Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/T_nVmkYqbdvk9aNRpw9O1b_gpq8.roa
File: T_nVmkYqbdvk9aNRpw9O1b_gpq8.roa (raw, json)
Hash identifier: QaFlqbg9apryLfAiLY2LR0kTP8CZE+Wki5bLm/lvP/g=
Subject key identifier: 4F:F9:D5:9A:46:2A:6D:DB:E4:F5:A3:51:A7:0F:4E:D5:BF:E0:A6:AF
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191697B29F8DA1A8454E6E50E749132FE59
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/T_nVmkYqbdvk9aNRpw9O1b_gpq8.roa
Signing time: Mon 19 Aug 2024 07:12:44 +0000
ROA not before: Mon 19 Aug 2024 07:12:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 19 Aug 2024 08:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:69:7b:29:f8:da:1a:84:54:e6:e5:0e:74:91:32:fe:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 19 07:12:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ff9d59a462a6ddbe4f5a351a70f4ed5bfe0a6af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:08:83:2a:97:9d:5a:40:8e:7d:1f:74:bb:5b:
c4:a4:e1:e0:20:5b:15:14:26:b9:3f:79:12:5f:f0:
e5:92:1e:f2:c8:8c:bf:6c:0b:54:d8:b2:f5:d2:8b:
d0:60:87:4b:15:9d:6d:de:e2:db:3a:ca:ed:92:39:
eb:45:84:73:9a:4c:19:a0:3a:82:1b:7e:d1:dc:30:
22:77:f0:e6:5d:21:1b:41:b0:43:8d:7c:97:a9:f7:
1c:eb:c0:9f:8c:11:0c:01:34:b8:5f:53:93:64:0e:
a4:61:3d:c2:e0:ac:5f:96:93:2f:13:4f:a5:34:90:
0e:d9:c4:b4:ab:d6:18:35:67:1b:d5:f3:2d:ef:1c:
02:93:08:8a:81:47:cc:90:31:98:f5:45:3c:3f:12:
79:51:a9:5a:78:f9:62:8d:4c:07:1c:0f:eb:83:57:
e8:f2:ee:7d:09:21:43:f6:ff:4c:3f:40:dc:67:a6:
cf:0a:61:b7:93:6b:30:c6:65:f6:37:9e:b2:2b:f9:
01:41:ad:8e:4e:65:8d:db:2d:b1:f0:3b:0e:c1:05:
67:cf:38:cb:cc:58:5d:47:ff:51:26:65:51:e5:95:
f0:8a:cc:23:c0:d9:1a:3b:df:77:ee:bf:6a:68:2a:
92:34:8b:eb:ce:08:e5:c6:11:26:ae:b4:8d:ad:40:
16:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:F9:D5:9A:46:2A:6D:DB:E4:F5:A3:51:A7:0F:4E:D5:BF:E0:A6:AF
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/T_nVmkYqbdvk9aNRpw9O1b_gpq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
16:07:9d:d0:82:14:47:1f:52:a6:1c:2e:0c:7d:da:07:2e:1c:
24:67:44:06:29:ce:cc:0a:e8:64:19:7b:10:ba:37:30:9f:e8:
84:4b:96:f1:a5:44:8c:a9:0c:58:2d:ee:df:9c:7d:87:6d:dd:
5c:85:ad:d2:08:c3:42:ff:0c:09:c4:c7:1e:e4:38:17:84:49:
ad:d3:87:9e:76:8b:c4:0d:87:c8:63:00:62:86:17:95:8b:86:
53:03:c1:90:ae:1f:2f:33:37:01:26:0d:18:60:42:76:6b:0c:
c2:3f:47:d4:48:59:d6:15:02:d7:1c:ad:48:a7:45:ce:6e:b8:
56:8c:2b:26:f2:fa:2b:27:56:54:47:f4:74:f7:f4:ed:57:65:
ff:83:0c:48:b3:4a:32:43:3d:68:7f:77:46:dc:4e:18:54:48:
20:c5:01:62:4d:d0:b0:af:fa:da:89:60:69:b7:c5:13:7f:c2:
57:f7:24:48:f3:84:c3:cb:db:e0:c1:71:6a:f0:fc:e0:f6:30:
43:0a:5e:4c:95:2f:d6:89:cb:d8:a4:8d:f8:68:ae:b4:04:a3:
59:c8:70:1a:f0:60:46:9b:8b:da:ec:ba:c3:61:e1:b0:64:9f:
80:a5:e2:5b:8e:72:73:14:1d:fc:2e:c4:6e:4f:02:a8:83:2a:
cf:52:51:00
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFpeyn42hqEVOblDnSRMv5ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODE5MDcxMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmY5ZDU5YTQ2MmE2ZGRiZTRmNWEzNTFhNzBmNGVkNWJmZTBhNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQiDKpedWkCOfR90u1vEpOHgIFsV
FCa5P3kSX/Dlkh7yyIy/bAtU2LL10ovQYIdLFZ1t3uLbOsrtkjnrRYRzmkwZoDqC
G37R3DAid/DmXSEbQbBDjXyXqfcc68CfjBEMATS4X1OTZA6kYT3C4KxflpMvE0+l
NJAO2cS0q9YYNWcb1fMt7xwCkwiKgUfMkDGY9UU8PxJ5UalaePlijUwHHA/rg1fo
8u59CSFD9v9MP0DcZ6bPCmG3k2swxmX2N56yK/kBQa2OTmWN2y2x8DsOwQVnzzjL
zFhdR/9RJmVR5ZXwiswjwNkaO9937r9qaCqSNIvrzgjlxhEmrrSNrUAWAwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFE/51ZpGKm3b5PWjUacPTtW/4KavMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVF9uVm1rWXFiZHZrOWFOUnB3OU8xYl9ncHE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAFged0IIURx9SphwuDH3aBy4c
JGdEBinOzAroZBl7ELo3MJ/ohEuW8aVEjKkMWC3u35x9h23dXIWt0gjDQv8MCcTH
HuQ4F4RJrdOHnnaLxA2HyGMAYoYXlYuGUwPBkK4fLzM3ASYNGGBCdmsMwj9H1EhZ
1hUC1xytSKdFzm64VowrJvL6KydWVEf0dPf07Vdl/4MMSLNKMkM9aH93RtxOGFRI
IMUBYk3QsK/62olgabfFE3/CV/ckSPOEw8vb4MFxavD84PYwQwpeTJUv1onL2KSN
+GiutASjWchwGvBgRpuL2uy6w2HhsGSfgKXiW45ycxQd/C7Ebk8CqIMqz1JRAA==
-----END CERTIFICATE-----
Generated at Mon Aug 19 10:52:58 2024 by rpki-client on console-fra.rpki-client.org