Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UzHLF5SzhppRcI7vMglpmNpuAdI.roa
File: UzHLF5SzhppRcI7vMglpmNpuAdI.roa (raw, json)
Hash identifier: MN+Tajt2t8LDns25yCbSs/LIGC5AV3rWfMiitDcmre0=
Subject key identifier: 53:31:CB:17:94:B3:86:9A:51:70:8E:EF:32:09:69:98:DA:6E:01:D2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191C1E2F2D2CAF7EFCCE2A1B87525420035
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UzHLF5SzhppRcI7vMglpmNpuAdI.roa
Signing time: Thu 05 Sep 2024 11:12:41 +0000
ROA not before: Thu 05 Sep 2024 11:12:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 05 Sep 2024 12:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c1:e2:f2:d2:ca:f7:ef:cc:e2:a1:b8:75:25:42:00:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 5 11:12:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5331cb1794b3869a51708eef32096998da6e01d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:eb:7d:4e:2b:db:fe:4b:c0:f6:a3:58:85:18:
1b:34:c4:eb:80:98:97:01:c8:32:8a:58:b5:e2:fd:
ef:f2:5a:4c:3c:9d:61:f3:0a:a5:0c:2c:84:7f:33:
16:f2:37:90:e3:0b:e8:d1:e4:54:8b:de:3e:32:01:
b8:f4:a3:9a:0d:07:01:f7:de:8f:63:25:c4:6c:37:
6b:8b:da:5c:41:73:f2:8d:21:98:d0:37:8b:ff:bd:
b4:7a:a0:e3:f3:97:c3:9b:89:d8:57:4a:96:ad:1b:
ab:ff:6e:2a:61:25:bf:34:ed:61:8e:ed:60:9a:e8:
ea:1c:44:c5:ff:e2:28:48:af:14:af:18:b3:a4:f6:
c1:f9:03:da:d3:4f:ab:65:0a:ab:ea:22:c1:f6:ec:
e6:cb:c0:dc:e7:fd:bf:f7:70:e4:9e:40:26:4e:62:
37:b8:03:5e:d9:5d:a6:b5:35:91:1c:b4:da:62:8f:
6d:0d:e2:14:05:b5:f6:74:97:7c:48:74:b4:96:44:
95:5c:26:b2:a6:99:47:05:ef:a1:73:6c:06:db:94:
b3:31:97:b2:02:7e:45:3b:72:75:ed:ec:59:a5:03:
e0:9b:a1:31:13:59:e1:e5:28:2c:e3:d6:25:5e:ad:
fc:fa:8d:3a:aa:03:dd:69:00:66:ed:00:09:de:2a:
14:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:31:CB:17:94:B3:86:9A:51:70:8E:EF:32:09:69:98:DA:6E:01:D2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UzHLF5SzhppRcI7vMglpmNpuAdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
8c:b1:c4:5f:e2:a1:6e:70:b2:32:d5:c6:19:a0:3a:b8:b8:9c:
bb:aa:df:80:02:08:6e:48:95:0a:fc:58:61:fe:df:7c:1f:b0:
82:72:9f:ad:5d:2c:48:7d:ad:5e:e9:01:61:ad:a4:d0:ef:c4:
82:84:e8:b8:5d:4b:1e:4a:da:0f:e2:69:5c:3d:bc:4c:e5:b6:
fa:df:e1:78:08:fd:b2:77:5a:87:96:98:47:e1:88:e6:8e:46:
9c:3d:22:a9:19:cd:fa:1d:6f:61:50:e8:29:c1:b7:2a:9b:f1:
15:bb:26:1d:d9:66:f7:41:ab:bf:25:d2:5c:d2:ef:2d:5b:e6:
26:0f:b7:2a:b5:bb:15:b4:b9:70:96:dc:fd:5e:90:36:4c:30:
3b:76:b2:03:c9:a9:7d:d8:cb:15:32:c1:85:b8:ab:bb:dd:be:
2b:09:26:c0:bf:9d:31:41:34:6b:5c:5b:fb:cb:22:7e:fd:d8:
d6:29:1e:ec:6d:b1:53:fb:d1:98:c9:9a:26:79:74:f9:84:04:
9a:af:20:bf:a0:ec:2e:4f:a3:8a:cf:70:99:c4:09:05:b3:95:
5b:df:12:bf:11:9f:bc:3e:f1:3c:85:16:d3:02:ff:03:aa:cb:
24:38:0c:b5:02:5c:e2:ef:ce:4c:2a:4c:fc:1f:01:95:79:ce:
9c:47:ab:de
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZHB4vLSyvfvzOKhuHUlQgA1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA1MTExMjQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzMxY2IxNzk0YjM4NjlhNTE3MDhlZWYzMjA5Njk5OGRhNmUwMWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqet9Tivb/kvA9qNYhRgbNMTrgJiX
Acgyili14v3v8lpMPJ1h8wqlDCyEfzMW8jeQ4wvo0eRUi94+MgG49KOaDQcB996P
YyXEbDdri9pcQXPyjSGY0DeL/720eqDj85fDm4nYV0qWrRur/24qYSW/NO1hju1g
mujqHETF/+IoSK8UrxizpPbB+QPa00+rZQqr6iLB9uzmy8Dc5/2/93DknkAmTmI3
uANe2V2mtTWRHLTaYo9tDeIUBbX2dJd8SHS0lkSVXCaypplHBe+hc2wG25SzMZey
An5FO3J17exZpQPgm6ExE1nh5Sgs49YlXq38+o06qgPdaQBm7QAJ3ioUiQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFMxyxeUs4aaUXCO7zIJaZjabgHSMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVXpITEY1U3pocHBSY0k3dk1nbHBtTnB1QWRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAjLHEX+KhbnCyMtXGGaA6uLic
u6rfgAIIbkiVCvxYYf7ffB+wgnKfrV0sSH2tXukBYa2k0O/EgoTouF1LHkraD+Jp
XD28TOW2+t/heAj9sndah5aYR+GI5o5GnD0iqRnN+h1vYVDoKcG3KpvxFbsmHdlm
90GrvyXSXNLvLVvmJg+3KrW7FbS5cJbc/V6QNkwwO3ayA8mpfdjLFTLBhbiru92+
KwkmwL+dMUE0a1xb+8sifv3Y1ike7G2xU/vRmMmaJnl0+YQEmq8gv6DsLk+jis9w
mcQJBbOVW98SvxGfvD7xPIUW0wL/A6rLJDgMtQJc4u/OTCpM/B8BlXnOnEer3g==
-----END CERTIFICATE-----
Generated at Thu Sep 5 14:38:44 2024 by rpki-client on console-fra.rpki-client.org