Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XT1fWb-QIEAgJUzzoYo3iwhz70o.roa
File: XT1fWb-QIEAgJUzzoYo3iwhz70o.roa (raw, json)
Hash identifier: /4ZlRKzLmKeS910zNclKW3+fhic1DtPoZRpJQ5QjgTQ=
Subject key identifier: 5D:3D:5F:59:BF:90:20:40:20:25:4C:F3:A1:8A:37:8B:08:73:EF:4A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191144AB0886E0FDF2FF953DD8A5F8F111C
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XT1fWb-QIEAgJUzzoYo3iwhz70o.roa
Signing time: Fri 02 Aug 2024 18:12:04 +0000
ROA not before: Fri 02 Aug 2024 18:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 02 Aug 2024 19:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:14:4a:b0:88:6e:0f:df:2f:f9:53:dd:8a:5f:8f:11:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 2 18:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d3d5f59bf90204020254cf3a18a378b0873ef4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b5:66:08:f9:d2:86:2d:ca:2b:d3:72:95:ef:
4d:0a:6f:b1:1f:16:3b:48:ae:70:af:80:dc:20:33:
63:1e:d8:a4:b5:6d:d1:11:de:79:4f:06:8c:66:de:
ae:30:1d:85:48:f7:8e:c9:f6:17:46:5e:4a:85:03:
2f:8e:4d:c1:b1:fd:b1:0a:91:af:08:ea:b6:98:13:
90:fb:19:22:e6:42:49:f6:ba:d7:5a:9d:4a:d0:ee:
8e:30:bb:c5:a2:d6:b4:6e:6a:b2:99:c0:dd:cf:14:
53:3f:cd:11:20:aa:0d:6b:0f:b8:dd:f5:2e:6d:17:
1c:3b:4d:06:8e:89:74:d7:98:78:3c:dd:24:c8:6e:
fe:b1:0a:f8:aa:3a:ee:4c:15:fa:dc:0e:43:a9:22:
17:fe:e9:4d:79:4d:5e:8a:21:2b:e5:78:6b:85:8a:
11:ed:9b:dc:a8:64:5f:ef:ad:73:73:03:f4:59:c2:
03:22:0e:25:08:08:e6:71:d2:bc:69:0a:01:12:f8:
9a:8b:bd:56:f9:36:7c:59:16:44:02:48:52:f6:b9:
36:f6:12:38:8d:21:5a:fe:c9:20:a2:30:9d:e1:00:
61:dd:ba:af:54:c5:ea:72:f8:df:81:7c:16:11:b5:
82:a1:fc:45:17:a1:62:e9:5b:22:08:fe:0e:ca:19:
f4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:3D:5F:59:BF:90:20:40:20:25:4C:F3:A1:8A:37:8B:08:73:EF:4A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XT1fWb-QIEAgJUzzoYo3iwhz70o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
00:7b:0b:0a:74:6b:fc:e4:a9:49:69:d8:dd:45:41:1d:6e:83:
12:cd:5d:e3:fb:8b:ef:d0:a1:6d:7b:4e:6b:c4:ff:b2:e2:64:
d6:de:8c:b6:cf:a9:88:8d:e6:f7:59:e7:37:f5:a4:6e:b6:9e:
4d:d1:bc:06:2a:55:30:dd:26:a7:3f:c5:df:21:6e:05:15:34:
1a:bc:b0:2f:a5:7b:c1:f3:ab:8e:65:f0:47:98:89:a9:7d:7a:
b5:f6:18:fb:f1:13:20:84:03:b5:10:32:ee:ef:77:36:67:62:
bc:f3:5f:62:6d:88:8f:aa:ad:78:ba:4a:14:ee:25:78:db:c3:
bf:b2:9d:c2:0a:c3:68:38:23:46:b9:94:86:88:f0:52:a8:71:
8b:fe:e8:c6:40:ba:22:da:b3:aa:e2:08:87:13:57:4e:26:92:
20:0c:e8:4d:b2:56:15:2b:cb:03:58:b8:c4:db:48:63:93:cb:
9b:7a:75:c2:34:03:32:93:6d:34:32:48:f3:e9:1c:db:27:8f:
aa:ca:3c:8c:50:32:5c:34:8f:e9:10:71:eb:39:e1:9f:ba:11:
aa:b9:dc:0b:b7:02:b3:00:01:b8:e9:cc:e3:95:02:a8:4f:1e:
6e:51:57:0d:00:ce:04:cb:d3:96:08:6b:44:fd:04:2d:cb:48:
4c:01:4e:7b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEUSrCIbg/fL/lT3YpfjxEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODAyMTgxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDNkNWY1OWJmOTAyMDQwMjAyNTRjZjNhMThhMzc4YjA4NzNlZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrVmCPnShi3KK9Nyle9NCm+xHxY7
SK5wr4DcIDNjHtiktW3REd55TwaMZt6uMB2FSPeOyfYXRl5KhQMvjk3Bsf2xCpGv
COq2mBOQ+xki5kJJ9rrXWp1K0O6OMLvFota0bmqymcDdzxRTP80RIKoNaw+43fUu
bRccO00Gjol015h4PN0kyG7+sQr4qjruTBX63A5DqSIX/ulNeU1eiiEr5XhrhYoR
7ZvcqGRf761zcwP0WcIDIg4lCAjmcdK8aQoBEviai71W+TZ8WRZEAkhS9rk29hI4
jSFa/skgojCd4QBh3bqvVMXqcvjfgXwWEbWCofxFF6Fi6VsiCP4Oyhn0/wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFF09X1m/kCBAICVM86GKN4sIc+9KMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWFQxZldiLVFJRUFnSlV6em9ZbzNpd2h6NzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAAHsLCnRr/OSpSWnY3UVBHW6D
Es1d4/uL79ChbXtOa8T/suJk1t6Mts+piI3m91nnN/WkbraeTdG8BipVMN0mpz/F
3yFuBRU0GrywL6V7wfOrjmXwR5iJqX16tfYY+/ETIIQDtRAy7u93NmdivPNfYm2I
j6qteLpKFO4leNvDv7KdwgrDaDgjRrmUhojwUqhxi/7oxkC6ItqzquIIhxNXTiaS
IAzoTbJWFSvLA1i4xNtIY5PLm3p1wjQDMpNtNDJI8+kc2yePqso8jFAyXDSP6RBx
6znhn7oRqrncC7cCswABuOnM45UCqE8eblFXDQDOBMvTlghrRP0ELctITAFOew==
-----END CERTIFICATE-----
Generated at Fri Aug 2 20:38:46 2024 by rpki-client on console-fra.rpki-client.org