Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YdrOAKlMCaAdW4u614uK0OyLjeY.roa
File: YdrOAKlMCaAdW4u614uK0OyLjeY.roa (raw, json)
Hash identifier: vCoAfttzmIsu1D6M4ON/nf86+Znk6dv6K8nKtZE4m/w=
Subject key identifier: 61:DA:CE:00:A9:4C:09:A0:1D:5B:8B:BA:D7:8B:8A:D0:EC:8B:8D:E6
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191038B45D9FCB0540EBF83E892C0997968
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YdrOAKlMCaAdW4u614uK0OyLjeY.roa
Signing time: Tue 30 Jul 2024 12:09:04 +0000
ROA not before: Tue 30 Jul 2024 12:09:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 30 Jul 2024 13:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:03:8b:45:d9:fc:b0:54:0e:bf:83:e8:92:c0:99:79:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 30 12:09:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61dace00a94c09a01d5b8bbad78b8ad0ec8b8de6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:70:f7:0e:d1:cb:fc:68:12:6c:4a:8c:64:50:
bd:19:b2:4d:48:23:0f:de:22:40:ce:56:d6:ae:36:
5d:8f:2a:41:97:b8:4b:46:f9:3f:50:4e:7a:04:95:
2b:23:e4:bd:f5:1f:86:c1:44:27:9b:4a:d5:fa:cf:
e7:b1:ba:19:b7:69:19:f3:35:da:f9:1f:01:a7:45:
98:9e:2b:e7:8a:93:6b:17:b8:5d:09:51:55:26:1d:
82:db:ec:08:09:b3:9c:e4:32:97:38:ec:53:ca:d0:
40:17:6b:1b:ed:74:4e:05:3e:a2:54:6c:32:93:5d:
f5:93:01:0d:8f:4a:16:6f:b5:6c:9d:93:eb:42:11:
95:89:33:77:47:2e:8e:c8:b1:0a:43:5f:3d:c6:2b:
c2:3b:38:c5:b3:60:49:48:d0:cd:c7:e3:8e:01:a5:
f4:95:9b:c2:42:47:97:64:dd:c7:a6:4f:5e:5c:64:
fa:30:46:17:f6:2e:e4:c6:66:c8:0a:f7:ec:db:e4:
30:a3:9a:6d:99:0a:48:0d:ff:aa:07:47:61:da:41:
3f:6d:ec:92:dc:d7:63:15:49:fc:2e:02:e0:53:8f:
bb:21:47:fc:c6:5a:f2:c8:1a:78:bc:c4:42:f1:5c:
55:c5:50:53:be:45:6a:ef:29:36:70:07:e3:df:1c:
99:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:DA:CE:00:A9:4C:09:A0:1D:5B:8B:BA:D7:8B:8A:D0:EC:8B:8D:E6
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YdrOAKlMCaAdW4u614uK0OyLjeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
33:72:57:1f:b0:6b:37:fa:fa:ea:dc:92:f6:8f:a4:4a:f2:13:
c6:39:0d:0c:af:7e:d3:c2:25:34:2f:31:ba:e5:6a:8d:a4:e9:
c6:eb:d0:6a:5b:56:04:12:81:ca:bc:d8:21:f9:74:61:12:74:
23:c5:7e:88:f7:0a:45:96:af:4b:70:36:30:20:6f:80:8e:82:
14:53:fa:a7:b0:45:fa:60:ea:0b:e2:4c:66:91:17:91:c9:78:
89:4f:6c:62:4b:e3:68:56:34:d3:ea:45:e9:8b:1f:53:92:bb:
33:ea:12:13:89:39:6f:56:cc:fe:1c:06:45:31:43:83:60:33:
46:75:56:2a:b6:f9:59:41:b1:f6:a7:d3:94:48:61:f1:94:78:
ea:2e:2f:30:15:66:e6:31:37:27:52:d3:9a:0c:7a:ff:63:e6:
36:f5:cb:2d:cf:4d:b9:b1:fb:ba:ef:9b:c6:ba:49:c7:5d:94:
68:c8:8c:59:3c:3d:a9:d1:28:7f:12:dd:76:0e:7e:60:c9:26:
95:d1:39:07:7a:be:4f:a0:ad:71:2e:61:a7:5c:88:61:dd:c8:
05:da:5c:8c:d8:75:19:09:bb:ec:ae:7e:37:24:3d:b3:94:1e:
c0:3b:d2:43:80:92:69:4a:ac:81:08:61:10:a0:01:0e:99:ef:
0f:a1:b3:28
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEDi0XZ/LBUDr+D6JLAmXloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzMwMTIwOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWRhY2UwMGE5NGMwOWEwMWQ1YjhiYmFkNzhiOGFkMGVjOGI4ZGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnD3DtHL/GgSbEqMZFC9GbJNSCMP
3iJAzlbWrjZdjypBl7hLRvk/UE56BJUrI+S99R+GwUQnm0rV+s/nsboZt2kZ8zXa
+R8Bp0WYnivnipNrF7hdCVFVJh2C2+wICbOc5DKXOOxTytBAF2sb7XROBT6iVGwy
k131kwENj0oWb7VsnZPrQhGViTN3Ry6OyLEKQ189xivCOzjFs2BJSNDNx+OOAaX0
lZvCQkeXZN3Hpk9eXGT6MEYX9i7kxmbICvfs2+Qwo5ptmQpIDf+qB0dh2kE/beyS
3NdjFUn8LgLgU4+7IUf8xlryyBp4vMRC8VxVxVBTvkVq7yk2cAfj3xyZXQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGHazgCpTAmgHVuLuteLitDsi43mMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWWRyT0FLbE1DYUFkVzR1NjE0dUswT3lMamVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAM3JXH7BrN/r66tyS9o+kSvIT
xjkNDK9+08IlNC8xuuVqjaTpxuvQaltWBBKByrzYIfl0YRJ0I8V+iPcKRZavS3A2
MCBvgI6CFFP6p7BF+mDqC+JMZpEXkcl4iU9sYkvjaFY00+pF6YsfU5K7M+oSE4k5
b1bM/hwGRTFDg2AzRnVWKrb5WUGx9qfTlEhh8ZR46i4vMBVm5jE3J1LTmgx6/2Pm
NvXLLc9NubH7uu+bxrpJx12UaMiMWTw9qdEofxLddg5+YMkmldE5B3q+T6CtcS5h
p1yIYd3IBdpcjNh1GQm77K5+NyQ9s5QewDvSQ4CSaUqsgQhhEKABDpnvD6GzKA==
-----END CERTIFICATE-----
Generated at Tue Jul 30 16:02:24 2024 by rpki-client on console-fra.rpki-client.org