Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XPCbghvQ4B8K2nWClojoJdFEIxk.roa
File: XPCbghvQ4B8K2nWClojoJdFEIxk.roa (raw, json)
Hash identifier: XBydV0dnAXzMx06wincrd4ye7+gb2oHwXF4yaWSG8e0=
Subject key identifier: 5C:F0:9B:82:1B:D0:E0:1F:0A:DA:75:82:96:88:E8:25:D1:44:23:19
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190FDF3637C0BFABEA6249275AAABE8FEEB
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XPCbghvQ4B8K2nWClojoJdFEIxk.roa
Signing time: Mon 29 Jul 2024 10:05:04 +0000
ROA not before: Mon 29 Jul 2024 10:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 29 Jul 2024 11:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fd:f3:63:7c:0b:fa:be:a6:24:92:75:aa:ab:e8:fe:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 29 10:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cf09b821bd0e01f0ada75829688e825d1442319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:76:46:df:48:a3:a1:38:d0:a9:fb:91:06:43:
77:11:a6:ea:e7:b6:cd:b7:71:36:b5:dd:d4:28:d6:
45:12:67:ed:28:7a:d0:0a:e4:19:a9:d5:d5:80:f5:
3a:01:ca:9f:83:bb:6a:57:a3:be:74:1a:f0:b1:86:
85:b1:30:a1:54:5c:06:b4:c8:c7:77:a6:b3:15:81:
fb:fd:38:2d:88:40:0e:04:83:05:21:8f:ea:ae:c7:
a0:e7:90:09:6e:c4:b0:75:fd:c2:01:d3:65:1f:50:
41:46:cc:2e:28:6d:34:3a:ab:e2:7e:da:6c:45:41:
44:e7:45:2a:68:cc:d8:73:9c:75:03:bd:08:20:99:
d1:0f:90:14:09:0e:08:c9:aa:c4:3a:5d:74:f4:65:
3e:68:64:ff:7d:cc:7d:30:0a:32:b0:f5:7b:02:40:
d4:12:e6:83:2f:aa:58:23:00:d3:73:b1:ad:1e:5c:
2e:08:0d:a4:11:9f:19:5f:1e:f6:e4:38:39:a7:5f:
2e:3e:9a:db:2c:c4:b5:40:bb:1f:1d:03:40:2b:90:
1f:15:7f:28:e8:6a:4f:5b:1d:b7:3a:55:29:0f:57:
ef:8a:77:ae:2c:af:ad:09:44:5a:b6:10:7b:98:28:
e8:79:37:c2:2e:94:9f:eb:c6:a0:2d:19:4e:00:82:
2b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F0:9B:82:1B:D0:E0:1F:0A:DA:75:82:96:88:E8:25:D1:44:23:19
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XPCbghvQ4B8K2nWClojoJdFEIxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
7c:89:08:c4:4f:5d:36:1f:47:c9:6f:75:e9:e1:9b:b3:ad:40:
89:cb:8c:b7:0f:7a:15:46:02:99:c8:ba:97:6b:34:42:88:8f:
e2:dd:da:f5:3d:a2:ec:14:82:8f:fc:49:1d:2f:5a:ae:cd:eb:
6b:5d:22:cc:32:3e:8e:af:25:d5:8b:47:10:76:46:f0:de:03:
23:20:f3:88:93:cd:06:f4:a2:03:10:6b:36:33:3a:06:23:4c:
21:d8:09:e5:86:ae:1e:2a:c5:5e:93:2e:49:c0:e6:86:5a:74:
dd:cd:e0:00:90:31:bb:c7:a7:e1:e6:35:7e:39:c5:fa:0f:d6:
af:e6:84:62:2b:d6:f3:67:b7:de:07:d4:28:be:b6:a2:83:56:
09:3e:be:f7:1f:9e:f3:ae:eb:5d:77:26:df:79:05:f2:41:05:
2e:fb:81:09:5c:38:fc:03:91:c3:01:aa:d7:d4:18:20:4f:35:
29:74:85:c3:d0:4e:f6:54:f8:c0:38:1c:b4:1d:1d:41:48:5d:
1f:0d:4f:fc:ed:4d:d2:0d:1a:65:9b:b7:44:71:94:7f:4e:8a:
ae:96:7b:18:5c:a9:3f:fd:cb:a8:62:c7:c7:d6:45:1e:ff:a6:
a0:b8:df:21:4a:b8:00:be:75:16:14:96:01:a5:3e:de:e0:56:
8b:4f:3f:96
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZD982N8C/q+piSSdaqr6P7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzI5MTAwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2YwOWI4MjFiZDBlMDFmMGFkYTc1ODI5Njg4ZTgyNWQxNDQyMzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXZG30ijoTjQqfuRBkN3Eabq57bN
t3E2td3UKNZFEmftKHrQCuQZqdXVgPU6Acqfg7tqV6O+dBrwsYaFsTChVFwGtMjH
d6azFYH7/TgtiEAOBIMFIY/qrseg55AJbsSwdf3CAdNlH1BBRswuKG00Oqviftps
RUFE50UqaMzYc5x1A70IIJnRD5AUCQ4IyarEOl109GU+aGT/fcx9MAoysPV7AkDU
EuaDL6pYIwDTc7GtHlwuCA2kEZ8ZXx725Dg5p18uPprbLMS1QLsfHQNAK5AfFX8o
6GpPWx23OlUpD1fvineuLK+tCURathB7mCjoeTfCLpSf68agLRlOAIIrwwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFzwm4Ib0OAfCtp1gpaI6CXRRCMZMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWFBDYmdodlE0QjhLMm5XQ2xvam9KZEZFSXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAfIkIxE9dNh9HyW916eGbs61A
icuMtw96FUYCmci6l2s0QoiP4t3a9T2i7BSCj/xJHS9ars3ra10izDI+jq8l1YtH
EHZG8N4DIyDziJPNBvSiAxBrNjM6BiNMIdgJ5YauHirFXpMuScDmhlp03c3gAJAx
u8en4eY1fjnF+g/Wr+aEYivW82e33gfUKL62ooNWCT6+9x+e867rXXcm33kF8kEF
LvuBCVw4/AORwwGq19QYIE81KXSFw9BO9lT4wDgctB0dQUhdHw1P/O1N0g0aZZu3
RHGUf06KrpZ7GFypP/3LqGLHx9ZFHv+moLjfIUq4AL51FhSWAaU+3uBWi08/lg==
-----END CERTIFICATE-----
Generated at Mon Jul 29 13:52:11 2024 by rpki-client on console-fra.rpki-client.org