Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UjSr4G6lbA29sc57vPuSpoxgBRU.roa
File: UjSr4G6lbA29sc57vPuSpoxgBRU.roa (raw, json)
Hash identifier: 7vnESaXw807n/Cp599DRWzVtWYO8He/1l2r52Hf5RSA=
Subject key identifier: 52:34:AB:E0:6E:A5:6C:0D:BD:B1:CE:7B:BC:FB:92:A6:8C:60:05:15
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01918A18C2FE22581346AACB2D76E8A86B31
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UjSr4G6lbA29sc57vPuSpoxgBRU.roa
Signing time: Sun 25 Aug 2024 15:12:44 +0000
ROA not before: Sun 25 Aug 2024 15:12:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 25 Aug 2024 16:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8a:18:c2:fe:22:58:13:46:aa:cb:2d:76:e8:a8:6b:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 25 15:12:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5234abe06ea56c0dbdb1ce7bbcfb92a68c600515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:cb:01:70:d4:5b:ec:d9:9e:81:88:89:92:17:
9a:08:ee:ed:73:16:04:6f:53:13:8a:c8:e2:65:de:
2f:25:12:0a:99:15:ba:74:a6:29:c0:76:92:05:ec:
29:ac:50:7b:5e:4e:7a:d8:bb:72:c9:5a:e4:77:c8:
50:1f:48:17:9f:3b:a8:bb:1d:01:a0:50:32:96:d8:
e3:9e:76:13:ec:ee:51:85:97:1f:72:aa:e3:3a:34:
27:3f:1f:54:27:05:65:7c:4e:3d:02:b7:9c:84:2a:
14:26:8b:79:ee:12:70:86:ea:6e:ea:37:60:e0:e1:
bb:38:52:55:ca:9e:ae:6e:d4:12:65:c1:1a:0f:9e:
25:2a:db:e6:e6:a2:24:a2:1b:71:2a:03:f8:a3:43:
e3:63:9a:d8:97:26:4d:0c:53:ca:ea:d3:1a:7d:db:
72:04:c4:d8:f7:c7:66:ee:9b:89:eb:a5:4d:a7:3b:
51:63:67:dd:73:f5:7f:66:80:18:49:dc:cc:51:70:
ce:a0:ea:58:c3:19:24:6f:34:61:cd:27:cb:74:de:
1f:de:49:68:22:0b:e6:1f:a8:66:3b:ec:db:e3:77:
84:a1:2c:85:44:24:8a:26:8f:90:fa:ba:d5:af:13:
96:d2:08:b3:d5:a2:c1:5b:f4:5e:c3:ee:5b:bf:bd:
33:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:34:AB:E0:6E:A5:6C:0D:BD:B1:CE:7B:BC:FB:92:A6:8C:60:05:15
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UjSr4G6lbA29sc57vPuSpoxgBRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
89:19:4c:fc:fa:d9:c1:17:7f:af:49:66:a3:4c:e4:22:d5:b9:
39:bb:50:e1:40:73:e4:a3:22:29:32:62:4d:f0:6c:a9:b8:94:
b1:32:14:e5:36:53:cc:83:6a:52:0f:62:b2:64:74:63:f8:73:
9f:03:33:d2:f0:62:2a:d4:13:cb:17:5f:3a:8c:1d:0e:65:71:
90:76:57:cc:09:02:cf:24:b9:77:33:b8:3b:74:68:04:a0:36:
f0:97:33:33:29:46:86:cf:3d:18:84:0d:22:f3:f9:cf:04:bd:
f6:6e:6b:bf:46:73:70:2b:95:84:0e:fd:84:fb:f1:28:60:02:
cd:ec:63:27:c3:64:cf:76:e8:2f:e5:97:c3:04:24:30:8a:d6:
94:cb:65:49:6d:a6:db:75:1b:02:77:f8:7a:32:49:29:e1:3b:
c8:cf:ff:8f:d5:96:fd:74:2a:84:0e:da:9a:5e:71:bd:f7:55:
58:c3:b9:55:90:8e:11:09:4d:08:45:fb:7c:64:44:0a:a7:3f:
8a:81:70:2b:d1:29:c6:e9:2c:74:11:7f:a5:dc:04:26:fb:58:
9c:a6:36:2a:cb:56:f2:69:aa:b5:a2:42:29:d9:ee:e8:3c:b1:
99:ab:3b:17:89:48:ed:aa:f0:f5:7a:ad:34:e1:35:14:6b:33:
6f:8c:20:ba
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGKGML+IlgTRqrLLXboqGsxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI1MTUxMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjM0YWJlMDZlYTU2YzBkYmRiMWNlN2JiY2ZiOTJhNjhjNjAwNTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAissBcNRb7NmegYiJkheaCO7tcxYE
b1MTisjiZd4vJRIKmRW6dKYpwHaSBewprFB7Xk562LtyyVrkd8hQH0gXnzuoux0B
oFAyltjjnnYT7O5RhZcfcqrjOjQnPx9UJwVlfE49ArechCoUJot57hJwhupu6jdg
4OG7OFJVyp6ubtQSZcEaD54lKtvm5qIkohtxKgP4o0PjY5rYlyZNDFPK6tMafdty
BMTY98dm7puJ66VNpztRY2fdc/V/ZoAYSdzMUXDOoOpYwxkkbzRhzSfLdN4f3klo
IgvmH6hmO+zb43eEoSyFRCSKJo+Q+rrVrxOW0giz1aLBW/Rew+5bv70zXwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFI0q+BupWwNvbHOe7z7kqaMYAUVMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVWpTcjRHNmxiQTI5c2M1N3ZQdVNwb3hnQlJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAiRlM/PrZwRd/r0lmo0zkItW5
ObtQ4UBz5KMiKTJiTfBsqbiUsTIU5TZTzINqUg9ismR0Y/hznwMz0vBiKtQTyxdf
OowdDmVxkHZXzAkCzyS5dzO4O3RoBKA28JczMylGhs89GIQNIvP5zwS99m5rv0Zz
cCuVhA79hPvxKGACzexjJ8Nkz3boL+WXwwQkMIrWlMtlSW2m23UbAnf4ejJJKeE7
yM//j9WW/XQqhA7aml5xvfdVWMO5VZCOEQlNCEX7fGRECqc/ioFwK9EpxuksdBF/
pdwEJvtYnKY2KstW8mmqtaJCKdnu6Dyxmas7F4lI7arw9XqtNOE1FGszb4wgug==
-----END CERTIFICATE-----
Generated at Sun Aug 25 19:45:56 2024 by rpki-client on console-ams.rpki-client.org