Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PSkkzLWlk3tV1W3VB9xupF9K_k4.roa
File: PSkkzLWlk3tV1W3VB9xupF9K_k4.roa (raw, json)
Hash identifier: aq+SLl7qrsuE/ZMJIB+v/cJ0Eqk5nTWWt/Kk4KrN7Jk=
Subject key identifier: 3D:29:24:CC:B5:A5:93:7B:55:D5:6D:D5:07:DC:6E:A4:5F:4A:FE:4E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01919C8CDA00B8AF33A4D22A09B24852E7AC
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PSkkzLWlk3tV1W3VB9xupF9K_k4.roa
Signing time: Thu 29 Aug 2024 05:12:42 +0000
ROA not before: Thu 29 Aug 2024 05:12:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 29 Aug 2024 06:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9c:8c:da:00:b8:af:33:a4:d2:2a:09:b2:48:52:e7:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 29 05:12:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d2924ccb5a5937b55d56dd507dc6ea45f4afe4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4d:7b:fc:2e:e0:1a:7d:00:78:37:f6:98:f5:
87:4d:8f:85:e4:e4:c6:9a:51:52:8f:21:18:47:dc:
64:c6:ed:a9:52:67:af:9d:18:40:d4:0b:0a:4c:f1:
10:16:a1:96:17:1a:6b:1e:e2:4d:5b:95:41:fc:8f:
72:ab:ee:09:76:9c:c8:37:27:89:ab:a6:e5:cc:de:
84:ea:9d:76:b8:12:88:59:48:d4:93:c9:60:5e:a8:
55:9e:1e:aa:1a:39:1f:46:67:9e:58:81:71:fc:77:
7f:4b:fb:5c:db:0b:ee:b8:65:11:5f:99:a7:63:9e:
60:68:0d:fb:17:b8:cc:29:53:c7:0d:55:d6:fe:30:
1d:23:fd:74:b6:b0:5e:af:bf:38:7c:73:b1:3d:48:
2f:da:0c:b0:77:34:58:ee:16:e6:9a:7f:d4:1f:9a:
e7:b0:9a:4e:ff:d5:41:ba:12:9d:97:19:22:56:06:
6a:72:31:db:91:fd:04:94:34:3e:11:45:e8:70:40:
c1:cb:fe:f1:47:eb:6e:25:f0:0b:a7:61:ee:f8:82:
d7:7b:ac:00:7f:d7:9f:84:10:bb:5e:38:85:7a:22:
01:b5:c2:2e:f7:f1:71:d3:13:81:9a:1f:11:1a:5e:
94:62:05:b7:93:3a:3b:56:68:bd:0d:90:78:48:1d:
0e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:29:24:CC:B5:A5:93:7B:55:D5:6D:D5:07:DC:6E:A4:5F:4A:FE:4E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PSkkzLWlk3tV1W3VB9xupF9K_k4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
44:a9:60:3d:9c:2e:c3:4e:a0:e5:96:bb:bc:af:66:fb:7c:c8:
21:01:31:ad:7f:42:e7:c4:04:8e:f0:12:f5:7b:71:29:1d:7f:
84:a1:e4:f3:39:27:68:37:0b:40:f1:0d:04:1e:3c:da:47:cd:
8f:ee:dc:94:2c:bc:d5:9a:67:e7:78:be:28:d0:2a:f7:55:d6:
f2:96:69:fa:01:5f:fd:8a:8d:1f:87:83:9e:6a:5e:4c:08:61:
99:35:97:91:38:2b:46:ed:12:e7:ed:f2:63:13:30:50:ef:bc:
4f:9c:03:7c:4b:b1:98:e4:3f:e7:80:a6:aa:bd:aa:88:6c:d1:
11:e5:ba:0c:5d:e8:6e:02:cb:de:f4:3c:d6:9f:44:f6:57:c4:
47:07:cd:6c:ae:80:8c:bf:2e:51:0a:94:39:2f:a6:b6:b0:51:
86:64:ae:06:75:1e:67:c6:da:ce:d7:40:08:ec:55:3b:75:2f:
61:84:ce:a2:d8:ae:36:38:d6:93:f2:46:7d:32:ff:13:14:8f:
ee:cd:6f:94:e3:69:93:13:9f:10:da:52:d9:a7:4f:70:f3:6b:
da:d2:c8:eb:7d:66:7f:d0:f3:af:ad:e5:80:9a:26:a6:cd:38:
68:cf:31:96:8b:4d:2b:ad:4e:63:56:e3:10:57:b3:68:fe:4c:
7b:97:26:a6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGcjNoAuK8zpNIqCbJIUuesMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI5MDUxMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDI5MjRjY2I1YTU5MzdiNTVkNTZkZDUwN2RjNmVhNDVmNGFmZTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmU17/C7gGn0AeDf2mPWHTY+F5OTG
mlFSjyEYR9xkxu2pUmevnRhA1AsKTPEQFqGWFxprHuJNW5VB/I9yq+4JdpzINyeJ
q6blzN6E6p12uBKIWUjUk8lgXqhVnh6qGjkfRmeeWIFx/Hd/S/tc2wvuuGURX5mn
Y55gaA37F7jMKVPHDVXW/jAdI/10trBer784fHOxPUgv2gywdzRY7hbmmn/UH5rn
sJpO/9VBuhKdlxkiVgZqcjHbkf0ElDQ+EUXocEDBy/7xR+tuJfALp2Hu+ILXe6wA
f9efhBC7XjiFeiIBtcIu9/Fx0xOBmh8RGl6UYgW3kzo7Vmi9DZB4SB0O2QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFD0pJMy1pZN7VdVt1QfcbqRfSv5OMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUFNra3pMV2xrM3RWMVczVkI5eHVwRjlLX2s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEARKlgPZwuw06g5Za7vK9m+3zI
IQExrX9C58QEjvAS9XtxKR1/hKHk8zknaDcLQPENBB482kfNj+7clCy81Zpn53i+
KNAq91XW8pZp+gFf/YqNH4eDnmpeTAhhmTWXkTgrRu0S5+3yYxMwUO+8T5wDfEux
mOQ/54Cmqr2qiGzREeW6DF3obgLL3vQ81p9E9lfERwfNbK6AjL8uUQqUOS+mtrBR
hmSuBnUeZ8baztdACOxVO3UvYYTOotiuNjjWk/JGfTL/ExSP7s1vlONpkxOfENpS
2adPcPNr2tLI631mf9Dzr63lgJomps04aM8xlotNK61OY1bjEFezaP5Me5cmpg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:11 2025 by rpki-client