Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YFwAie2P9BoL7GnKX7hf6n0TLdA.roa
File: YFwAie2P9BoL7GnKX7hf6n0TLdA.roa (raw, json)
Hash identifier: I8HvCm6IaBn3/oyakvwrWkeqHUn+xQuy37vFCdgcv5w=
Subject key identifier: 60:5C:00:89:ED:8F:F4:1A:0B:EC:69:CA:5F:B8:5F:EA:7D:13:2D:D0
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01914BDFBCF2A17F4EE42A3FB9F47CB3E7C6
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YFwAie2P9BoL7GnKX7hf6n0TLdA.roa
Signing time: Tue 13 Aug 2024 13:13:59 +0000
ROA not before: Tue 13 Aug 2024 13:13:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 13 Aug 2024 14:04:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4b:df:bc:f2:a1:7f:4e:e4:2a:3f:b9:f4:7c:b3:e7:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 13 13:13:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=605c0089ed8ff41a0bec69ca5fb85fea7d132dd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4d:b7:82:de:a5:9a:e2:d0:92:8d:3d:59:ef:
df:07:bd:69:fa:14:df:a0:2d:34:8e:f7:07:26:30:
fa:b6:f3:4a:b2:41:c2:52:e7:f8:93:89:aa:85:12:
d0:04:f5:6a:25:34:66:d8:b8:85:57:a6:89:e6:a9:
29:3d:b1:32:0d:7b:0e:ce:5e:b3:64:f7:19:53:84:
5d:81:99:d6:d1:dc:77:e7:fc:4d:c6:3e:f8:66:1e:
5a:31:ba:74:d6:bd:9f:70:27:91:8a:03:e4:09:53:
84:c3:97:70:c7:53:30:48:13:df:da:f3:44:50:df:
61:9f:a5:84:b7:7a:0f:34:cb:57:86:d9:5a:74:ec:
0b:20:e8:95:11:e4:50:62:9e:c4:53:89:0c:87:1c:
90:62:34:58:4c:6c:b7:fe:63:da:0c:36:93:fa:ff:
de:02:e6:8a:a6:a6:c2:f7:e2:3f:32:ca:fb:fa:93:
c1:61:b2:f7:c8:e3:f7:bf:05:10:07:47:35:34:39:
19:c7:db:c3:c9:53:74:13:48:34:45:40:08:99:e9:
8e:4d:13:51:c7:b6:a1:bc:e0:30:47:e3:d1:57:82:
42:ae:07:08:f9:74:ed:3d:6b:ec:4d:c6:e5:76:ac:
cb:cb:49:fb:d1:a8:84:a8:85:06:e2:ff:fe:da:38:
5f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:5C:00:89:ED:8F:F4:1A:0B:EC:69:CA:5F:B8:5F:EA:7D:13:2D:D0
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YFwAie2P9BoL7GnKX7hf6n0TLdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
2d:83:32:e8:12:a6:f2:fe:b4:b8:39:af:84:f0:25:c4:c6:9b:
a3:55:4a:08:91:1c:f8:c9:94:7e:98:e0:c9:35:57:5e:d3:34:
d2:73:ce:a9:3f:ca:a6:21:78:f5:55:32:bc:9f:4a:a4:8d:9f:
d1:24:c7:3e:b4:a4:f4:8a:49:94:c1:6e:c2:97:26:0b:51:2e:
4d:f3:0d:6a:54:01:ee:f2:ef:83:7c:01:a9:5b:8c:fc:d5:8c:
b3:04:36:5c:9d:78:6a:7f:82:73:5b:8e:aa:d5:10:65:9a:f9:
28:5a:30:c5:ce:5f:7b:3d:23:f7:30:85:d7:7b:78:cf:05:c0:
08:d0:56:ea:66:69:a9:7d:a8:f7:f7:ef:e8:be:5b:33:73:e3:
07:31:9f:f5:3e:51:e9:b5:6c:fc:81:e2:12:10:97:22:c0:39:
6b:30:98:94:45:ed:2b:32:92:d8:fd:9a:97:85:6e:9f:f0:ea:
30:9e:c7:f5:60:af:44:d8:65:cc:69:a9:39:12:7c:cf:44:b2:
fc:82:c1:e3:2d:06:11:60:b3:60:eb:cd:7e:a1:25:83:c0:ae:
e0:33:70:46:d6:08:d8:9b:2b:8f:e4:36:f1:89:71:4a:ba:39:
24:70:f0:b2:89:01:05:9d:fa:49:6c:22:ff:b5:23:b6:e2:91:
82:88:cf:fc
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFL37zyoX9O5Co/ufR8s+fGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODEzMTMxMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDVjMDA4OWVkOGZmNDFhMGJlYzY5Y2E1ZmI4NWZlYTdkMTMyZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAok23gt6lmuLQko09We/fB71p+hTf
oC00jvcHJjD6tvNKskHCUuf4k4mqhRLQBPVqJTRm2LiFV6aJ5qkpPbEyDXsOzl6z
ZPcZU4RdgZnW0dx35/xNxj74Zh5aMbp01r2fcCeRigPkCVOEw5dwx1MwSBPf2vNE
UN9hn6WEt3oPNMtXhtladOwLIOiVEeRQYp7EU4kMhxyQYjRYTGy3/mPaDDaT+v/e
AuaKpqbC9+I/Msr7+pPBYbL3yOP3vwUQB0c1NDkZx9vDyVN0E0g0RUAImemOTRNR
x7ahvOAwR+PRV4JCrgcI+XTtPWvsTcbldqzLy0n70aiEqIUG4v/+2jhfTQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGBcAIntj/QaC+xpyl+4X+p9Ey3QMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWUZ3QWllMlA5Qm9MN0duS1g3aGY2bjBUTGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEALYMy6BKm8v60uDmvhPAlxMab
o1VKCJEc+MmUfpjgyTVXXtM00nPOqT/KpiF49VUyvJ9KpI2f0STHPrSk9IpJlMFu
wpcmC1EuTfMNalQB7vLvg3wBqVuM/NWMswQ2XJ14an+Cc1uOqtUQZZr5KFowxc5f
ez0j9zCF13t4zwXACNBW6mZpqX2o9/fv6L5bM3PjBzGf9T5R6bVs/IHiEhCXIsA5
azCYlEXtKzKS2P2al4Vun/DqMJ7H9WCvRNhlzGmpORJ8z0Sy/ILB4y0GEWCzYOvN
fqElg8Cu4DNwRtYI2Jsrj+Q28YlxSro5JHDwsokBBZ36SWwi/7UjtuKRgojP/A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:27 2025 by rpki-client