo.roa
Signing time: Wed 07 Aug 2024 10:11:04 +0000
ROA not before: Wed 07 Aug 2024 10:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 07 Aug 2024 11:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2c:52:1d:2c:44:b2:1b:ae:8d:92:36:43:55:3c:a7:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 7 10:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cabe5d6133f6f6351fc13cff3fe65ae3cd56d7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fd:1b:a0:88:13:f5:67:6d:d2:6a:07:86:a4:
25:b2:1b:a5:40:96:dc:0a:5b:85:e2:e4:4c:ed:3d:
11:60:98:eb:f5:40:a0:55:67:ab:57:5a:25:cd:42:
60:b7:ff:e3:5a:03:f7:f5:e9:ac:d4:cc:e0:d7:ec:
b3:da:b0:3a:d3:97:3b:36:8c:fb:db:ba:32:bc:5a:
ab:c2:6f:7d:c2:07:0a:3e:33:21:07:83:a9:54:b9:
22:70:91:a7:47:51:23:ee:21:a0:2b:43:7f:e7:a2:
37:ef:16:12:56:1c:9d:af:4a:a4:7a:75:f7:96:10:
80:97:d3:d3:0b:c2:7f:29:bd:da:6a:cf:ba:87:6c:
74:69:e1:91:a0:da:34:5d:a2:b7:98:b6:9d:d7:70:
2e:d6:50:27:68:f6:8c:4b:c0:6f:da:c8:96:23:31:
d3:c6:fd:7d:e6:96:93:64:08:45:0c:32:31:72:61:
4c:dc:58:5b:15:95:71:cd:c3:a1:81:25:9c:1c:54:
d7:22:45:30:2a:27:d6:4a:28:65:fd:3c:b7:48:68:
66:fa:95:33:34:24:63:be:42:d4:50:3c:d3:33:65:
d3:f4:30:cb:62:62:9e:64:30:c3:86:10:4d:bc:10:
fd:2c:f7:0d:46:41:ff:39:b9:ab:7f:49:9a:64:dd:
bc:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:AB:E5:D6:13:3F:6F:63:51:FC:13:CF:F3:FE:65:AE:3C:D5:6D:7A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PKvl1hM_b2NR_BPP8_5lrjzVbXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
41:be:8a:35:69:40:97:b0:09:f4:c3:a7:80:7a:29:16:7d:ce:
42:b0:a7:95:25:92:e1:d9:a5:fd:7d:8e:6d:4a:9d:90:2b:e1:
41:af:50:9f:72:b7:19:5d:59:88:96:35:36:b0:ed:d6:28:a4:
02:fe:de:e6:62:ae:23:48:9a:f0:bc:2c:58:77:20:ae:18:4c:
d1:8f:43:94:6c:92:fd:a3:3b:a7:93:1c:17:2f:d0:43:82:11:
fc:61:8e:37:5f:e8:bf:41:e8:96:15:ba:70:fc:37:0a:4f:d1:
fc:19:9d:92:d2:a5:f3:9d:3b:2e:30:f4:17:66:1f:55:23:84:
54:42:32:39:c9:39:7b:e7:c0:2e:69:5d:e5:57:c6:ff:b4:39:
db:71:ab:b4:9d:b1:ec:b6:37:55:70:a1:7c:a6:e5:f6:30:c0:
82:99:50:b3:eb:b6:57:8b:eb:9d:b8:e2:51:cd:a4:3a:83:ca:
a9:6d:b4:8b:d4:04:67:8d:14:a8:5c:8e:97:22:cc:cf:66:fa:
ee:48:5b:00:ea:cb:d6:f4:76:3e:fb:cf:ec:3b:0c:68:da:57:
35:9d:21:97:56:3c:45:ca:ae:67:04:11:15:12:af:b3:53:b1:
d7:f9:72:ed:ed:6b:61:25:eb:50:29:22:86:34:59:7d:fa:ef:
25:a5:b2:80
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEsUh0sRLIbro2SNkNVPKfKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA3MTAxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2FiZTVkNjEzM2Y2ZjYzNTFmYzEzY2ZmM2ZlNjVhZTNjZDU2ZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv0boIgT9Wdt0moHhqQlshulQJbc
CluF4uRM7T0RYJjr9UCgVWerV1olzUJgt//jWgP39ems1Mzg1+yz2rA605c7Noz7
27oyvFqrwm99wgcKPjMhB4OpVLkicJGnR1Ej7iGgK0N/56I37xYSVhydr0qkenX3
lhCAl9PTC8J/Kb3aas+6h2x0aeGRoNo0XaK3mLad13Au1lAnaPaMS8Bv2siWIzHT
xv195paTZAhFDDIxcmFM3FhbFZVxzcOhgSWcHFTXIkUwKifWSihl/Ty3SGhm+pUz
NCRjvkLUUDzTM2XT9DDLYmKeZDDDhhBNvBD9LPcNRkH/Obmrf0maZN28pQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDyr5dYTP29jUfwTz/P+Za481W16MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUEt2bDFoTV9iMk5SX0JQUDhfNWxyanpWYlhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAQb6KNWlAl7AJ9MOngHopFn3O
QrCnlSWS4dml/X2ObUqdkCvhQa9Qn3K3GV1ZiJY1NrDt1iikAv7e5mKuI0ia8Lws
WHcgrhhM0Y9DlGyS/aM7p5McFy/QQ4IR/GGON1/ov0HolhW6cPw3Ck/R/BmdktKl
8507LjD0F2YfVSOEVEIyOck5e+fALmld5VfG/7Q523GrtJ2x7LY3VXChfKbl9jDA
gplQs+u2V4vrnbjiUc2kOoPKqW20i9QEZ40UqFyOlyLMz2b67khbAOrL1vR2PvvP
7DsMaNpXNZ0hl1Y8RcquZwQRFRKvs1Ox1/ly7e1rYSXrUCkihjRZffrvJaWygA==
-----END CERTIFICATE-----
Generated at Wed Aug 7 14:39:51 2024 by rpki-client on console-fra.rpki-client.org