Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RHbM96Y_PRtSl7qzvCM3Nlgc6-M.roa
File: RHbM96Y_PRtSl7qzvCM3Nlgc6-M.roa (raw, json)
Hash identifier: e4TtEX/5dGBFUDpHOwQW7o5U6e7qu7xdUhyCGnglHck=
Subject key identifier: 44:76:CC:F7:A6:3F:3D:1B:52:97:BA:B3:BC:23:37:36:58:1C:EB:E3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191E134555880203E753041823EB826A020
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RHbM96Y_PRtSl7qzvCM3Nlgc6-M.roa
Signing time: Wed 11 Sep 2024 13:09:48 +0000
ROA not before: Wed 11 Sep 2024 13:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 11 Sep 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:34:55:58:80:20:3e:75:30:41:82:3e:b8:26:a0:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 11 13:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4476ccf7a63f3d1b5297bab3bc233736581cebe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:11:62:32:20:4a:3a:da:9e:68:91:f7:7c:32:
b0:f9:a0:e2:e2:bc:e9:47:7d:3b:04:2f:65:1c:7f:
88:a7:27:d2:f0:63:89:7d:fa:da:f3:b4:64:cc:20:
f1:e9:0f:16:bc:b3:31:6d:19:07:a1:21:8d:8d:0e:
b4:cc:8c:18:f2:b5:53:28:0d:0c:e5:a8:02:e0:99:
f6:1d:27:84:b9:59:3b:f7:85:91:50:ec:fa:af:70:
57:9e:1b:e2:38:dd:cf:74:1e:1e:25:c7:d5:95:87:
78:ca:9c:72:a1:e9:f2:f6:94:df:8c:26:a0:36:71:
8f:d3:d5:5f:67:7e:f1:ec:ec:f9:8a:c7:b8:4a:73:
3d:72:fd:8a:9b:16:fd:ef:d9:d8:9b:90:5f:c5:02:
bc:6e:b1:62:24:17:19:25:12:04:89:e7:1b:1a:f2:
8f:e4:47:49:c2:a7:e0:e8:4d:4d:09:dd:4b:f9:20:
4e:5d:92:55:1f:aa:38:d4:bd:db:13:97:ca:ca:e6:
e8:73:ac:48:93:ef:65:28:74:70:93:ee:06:d8:0f:
6a:80:8d:65:89:0b:f9:c2:d6:71:b9:70:7d:8b:28:
ec:35:5a:47:dc:e4:44:b0:af:99:44:2e:72:0e:ba:
aa:53:46:42:0f:5b:47:b5:8f:d1:b2:27:0f:3d:c2:
ed:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:76:CC:F7:A6:3F:3D:1B:52:97:BA:B3:BC:23:37:36:58:1C:EB:E3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RHbM96Y_PRtSl7qzvCM3Nlgc6-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
65:65:47:dd:61:d6:0b:93:30:6e:4f:94:5a:5e:6a:21:04:a4:
fb:58:d3:c8:33:df:72:58:75:00:76:7f:2d:8c:28:83:ef:e2:
b5:54:d4:9b:01:31:44:0e:78:71:ff:5c:b1:9d:44:59:eb:9f:
b5:34:e9:3b:4d:48:db:b6:18:e1:17:32:a5:56:76:d2:ef:a6:
cb:1d:d9:94:a5:fb:85:04:77:9d:f1:96:86:72:42:dc:c6:c0:
37:16:7e:32:bc:78:ff:a0:7a:7d:ad:33:09:e8:f9:90:dd:c8:
12:a2:db:3d:59:16:2c:aa:f9:87:4c:57:b9:e9:01:7f:e2:05:
21:3f:07:2b:15:26:7f:7b:b6:89:df:2c:9f:c8:50:9d:ce:65:
23:73:b3:66:f8:e9:e1:14:20:5b:82:f4:73:42:c0:62:c9:4d:
24:b0:b2:4b:ec:9f:83:62:0a:d8:fb:f0:30:ca:56:0d:09:43:
a5:d5:16:f4:c4:ae:85:5b:ca:76:dc:bc:a3:05:2d:1f:a1:9c:
c4:28:7b:ce:8f:18:4d:41:45:0e:68:0f:1b:98:4b:11:bc:2c:
52:2d:8e:eb:58:e9:b6:0e:31:02:3d:60:15:b0:b9:23:91:8b:
2b:5a:5c:44:75:d1:12:eb:f9:d3:d1:dc:ee:18:81:1b:ee:5d:
e6:e7:38:f7
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHhNFVYgCA+dTBBgj64JqAgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTExMTMwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDc2Y2NmN2E2M2YzZDFiNTI5N2JhYjNiYzIzMzczNjU4MWNlYmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBFiMiBKOtqeaJH3fDKw+aDi4rzp
R307BC9lHH+IpyfS8GOJffra87RkzCDx6Q8WvLMxbRkHoSGNjQ60zIwY8rVTKA0M
5agC4Jn2HSeEuVk794WRUOz6r3BXnhviON3PdB4eJcfVlYd4ypxyoeny9pTfjCag
NnGP09VfZ37x7Oz5ise4SnM9cv2Kmxb979nYm5BfxQK8brFiJBcZJRIEiecbGvKP
5EdJwqfg6E1NCd1L+SBOXZJVH6o41L3bE5fKyuboc6xIk+9lKHRwk+4G2A9qgI1l
iQv5wtZxuXB9iyjsNVpH3OREsK+ZRC5yDrqqU0ZCD1tHtY/RsicPPcLtowIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFER2zPemPz0bUpe6s7wjNzZYHOvjMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUkhiTTk2WV9QUnRTbDdxenZDTTNObGdjNi1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wDEQAgAQZ8AGT//wAAAZHYLDcb
MA0GCSqGSIb3DQEBCwUAA4IBAQBlZUfdYdYLkzBuT5RaXmohBKT7WNPIM99yWHUA
dn8tjCiD7+K1VNSbATFEDnhx/1yxnURZ65+1NOk7TUjbthjhFzKlVnbS76bLHdmU
pfuFBHed8ZaGckLcxsA3Fn4yvHj/oHp9rTMJ6PmQ3cgSots9WRYsqvmHTFe56QF/
4gUhPwcrFSZ/e7aJ3yyfyFCdzmUjc7Nm+OnhFCBbgvRzQsBiyU0ksLJL7J+DYgrY
+/AwylYNCUOl1Rb0xK6FW8p23LyjBS0foZzEKHvOjxhNQUUOaA8bmEsRvCxSLY7r
WOm2DjECPWAVsLkjkYsrWlxEddES6/nT0dzuGIEb7l3m5zj3
-----END CERTIFICATE-----
Generated at Wed Sep 11 18:35:55 2024 by rpki-client on console-ams.rpki-client.org