Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Tl1u_nwBiDlS4lh7JmnD2Y4FCnI.roa
File: Tl1u_nwBiDlS4lh7JmnD2Y4FCnI.roa (raw, json)
Hash identifier: OIKh7LD29YtPXdMZmmxlCk3ejsgdl0kkrywsjRjRqtk=
Subject key identifier: 4E:5D:6E:FE:7C:01:88:39:52:E2:58:7B:26:69:C3:D9:8E:05:0A:72
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01916AFA6D89A789126C104712CF738246AB
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Tl1u_nwBiDlS4lh7JmnD2Y4FCnI.roa
Signing time: Mon 19 Aug 2024 14:11:22 +0000
ROA not before: Mon 19 Aug 2024 14:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 19 Aug 2024 15:04:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6a:fa:6d:89:a7:89:12:6c:10:47:12:cf:73:82:46:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 19 14:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e5d6efe7c01883952e2587b2669c3d98e050a72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c0:b3:4c:4b:36:9a:99:a0:6d:ad:7f:aa:6a:
1f:39:cb:c5:e7:72:ee:2f:1f:89:d7:1f:b5:19:90:
5b:52:c0:80:ef:ca:d1:73:2d:de:57:34:36:41:74:
c6:53:1e:cf:84:de:07:a3:8d:28:6f:2b:15:52:b7:
97:74:3c:d7:14:c0:21:90:49:41:83:72:70:4a:fc:
0b:7a:df:5f:5b:da:0a:ce:85:fc:b8:14:d2:ea:0e:
7b:ff:91:33:0f:63:94:4c:5c:cf:d2:fb:26:e2:92:
90:b5:76:29:16:8a:85:7f:b7:fd:d0:93:ae:8c:d2:
5e:33:bf:b6:a1:c4:f4:79:c1:51:49:c7:67:c5:18:
37:d2:15:fa:0b:72:23:f8:2b:c6:22:5a:f0:9c:68:
df:b3:d1:fa:21:b7:a7:17:97:2c:33:fb:ad:fc:30:
d5:62:ea:fb:c8:d7:ed:7f:0f:a8:fc:48:c1:11:16:
b1:3c:d2:01:ab:b3:28:33:ff:a6:f6:d6:4d:65:50:
7a:81:77:05:59:a3:53:46:20:7f:94:32:a9:25:b5:
09:0b:21:53:dd:52:31:f1:94:28:9a:ab:e8:28:b3:
61:e3:aa:ff:42:f4:f8:67:0d:98:e1:f6:18:97:51:
10:b9:57:65:f6:44:54:b8:10:8d:68:73:a9:b4:72:
ef:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:5D:6E:FE:7C:01:88:39:52:E2:58:7B:26:69:C3:D9:8E:05:0A:72
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Tl1u_nwBiDlS4lh7JmnD2Y4FCnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
72:45:62:4b:dd:2d:49:cc:ac:08:8a:09:d1:99:1f:dd:1c:50:
10:1d:6d:10:78:86:7d:8b:ed:93:98:77:6e:0d:da:3d:6b:bb:
83:1f:19:37:86:af:17:38:54:4e:80:d3:fd:89:0d:62:c4:78:
e3:20:d9:9a:e2:8c:8c:80:31:54:a6:ea:69:e1:ea:93:3a:8e:
40:f9:56:52:26:5c:12:84:58:cf:49:f0:60:8a:4f:25:87:33:
11:42:f3:0f:a0:46:8a:0b:a8:7f:d5:6a:c6:08:b8:20:45:38:
5c:c7:71:e2:a4:6b:3b:26:04:b4:fd:7c:8e:79:89:bc:fb:23:
0a:1a:2d:20:8e:b8:9e:0c:7a:e3:d5:22:f9:72:08:70:1b:af:
66:f3:18:5a:35:69:1f:ca:3a:34:b7:98:c8:2f:61:7d:ae:8f:
d0:64:33:03:12:fd:ed:54:36:e6:ed:dd:6f:ee:e4:d3:24:eb:
7b:42:f4:6b:fb:00:db:e0:95:83:56:f2:00:6d:f0:23:e7:28:
cc:48:c3:74:1d:b5:8f:64:87:bf:86:b2:5f:be:02:dd:42:a7:
31:e1:b0:f4:d0:60:14:f5:88:a4:6a:24:bf:94:d6:22:36:ba:
46:af:ec:b5:de:75:62:6a:13:53:c3:55:7f:0c:9b:b7:37:d3:
b9:5a:b0:d0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFq+m2Jp4kSbBBHEs9zgkarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODE5MTQxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTVkNmVmZTdjMDE4ODM5NTJlMjU4N2IyNjY5YzNkOThlMDUwYTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8CzTEs2mpmgba1/qmofOcvF53Lu
Lx+J1x+1GZBbUsCA78rRcy3eVzQ2QXTGUx7PhN4Ho40obysVUreXdDzXFMAhkElB
g3JwSvwLet9fW9oKzoX8uBTS6g57/5EzD2OUTFzP0vsm4pKQtXYpFoqFf7f90JOu
jNJeM7+2ocT0ecFRScdnxRg30hX6C3Ij+CvGIlrwnGjfs9H6IbenF5csM/ut/DDV
Yur7yNftfw+o/EjBERaxPNIBq7MoM/+m9tZNZVB6gXcFWaNTRiB/lDKpJbUJCyFT
3VIx8ZQomqvoKLNh46r/QvT4Zw2Y4fYYl1EQuVdl9kRUuBCNaHOptHLvKQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFE5dbv58AYg5UuJYeyZpw9mOBQpyMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVGwxdV9ud0JpRGxTNGxoN0ptbkQyWTRGQ25JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAckViS90tScysCIoJ0Zkf3RxQ
EB1tEHiGfYvtk5h3bg3aPWu7gx8ZN4avFzhUToDT/YkNYsR44yDZmuKMjIAxVKbq
aeHqkzqOQPlWUiZcEoRYz0nwYIpPJYczEULzD6BGiguof9Vqxgi4IEU4XMdx4qRr
OyYEtP18jnmJvPsjChotII64ngx649Ui+XIIcBuvZvMYWjVpH8o6NLeYyC9hfa6P
0GQzAxL97VQ25u3db+7k0yTre0L0a/sA2+CVg1byAG3wI+cozEjDdB21j2SHv4ay
X74C3UKnMeGw9NBgFPWIpGokv5TWIja6Rq/std51YmoTU8NVfwybtzfTuVqw0A==
-----END CERTIFICATE-----
Generated at Mon Aug 19 19:13:12 2024 by rpki-client on console-fra.rpki-client.org