Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RJj-CaYBbgKpZy3A4ZVjUOcW8_w.roa
File: RJj-CaYBbgKpZy3A4ZVjUOcW8_w.roa (raw, json)
Hash identifier: 40NHTBTmxsmiOG+zWd/KOawzLgZtLaJdgvGJoxG9OsU=
Subject key identifier: 44:98:FE:09:A6:01:6E:02:A9:67:2D:C0:E1:95:63:50:E7:16:F3:FC
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191AC6DCC153079430A1AD3E30CDE0C91B7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RJj-CaYBbgKpZy3A4ZVjUOcW8_w.roa
Signing time: Sun 01 Sep 2024 07:12:42 +0000
ROA not before: Sun 01 Sep 2024 07:12:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 01 Sep 2024 08:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ac:6d:cc:15:30:79:43:0a:1a:d3:e3:0c:de:0c:91:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 1 07:12:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4498fe09a6016e02a9672dc0e1956350e716f3fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:c1:40:c6:a6:38:a1:5f:5f:14:22:e2:fb:4c:
1e:08:ed:47:9f:fa:dd:1a:78:6e:b4:38:ca:ad:b8:
29:d8:b2:79:99:59:94:46:30:57:33:ba:00:96:58:
9f:a7:c9:97:06:7f:a0:81:aa:f1:4f:bb:8f:8d:07:
5b:33:56:99:56:b0:ff:fe:fd:45:4c:5f:7d:e4:ab:
a3:00:da:8e:c2:23:aa:0a:9c:1b:bf:66:e2:9d:dc:
d3:4d:c3:b9:fd:cc:9a:2f:d0:f4:9e:3d:a6:b2:5b:
da:16:30:b4:bc:f2:4e:df:9a:79:99:66:00:89:2f:
cb:ac:92:2f:bf:bd:0e:d0:d8:c0:33:53:40:8d:d0:
1b:7e:f8:01:a3:2c:ff:4e:1b:43:fa:9e:4b:c2:80:
46:a4:7b:2f:56:45:41:10:d4:ef:44:32:e5:2c:74:
45:9f:50:65:98:db:82:23:c9:1e:e0:ff:5f:6c:95:
c9:f8:74:71:66:1d:6f:dc:e8:50:7b:36:9d:5f:cd:
53:83:06:9d:45:df:93:4c:57:53:c6:b3:76:6c:0c:
27:36:0e:ea:91:4f:6a:14:05:4c:ad:a1:4f:cb:57:
64:23:85:e5:9a:99:fa:f9:1d:42:ad:7f:ad:af:39:
43:64:c3:70:c7:dc:54:8f:cd:a3:30:8e:1e:1b:38:
22:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:98:FE:09:A6:01:6E:02:A9:67:2D:C0:E1:95:63:50:E7:16:F3:FC
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RJj-CaYBbgKpZy3A4ZVjUOcW8_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
76:d4:9b:6d:4f:17:b0:00:f9:56:39:f0:0d:d9:6b:c2:84:9b:
1f:c3:e6:6f:a9:93:46:13:8b:fc:c2:38:5c:f4:1a:1b:b1:b9:
29:c2:d7:7c:54:2c:58:55:f5:7c:68:b9:03:d1:03:46:dc:46:
88:f0:82:50:93:3b:a8:ec:f3:f1:c2:c6:86:23:ea:49:1a:c1:
e9:58:d4:f1:5e:b4:ad:01:87:80:88:ed:e4:8f:ba:53:99:c3:
26:c1:37:c0:7e:e1:cd:0b:67:a2:d4:5d:40:ad:f7:3d:15:29:
c9:5c:66:5c:61:b0:58:5a:fc:e0:81:de:a6:c1:f2:7a:c3:b9:
01:65:6a:b1:8d:42:07:b6:98:66:6f:20:4f:4f:9f:9e:66:b0:
b2:f1:4f:e0:5c:2a:ec:1d:99:65:4b:a5:a4:84:eb:f5:90:d6:
4e:f0:7a:c6:e3:5d:53:9b:ba:ad:e6:95:6a:f7:19:28:15:98:
0c:c0:9c:7f:de:6d:62:a8:2b:da:31:21:71:ff:aa:0b:08:3d:
a7:78:a6:55:fe:be:48:51:81:85:04:50:eb:c4:68:b3:c8:82:
17:d6:9a:8a:6d:ae:35:0a:d9:05:b6:4b:f2:d8:09:38:19:d5:
9e:67:85:65:e9:e3:47:c8:7f:f2:f1:2a:52:83:ce:c5:69:1b:
83:99:8e:ca
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGsbcwVMHlDChrT4wzeDJG3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAxMDcxMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDk4ZmUwOWE2MDE2ZTAyYTk2NzJkYzBlMTk1NjM1MGU3MTZmM2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48FAxqY4oV9fFCLi+0weCO1Hn/rd
GnhutDjKrbgp2LJ5mVmURjBXM7oAllifp8mXBn+ggarxT7uPjQdbM1aZVrD//v1F
TF995KujANqOwiOqCpwbv2bindzTTcO5/cyaL9D0nj2mslvaFjC0vPJO35p5mWYA
iS/LrJIvv70O0NjAM1NAjdAbfvgBoyz/ThtD+p5LwoBGpHsvVkVBENTvRDLlLHRF
n1BlmNuCI8ke4P9fbJXJ+HRxZh1v3OhQezadX81TgwadRd+TTFdTxrN2bAwnNg7q
kU9qFAVMraFPy1dkI4Xlmpn6+R1CrX+trzlDZMNwx9xUj82jMI4eGzgiYwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFESY/gmmAW4CqWctwOGVY1DnFvP8MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUkpqLUNhWUJiZ0twWnkzQTRaVmpVT2NXOF93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAdtSbbU8XsAD5VjnwDdlrwoSb
H8Pmb6mTRhOL/MI4XPQaG7G5KcLXfFQsWFX1fGi5A9EDRtxGiPCCUJM7qOzz8cLG
hiPqSRrB6VjU8V60rQGHgIjt5I+6U5nDJsE3wH7hzQtnotRdQK33PRUpyVxmXGGw
WFr84IHepsHyesO5AWVqsY1CB7aYZm8gT0+fnmawsvFP4Fwq7B2ZZUulpITr9ZDW
TvB6xuNdU5u6reaVavcZKBWYDMCcf95tYqgr2jEhcf+qCwg9p3imVf6+SFGBhQRQ
68Ros8iCF9aaim2uNQrZBbZL8tgJOBnVnmeFZenjR8h/8vEqUoPOxWkbg5mOyg==
-----END CERTIFICATE-----
Generated at Sun Sep 1 08:59:19 2024 by rpki-client on console-fra.rpki-client.org