Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TCSsxI08T8tAIjJFirjjDjTn4_g.roa
File: TCSsxI08T8tAIjJFirjjDjTn4_g.roa (raw, json)
Hash identifier: smXdVgR4kcCk40rpV3X6dbteQsEu+Q9LZBv1Xc0uhNk=
Subject key identifier: 4C:24:AC:C4:8D:3C:4F:CB:40:22:32:45:8A:B8:E3:0E:34:E7:E3:F8
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191212A95FB6BDE2362B3EC05F300EA8E41
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TCSsxI08T8tAIjJFirjjDjTn4_g.roa
Signing time: Mon 05 Aug 2024 06:12:04 +0000
ROA not before: Mon 05 Aug 2024 06:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 05 Aug 2024 07:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:21:2a:95:fb:6b:de:23:62:b3:ec:05:f3:00:ea:8e:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 5 06:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c24acc48d3c4fcb402232458ab8e30e34e7e3f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7c:4a:57:66:e8:fd:a4:0a:8a:bf:b8:0f:39:
aa:1c:35:40:3f:21:82:e0:78:94:12:7d:cb:3f:8d:
d0:f1:c3:5c:82:eb:81:b4:4f:aa:40:46:a3:c2:8e:
31:12:82:cc:bc:30:73:e4:d9:31:7d:09:35:64:be:
8c:0e:e0:a8:7f:f6:3e:7b:89:92:76:fa:41:98:dc:
20:aa:51:01:46:17:0c:67:b4:d6:37:c7:7f:01:f5:
76:53:0d:cf:f4:67:94:7f:78:fd:2e:46:b1:3b:9d:
a8:d3:e0:df:97:54:66:74:fd:d7:f1:c5:b7:1e:a0:
49:fa:68:79:37:b7:e1:f6:f3:27:c8:3b:81:03:9b:
ac:d1:3a:4b:2d:29:95:99:09:9e:a2:ad:f1:1c:fd:
41:9d:51:7d:98:e1:54:45:83:8b:01:fd:6c:ee:2b:
55:f7:18:a6:30:24:e1:ae:c0:54:40:6e:2b:75:c7:
6c:0b:ff:fe:4e:df:fa:d2:6b:14:d0:e5:0f:3b:6c:
09:8b:87:bd:38:10:76:b1:27:61:de:7e:2a:dd:99:
8e:f6:b7:54:93:f0:87:41:1e:a3:16:7e:6f:e6:31:
fa:18:44:32:f3:be:79:32:85:f9:b3:cc:d7:75:be:
77:13:ca:4c:46:c8:d5:8e:e5:7c:48:ed:ae:94:7a:
9a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:24:AC:C4:8D:3C:4F:CB:40:22:32:45:8A:B8:E3:0E:34:E7:E3:F8
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TCSsxI08T8tAIjJFirjjDjTn4_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
0d:73:2e:a9:23:80:00:32:2f:46:c2:7c:5e:5d:65:65:35:58:
56:d3:b9:56:a3:b3:d0:c9:77:7b:dd:96:22:2c:23:9a:bb:24:
f0:40:63:80:1b:25:5e:f2:e3:5d:3a:13:93:76:c6:21:32:d7:
5f:b8:62:de:58:7f:92:d9:50:0a:69:7b:6d:22:2f:4b:f7:51:
4d:13:09:2e:d0:07:3f:77:36:7a:0d:1a:b7:17:ae:37:fc:ad:
88:76:44:02:2c:e0:21:10:c7:f9:6a:11:ac:a6:8f:25:32:95:
ec:13:b9:5e:48:e2:47:6a:a5:d6:d3:36:63:31:d9:a5:b4:11:
c0:72:db:b5:bd:8e:44:3f:6e:ac:ab:6f:f3:78:f1:6f:71:c8:
00:6c:82:bb:9c:1d:91:49:1e:e1:c7:e9:a7:50:79:0b:40:6e:
1c:c0:24:74:ab:3d:3b:5d:1c:b9:b4:dd:96:b3:e8:d0:e2:98:
e5:52:f7:6c:69:7b:90:b2:54:7c:05:19:4b:49:16:86:84:37:
86:c7:fc:f3:e1:53:cf:35:3b:da:ac:02:f8:45:f8:d3:f2:d0:
ae:e0:3b:b0:b2:b5:f2:51:a9:1a:6f:b7:a1:59:03:a3:76:95:
ea:76:83:4e:ca:9d:db:51:f5:35:a7:81:73:f1:cd:65:cc:a7:
a7:85:7c:bb
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEhKpX7a94jYrPsBfMA6o5BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA1MDYxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzI0YWNjNDhkM2M0ZmNiNDAyMjMyNDU4YWI4ZTMwZTM0ZTdlM2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnxKV2bo/aQKir+4DzmqHDVAPyGC
4HiUEn3LP43Q8cNcguuBtE+qQEajwo4xEoLMvDBz5NkxfQk1ZL6MDuCof/Y+e4mS
dvpBmNwgqlEBRhcMZ7TWN8d/AfV2Uw3P9GeUf3j9LkaxO52o0+Dfl1RmdP3X8cW3
HqBJ+mh5N7fh9vMnyDuBA5us0TpLLSmVmQmeoq3xHP1BnVF9mOFURYOLAf1s7itV
9ximMCThrsBUQG4rdcdsC//+Tt/60msU0OUPO2wJi4e9OBB2sSdh3n4q3ZmO9rdU
k/CHQR6jFn5v5jH6GEQy8755MoX5s8zXdb53E8pMRsjVjuV8SO2ulHqaRQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEwkrMSNPE/LQCIyRYq44w405+P4MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVENTc3hJMDhUOHRBSWpKRmlyampEalRuNF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEADXMuqSOAADIvRsJ8Xl1lZTVY
VtO5VqOz0Ml3e92WIiwjmrsk8EBjgBslXvLjXToTk3bGITLXX7hi3lh/ktlQCml7
bSIvS/dRTRMJLtAHP3c2eg0atxeuN/ytiHZEAizgIRDH+WoRrKaPJTKV7BO5Xkji
R2ql1tM2YzHZpbQRwHLbtb2ORD9urKtv83jxb3HIAGyCu5wdkUke4cfpp1B5C0Bu
HMAkdKs9O10cubTdlrPo0OKY5VL3bGl7kLJUfAUZS0kWhoQ3hsf88+FTzzU72qwC
+EX40/LQruA7sLK18lGpGm+3oVkDo3aV6naDTsqd21H1NaeBc/HNZcynp4V8uw==
-----END CERTIFICATE-----
Generated at Mon Aug 5 09:21:43 2024 by rpki-client on console-fra.rpki-client.org