Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UQ8mQxNQaTrBone8aMEtaqfw_Fs.roa
File: UQ8mQxNQaTrBone8aMEtaqfw_Fs.roa (raw, json)
Hash identifier: HDrCN557vUrD8/bxm315GfFA2LOzF3c/OrkxdJnbIxg=
Subject key identifier: 51:0F:26:43:13:50:69:3A:C1:A2:77:BC:68:C1:2D:6A:A7:F0:FC:5B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191AE8B7C6229538AE8418854ED7609C47C
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UQ8mQxNQaTrBone8aMEtaqfw_Fs.roa
Signing time: Sun 01 Sep 2024 17:04:22 +0000
ROA not before: Sun 01 Sep 2024 17:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:ae8b:68fd/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 01 Sep 2024 17:12:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ae:8b:7c:62:29:53:8a:e8:41:88:54:ed:76:09:c4:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 1 17:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=510f26431350693ac1a277bc68c12d6aa7f0fc5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:48:b7:fe:36:e6:8b:e5:2a:44:60:81:f2:30:
82:ca:fb:09:b3:98:75:6b:2f:d1:31:44:90:3f:5e:
36:b2:f0:9d:40:a7:cd:99:1a:f6:34:5e:d1:21:0c:
78:c3:d1:85:11:01:9b:6f:23:41:96:f3:0d:b8:e9:
6b:72:7e:77:08:2a:84:cd:59:49:b0:50:9b:75:03:
ef:b7:1d:7d:9e:0c:88:ee:a6:8a:67:d3:24:d4:91:
40:24:36:fc:16:36:d3:90:23:b8:bc:91:d3:4e:0f:
42:5d:17:86:a7:45:1d:75:74:27:71:32:df:fa:99:
ac:4e:49:c1:c2:d7:58:fa:75:85:fe:e4:93:c6:2d:
d1:cd:83:0a:06:6b:ea:d4:c5:73:d0:30:e3:55:98:
91:c0:f3:b9:22:c6:be:5e:bc:e7:14:c2:5e:e6:c8:
df:3c:fd:a3:c2:9c:01:7a:f3:ec:fe:a0:0e:71:d0:
9a:f8:2b:47:1b:5f:59:33:a8:75:fc:36:64:86:be:
70:fa:47:24:30:35:c0:95:f0:51:96:06:cc:26:01:
ad:20:2d:97:d5:1a:53:9a:59:c3:0d:12:83:5f:5b:
30:fe:4b:2f:f9:d4:80:38:93:d5:c2:b1:d1:c5:9f:
11:0c:da:93:bb:8d:56:0a:c3:64:08:06:b5:d5:da:
e5:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:0F:26:43:13:50:69:3A:C1:A2:77:BC:68:C1:2D:6A:A7:F0:FC:5B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UQ8mQxNQaTrBone8aMEtaqfw_Fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:ae8b:68fd/128
Signature Algorithm: sha256WithRSAEncryption
25:b8:2e:c3:30:3d:06:fd:12:aa:78:02:95:22:21:ec:c3:f5:
6c:98:98:a8:bb:1f:da:8b:9d:11:08:b4:60:38:f5:39:a4:5f:
ad:c3:f5:1e:8d:19:cf:ff:7f:95:67:84:ec:e3:c8:9a:78:91:
26:39:d9:82:ef:b3:ea:56:3a:78:ff:96:8d:5c:45:74:39:60:
d1:e0:9f:1e:3f:2d:38:53:64:2c:60:c6:6d:27:05:96:29:fa:
8a:b3:ca:d2:5e:1f:d4:3f:b6:ab:e0:15:6e:e2:e3:68:58:c3:
9e:7e:d9:7d:d7:7c:95:27:79:ef:a0:24:58:e0:e6:b8:48:dc:
a7:3e:bc:07:61:29:49:07:b8:d7:ae:45:24:9f:2e:fe:53:18:
e7:bc:63:50:07:ae:2b:75:0d:b1:45:25:5d:14:56:b3:9e:a0:
67:4c:99:bb:27:cb:65:df:ae:62:4c:71:7b:ae:8b:7d:b1:c6:
88:45:a0:4c:a7:95:a6:b0:63:cd:65:38:92:63:3f:ca:45:f9:
9e:19:d3:61:de:50:39:02:83:54:51:16:5b:7c:b3:84:53:fe:
b8:b1:cb:c9:bf:7a:5c:a8:6f:b5:ba:7e:23:2a:82:29:b2:af:
80:ed:b0:81:95:1c:27:9e:e9:62:40:ce:7a:d4:f5:4a:54:33:
bf:c9:88:32
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZGui3xiKVOK6EGIVO12CcR8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAxMTcwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTBmMjY0MzEzNTA2OTNhYzFhMjc3YmM2OGMxMmQ2YWE3ZjBmYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Ui3/jbmi+UqRGCB8jCCyvsJs5h1
ay/RMUSQP142svCdQKfNmRr2NF7RIQx4w9GFEQGbbyNBlvMNuOlrcn53CCqEzVlJ
sFCbdQPvtx19ngyI7qaKZ9Mk1JFAJDb8FjbTkCO4vJHTTg9CXReGp0UddXQncTLf
+pmsTknBwtdY+nWF/uSTxi3RzYMKBmvq1MVz0DDjVZiRwPO5Isa+XrznFMJe5sjf
PP2jwpwBevPs/qAOcdCa+CtHG19ZM6h1/DZkhr5w+kckMDXAlfBRlgbMJgGtIC2X
1RpTmlnDDRKDX1sw/ksv+dSAOJPVwrHRxZ8RDNqTu41WCsNkCAa11drlYQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFEPJkMTUGk6waJ3vGjBLWqn8PxbMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVVE4bVF4TlFhVHJCb25lOGFNRXRhcWZ3X0ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABka6LaP0wDQYJKoZIhvcNAQELBQADggEB
ACW4LsMwPQb9Eqp4ApUiIezD9WyYmKi7H9qLnREItGA49TmkX63D9R6NGc//f5Vn
hOzjyJp4kSY52YLvs+pWOnj/lo1cRXQ5YNHgnx4/LThTZCxgxm0nBZYp+oqzytJe
H9Q/tqvgFW7i42hYw55+2X3XfJUnee+gJFjg5rhI3Kc+vAdhKUkHuNeuRSSfLv5T
GOe8Y1AHrit1DbFFJV0UVrOeoGdMmbsny2XfrmJMcXuui32xxohFoEynlaawY81l
OJJjP8pF+Z4Z02HeUDkCg1RRFlt8s4RT/rixy8m/elyob7W6fiMqgimyr4DtsIGV
HCee6WJAznrU9UpUM7/JiDI=
-----END CERTIFICATE-----
Generated at Sun Sep 1 19:04:03 2024 by rpki-client on console-fra.rpki-client.org