Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XnJZFVEZUZPld_xF0p-X1ya8Qzs.roa
File: XnJZFVEZUZPld_xF0p-X1ya8Qzs.roa (raw, json)
Hash identifier: KPcYMpeD8lbeNDdvAtfCxwYZ/8HowzEU+Tq7uauoyKE=
Subject key identifier: 5E:72:59:15:51:19:51:93:E5:77:FC:45:D2:9F:97:D7:26:BC:43:3B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019102B09F9A3E1DE290015F1D0E4916F291
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XnJZFVEZUZPld_xF0p-X1ya8Qzs.roa
Signing time: Tue 30 Jul 2024 08:10:15 +0000
ROA not before: Tue 30 Jul 2024 08:10:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 30 Jul 2024 09:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:02:b0:9f:9a:3e:1d:e2:90:01:5f:1d:0e:49:16:f2:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 30 08:10:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e72591551195193e577fc45d29f97d726bc433b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c1:4a:c4:a5:b2:7a:5b:15:a1:3a:fa:d2:fd:
aa:fb:a4:33:b0:7d:14:c6:7a:25:6e:93:a4:7d:d3:
cf:90:7e:fc:da:c0:f2:11:00:64:b3:b4:36:9f:2f:
8a:ba:f4:d1:6e:d0:06:c1:8a:29:42:46:7a:bc:61:
68:bd:60:e4:0c:52:62:42:9c:c9:10:1f:10:f6:77:
e3:ae:90:8a:12:66:a4:19:3a:d6:20:34:91:6d:0b:
b2:bf:e7:0b:e8:30:84:e0:f0:bd:8c:65:5e:a5:48:
5d:f7:36:50:17:21:aa:fc:3b:3a:00:82:db:51:45:
f9:20:61:e8:34:1d:c9:27:ac:87:c6:26:57:49:b6:
38:f4:c1:68:5d:6a:6c:dd:12:17:0c:3d:a7:8d:db:
e0:33:7c:51:b4:2a:6b:77:2f:6e:ac:06:ea:3d:b2:
5f:b7:39:3c:20:fd:03:c4:02:84:02:8e:25:aa:cb:
9d:07:ef:53:12:ec:ab:c9:e5:f9:89:8a:c5:0e:ff:
c5:8f:ec:cd:4a:3b:42:e1:51:a5:69:43:b4:25:87:
e9:a0:e7:f8:77:51:8e:72:aa:98:07:2a:fc:28:e0:
09:e8:12:e8:5c:1e:c8:40:05:bd:07:49:e7:2c:2f:
65:58:70:6d:ea:27:db:72:08:fb:be:af:e7:b4:f5:
b9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:72:59:15:51:19:51:93:E5:77:FC:45:D2:9F:97:D7:26:BC:43:3B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XnJZFVEZUZPld_xF0p-X1ya8Qzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
2e:a8:9d:22:cf:72:0e:c3:05:bf:a5:09:7f:61:01:f7:b1:83:
47:ae:21:66:a4:1b:c8:73:42:aa:df:d0:ff:f9:31:b8:8d:72:
f5:99:7b:49:3d:2e:8b:df:ee:e3:df:e2:9d:90:8e:9e:d8:14:
31:90:ed:90:bd:b8:bd:e3:51:79:fe:7e:17:3a:23:51:bb:4e:
1e:db:9c:a9:c1:3a:68:c9:09:41:83:74:80:d2:96:3e:24:e6:
27:f3:6f:a8:4c:be:3a:d5:c0:5c:aa:ff:45:37:da:9f:78:ac:
f7:52:af:ab:22:05:a3:7d:57:27:63:4a:79:42:c1:71:7d:34:
80:14:6b:fb:41:d6:15:84:fe:44:10:1b:2a:35:eb:ae:68:cf:
d2:8a:8e:88:eb:21:e2:22:4b:61:ca:cc:53:13:95:66:c0:6d:
6f:5b:98:e3:cc:9c:8d:a8:c4:29:cd:d4:26:55:4a:1a:06:77:
0d:3d:67:c5:42:c4:38:dc:c3:e1:43:2e:68:3e:f3:d1:91:80:
ca:ac:47:04:2a:f8:8a:08:bf:fb:84:b3:4a:fe:be:d5:c2:7d:
6c:d8:30:c3:e0:47:0c:50:12:92:a0:5e:67:e6:b1:21:39:3c:
1b:75:e7:69:17:60:1d:a5:44:7d:f8:73:1d:0c:f5:ff:b1:83:
7f:90:04:6f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZECsJ+aPh3ikAFfHQ5JFvKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzMwMDgxMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTcyNTkxNTUxMTk1MTkzZTU3N2ZjNDVkMjlmOTdkNzI2YmM0MzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsFKxKWyelsVoTr60v2q+6QzsH0U
xnolbpOkfdPPkH782sDyEQBks7Q2ny+KuvTRbtAGwYopQkZ6vGFovWDkDFJiQpzJ
EB8Q9nfjrpCKEmakGTrWIDSRbQuyv+cL6DCE4PC9jGVepUhd9zZQFyGq/Ds6AILb
UUX5IGHoNB3JJ6yHxiZXSbY49MFoXWps3RIXDD2njdvgM3xRtCprdy9urAbqPbJf
tzk8IP0DxAKEAo4lqsudB+9TEuyryeX5iYrFDv/Fj+zNSjtC4VGlaUO0JYfpoOf4
d1GOcqqYByr8KOAJ6BLoXB7IQAW9B0nnLC9lWHBt6ifbcgj7vq/ntPW5PwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFF5yWRVRGVGT5Xf8RdKfl9cmvEM7MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWG5KWkZWRVpVWlBsZF94RjBwLVgxeWE4UXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEALqidIs9yDsMFv6UJf2EB97GD
R64hZqQbyHNCqt/Q//kxuI1y9Zl7ST0ui9/u49/inZCOntgUMZDtkL24veNRef5+
FzojUbtOHtucqcE6aMkJQYN0gNKWPiTmJ/NvqEy+OtXAXKr/RTfan3is91KvqyIF
o31XJ2NKeULBcX00gBRr+0HWFYT+RBAbKjXrrmjP0oqOiOsh4iJLYcrMUxOVZsBt
b1uY48ycjajEKc3UJlVKGgZ3DT1nxULEONzD4UMuaD7z0ZGAyqxHBCr4igi/+4Sz
Sv6+1cJ9bNgww+BHDFASkqBeZ+axITk8G3XnaRdgHaVEffhzHQz1/7GDf5AEbw==
-----END CERTIFICATE-----
Generated at Tue Jul 30 12:34:32 2024 by rpki-client on console-ams.rpki-client.org