Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/W9J8sRHB2QdEhVrkkQnlaywekVU.roa
File: W9J8sRHB2QdEhVrkkQnlaywekVU.roa (raw, json)
Hash identifier: cM0xDG0AiyMO662BOPYceUxz6Uw97cuilya2eQqwZQY=
Subject key identifier: 5B:D2:7C:B1:11:C1:D9:07:44:85:5A:E4:91:09:E5:6B:2C:1E:91:55
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191AB59EB88D95607E6E1AFA75CF1967299
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/W9J8sRHB2QdEhVrkkQnlaywekVU.roa
Signing time: Sun 01 Sep 2024 02:11:22 +0000
ROA not before: Sun 01 Sep 2024 02:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 01 Sep 2024 03:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ab:59:eb:88:d9:56:07:e6:e1:af:a7:5c:f1:96:72:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 1 02:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5bd27cb111c1d90744855ae49109e56b2c1e9155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:85:5a:64:d2:3a:49:05:ca:6b:9e:c9:55:d2:
bc:26:fa:77:f1:cd:77:ab:48:ef:7d:a0:05:6f:e6:
96:41:61:f0:f3:b5:1d:77:87:49:9d:01:7b:ab:1c:
be:39:8a:e6:7d:db:f1:51:44:5a:fc:1b:ef:c3:b1:
28:f0:2b:d4:80:b2:b9:e8:4f:65:ff:7a:8a:82:0a:
80:6f:21:5e:6e:10:5f:f7:db:31:d7:69:80:c4:52:
2a:23:0f:68:de:ad:a2:66:1b:0d:8f:d4:0f:15:8e:
0e:35:58:27:ee:b7:91:11:76:c7:7d:70:6c:f2:18:
5f:ab:66:51:b2:b8:a9:8c:15:c8:f1:77:72:48:9b:
85:de:9e:68:87:38:d3:e4:86:df:67:36:84:e7:66:
3c:f2:c6:58:91:a9:79:7a:85:8e:18:3e:28:2a:6c:
5a:a7:c2:cb:67:fd:fb:05:3d:32:2d:d1:a5:d5:de:
d1:63:13:30:68:22:c0:a7:03:a2:38:d5:a7:1f:67:
60:1a:a1:4a:8f:0c:b8:d8:7a:b4:01:0e:54:ef:c2:
8b:55:3e:b0:6c:80:ed:22:f5:af:8e:61:2d:2d:45:
c6:8a:a5:99:ab:ac:36:20:bf:cd:87:aa:50:8d:b5:
6f:6b:c9:f3:01:25:b1:20:54:1a:c9:6f:c2:52:ce:
e2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:D2:7C:B1:11:C1:D9:07:44:85:5A:E4:91:09:E5:6B:2C:1E:91:55
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/W9J8sRHB2QdEhVrkkQnlaywekVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
17:69:4e:a6:a1:b1:de:fd:ca:ab:2f:a4:77:5e:60:9e:74:88:
9b:90:d8:c5:a9:f1:80:48:e2:c3:06:f9:dc:1b:7a:31:63:71:
f6:a8:eb:5f:40:16:84:76:2f:b6:3b:91:4b:ea:43:36:f2:23:
25:11:60:8e:a6:5e:bd:12:be:53:de:3f:ad:a0:d0:88:40:cc:
a6:fd:75:28:29:30:67:18:7a:04:af:ce:b4:1b:57:22:43:b8:
6d:20:73:24:42:43:f1:23:9b:83:b8:a8:8f:5c:9d:f9:e8:5f:
79:06:41:c9:0c:db:16:4a:d0:fa:e7:2a:8e:3c:54:b2:7e:4f:
db:dc:c3:7a:21:52:24:eb:5d:a0:40:e8:f4:d0:f2:c2:fe:05:
1f:50:b9:72:5e:fc:92:71:8a:c7:d1:b3:19:1c:8e:08:f5:0f:
00:f4:f5:36:8c:fc:c1:90:72:df:99:e9:c8:45:04:0a:d6:28:
80:9e:bc:d0:95:cc:22:e4:1a:e2:11:e8:fd:5c:af:b3:10:58:
f1:1b:02:3a:b0:52:cd:b9:02:bf:2b:8d:5e:14:b3:25:99:4d:
b9:e5:30:b3:3b:59:98:25:58:52:b8:18:20:77:ca:f7:0c:58:
a9:81:36:e8:37:5c:7b:7a:9b:bf:dd:ec:35:b8:a2:ef:1c:f3:
24:0f:21:00
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGrWeuI2VYH5uGvp1zxlnKZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAxMDIxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmQyN2NiMTExYzFkOTA3NDQ4NTVhZTQ5MTA5ZTU2YjJjMWU5MTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7YVaZNI6SQXKa57JVdK8Jvp38c13
q0jvfaAFb+aWQWHw87Udd4dJnQF7qxy+OYrmfdvxUURa/Bvvw7Eo8CvUgLK56E9l
/3qKggqAbyFebhBf99sx12mAxFIqIw9o3q2iZhsNj9QPFY4ONVgn7reREXbHfXBs
8hhfq2ZRsripjBXI8XdySJuF3p5ohzjT5IbfZzaE52Y88sZYkal5eoWOGD4oKmxa
p8LLZ/37BT0yLdGl1d7RYxMwaCLApwOiONWnH2dgGqFKjwy42Hq0AQ5U78KLVT6w
bIDtIvWvjmEtLUXGiqWZq6w2IL/Nh6pQjbVva8nzASWxIFQayW/CUs7i+QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFvSfLERwdkHRIVa5JEJ5WssHpFVMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVzlKOHNSSEIyUWRFaFZya2tRbmxheXdla1ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAF2lOpqGx3v3Kqy+kd15gnnSI
m5DYxanxgEjiwwb53Bt6MWNx9qjrX0AWhHYvtjuRS+pDNvIjJRFgjqZevRK+U94/
raDQiEDMpv11KCkwZxh6BK/OtBtXIkO4bSBzJEJD8SObg7ioj1yd+ehfeQZByQzb
FkrQ+ucqjjxUsn5P29zDeiFSJOtdoEDo9NDywv4FH1C5cl78knGKx9GzGRyOCPUP
APT1Noz8wZBy35npyEUECtYogJ680JXMIuQa4hHo/VyvsxBY8RsCOrBSzbkCvyuN
XhSzJZlNueUwsztZmCVYUrgYIHfK9wxYqYE26Ddce3qbv93sNbii7xzzJA8hAA==
-----END CERTIFICATE-----
Generated at Sun Sep 1 04:53:20 2024 by rpki-client on console-fra.rpki-client.org