Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UIPgqVvYReXhlzv-mteWdI6wXdI.roa
File: UIPgqVvYReXhlzv-mteWdI6wXdI.roa (raw, json)
Hash identifier: jVTNSQ4nVKdO/AdMkcK6MIxr1On9YttL1kQxISUYDCA=
Subject key identifier: 50:83:E0:A9:5B:D8:45:E5:E1:97:3B:FE:9A:D7:96:74:8E:B0:5D:D2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191DB34FD8A69980C1CB920F2190C22120E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UIPgqVvYReXhlzv-mteWdI6wXdI.roa
Signing time: Tue 10 Sep 2024 09:12:48 +0000
ROA not before: Tue 10 Sep 2024 09:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 10 Sep 2024 10:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:db:34:fd:8a:69:98:0c:1c:b9:20:f2:19:0c:22:12:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 10 09:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5083e0a95bd845e5e1973bfe9ad796748eb05dd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:1f:69:e8:46:19:9a:8f:33:6b:40:1c:e5:3f:
a7:70:26:62:74:62:1b:95:39:2e:6c:88:b0:a1:be:
bb:c4:7a:b9:78:37:f3:42:b1:e3:2e:79:98:7d:e2:
08:46:68:05:b6:ca:f5:59:08:2e:fa:a4:db:0d:7f:
60:b8:cb:8e:54:a4:82:83:a3:ad:8c:94:39:f3:6a:
be:a5:94:80:fd:d0:f1:39:b7:69:13:86:bb:b6:93:
a6:92:31:10:b0:23:7b:ea:b6:9c:c6:12:ca:ef:da:
c6:d9:58:9d:5d:8e:14:7f:c3:00:76:e8:5c:69:71:
fc:6a:a9:fc:b8:05:65:8d:42:5e:e0:a0:07:01:76:
38:82:26:e5:48:0c:60:15:30:13:13:51:d4:80:18:
d5:b7:fa:d3:9d:05:a8:73:42:ad:99:48:47:ad:30:
06:61:35:0c:85:91:60:8a:b7:61:f2:94:eb:94:4f:
6f:3e:20:43:da:be:a3:e6:85:bd:27:57:2b:d5:93:
f5:40:c0:5e:8c:93:c7:66:51:74:a2:e0:66:f7:21:
1b:98:19:c3:e3:83:c1:cd:65:19:97:2f:3b:21:15:
b5:00:e2:af:15:1c:34:9e:b3:38:8d:39:94:1c:d4:
ed:1e:1c:bc:72:99:1b:ad:38:19:17:37:3b:df:89:
3c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:83:E0:A9:5B:D8:45:E5:E1:97:3B:FE:9A:D7:96:74:8E:B0:5D:D2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UIPgqVvYReXhlzv-mteWdI6wXdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
50:d8:f8:c8:2e:61:ce:f7:a0:2c:f2:41:33:50:63:4e:fb:00:
41:f2:8b:06:ac:61:27:c5:9b:b7:b0:ec:48:99:53:1b:e2:cb:
80:55:0d:37:16:1b:81:05:f7:43:c0:15:6d:97:07:08:56:42:
bd:64:1a:6c:09:7e:15:fb:58:22:03:f6:f4:68:7c:14:cc:eb:
28:dc:b7:cb:75:da:9d:8a:42:76:c8:88:e0:87:84:6f:e3:e2:
39:49:2f:95:76:01:be:48:94:16:0d:f7:02:31:52:c0:97:c5:
b0:ab:a3:11:6d:29:48:d0:e1:9d:35:4d:7c:d0:f8:0e:40:37:
2c:3f:51:c5:94:4f:5c:7d:85:59:92:49:2d:dd:d2:3d:fe:f7:
cd:58:03:ea:c1:be:8a:23:3e:c4:bb:f4:90:15:16:0d:7b:a4:
59:2d:04:20:03:f5:5e:86:9e:b2:ab:61:97:37:25:af:6c:10:
0a:cf:94:17:e6:b6:6c:0c:c1:6a:b7:0e:66:81:b5:1c:9c:f7:
d6:45:d0:ca:2f:5f:da:37:8e:39:ff:bc:b1:69:fc:72:f2:3f:
b4:7f:87:f0:4b:97:ca:85:92:e2:a9:91:e7:f8:fb:fe:20:86:
bc:c3:e1:54:a0:59:da:8f:d3:ea:81:2d:52:cd:23:69:56:96:
04:25:54:b9
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHbNP2KaZgMHLkg8hkMIhIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTEwMDkxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDgzZTBhOTViZDg0NWU1ZTE5NzNiZmU5YWQ3OTY3NDhlYjA1ZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6R9p6EYZmo8za0Ac5T+ncCZidGIb
lTkubIiwob67xHq5eDfzQrHjLnmYfeIIRmgFtsr1WQgu+qTbDX9guMuOVKSCg6Ot
jJQ582q+pZSA/dDxObdpE4a7tpOmkjEQsCN76racxhLK79rG2VidXY4Uf8MAduhc
aXH8aqn8uAVljUJe4KAHAXY4giblSAxgFTATE1HUgBjVt/rTnQWoc0KtmUhHrTAG
YTUMhZFgirdh8pTrlE9vPiBD2r6j5oW9J1cr1ZP1QMBejJPHZlF0ouBm9yEbmBnD
44PBzWUZly87IRW1AOKvFRw0nrM4jTmUHNTtHhy8cpkbrTgZFzc734k8zwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFFCD4Klb2EXl4Zc7/prXlnSOsF3SMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVUlQZ3FWdllSZVhobHp2LW10ZVdkSTZ3WGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wDEQAgAQZ8AGT//wAAAZHYLDcb
MA0GCSqGSIb3DQEBCwUAA4IBAQBQ2PjILmHO96As8kEzUGNO+wBB8osGrGEnxZu3
sOxImVMb4suAVQ03FhuBBfdDwBVtlwcIVkK9ZBpsCX4V+1giA/b0aHwUzOso3LfL
ddqdikJ2yIjgh4Rv4+I5SS+VdgG+SJQWDfcCMVLAl8Wwq6MRbSlI0OGdNU180PgO
QDcsP1HFlE9cfYVZkkkt3dI9/vfNWAPqwb6KIz7Eu/SQFRYNe6RZLQQgA/Vehp6y
q2GXNyWvbBAKz5QX5rZsDMFqtw5mgbUcnPfWRdDKL1/aN445/7yxafxy8j+0f4fw
S5fKhZLiqZHn+Pv+IIa8w+FUoFnaj9PqgS1SzSNpVpYEJVS5
-----END CERTIFICATE-----
Generated at Tue Sep 10 13:26:10 2024 by rpki-client on console-ams.rpki-client.org