Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/aF6y5L7pP21Vu2Jq5y08V22yTk0.roa
File: aF6y5L7pP21Vu2Jq5y08V22yTk0.roa (raw, json)
Hash identifier: o3X7VxjxfdaVz2xtpmZIpGtQTv4s+BtLaRrEXRRPXWw=
Subject key identifier: 68:5E:B2:E4:BE:E9:3F:6D:55:BB:62:6A:E7:2D:3C:57:6D:B2:4E:4D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191D8A0E50E31B0C7A96C43A752C198C647
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/aF6y5L7pP21Vu2Jq5y08V22yTk0.roa
Signing time: Mon 09 Sep 2024 21:11:48 +0000
ROA not before: Mon 09 Sep 2024 21:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 09 Sep 2024 22:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d8:a0:e5:0e:31:b0:c7:a9:6c:43:a7:52:c1:98:c6:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 9 21:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=685eb2e4bee93f6d55bb626ae72d3c576db24e4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:01:1a:9c:7c:76:31:7a:d3:37:b2:9b:c8:6d:
65:b1:be:77:30:f8:30:06:c6:4a:14:0c:45:86:1f:
8e:a4:79:41:12:db:9f:62:bb:94:8c:5b:02:c7:5c:
81:3f:05:50:d1:24:56:95:c3:26:94:a7:ee:7d:d9:
ae:f3:4c:13:57:aa:34:e2:37:07:ac:f8:36:24:f2:
46:64:fa:96:82:70:3f:92:8f:17:1e:62:12:37:10:
f6:22:35:7c:c3:f6:31:bd:8d:51:60:fd:e2:65:fb:
6d:e1:3a:a1:d9:20:ca:2e:ca:4d:85:d4:b5:b4:1b:
81:36:34:54:11:22:46:cc:a2:18:ca:23:09:8f:23:
b1:87:64:c3:20:7a:24:ad:86:86:a6:a3:0d:13:14:
ea:47:d2:9b:15:68:7b:6f:d9:f2:d1:6a:7a:8c:16:
df:fb:02:5d:47:23:ab:64:90:e6:2a:85:7d:1d:94:
83:c6:1c:b2:eb:49:27:5e:fb:0d:f5:11:0d:41:0f:
f7:97:ef:94:9f:cd:ab:a1:af:35:27:ee:38:bb:62:
df:ae:af:27:5d:ca:e9:06:a3:92:8e:5b:f6:37:a2:
df:0b:31:3f:ce:e6:30:3a:a2:fb:a0:ea:f7:93:5e:
43:79:46:17:86:d6:8b:ff:29:8b:91:00:b0:a1:d6:
17:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5E:B2:E4:BE:E9:3F:6D:55:BB:62:6A:E7:2D:3C:57:6D:B2:4E:4D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/aF6y5L7pP21Vu2Jq5y08V22yTk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
93:73:bf:2b:de:be:39:a8:d5:b9:83:0d:d4:62:21:56:96:81:
87:31:c9:51:4c:60:39:49:03:4c:1f:0f:4d:26:a1:37:3d:41:
4c:15:4e:fd:94:cd:3b:42:4d:58:07:2f:f6:d5:56:5b:f3:b9:
af:f4:97:01:68:c9:ec:0e:df:c2:b8:2f:ec:ef:75:3a:bc:9a:
04:bf:d3:23:7e:d5:ac:db:21:bd:e2:1c:66:07:48:97:f8:41:
93:2c:e8:bb:64:43:fc:12:9b:9e:8d:87:11:c3:a4:7c:ad:69:
c2:29:97:de:46:c2:30:8a:cd:f0:14:01:4f:e4:28:1d:fd:8b:
ae:36:7e:a4:29:c6:c3:df:2c:7e:45:36:75:fe:93:ff:34:54:
7e:4e:fb:e2:20:5c:ff:38:bb:5c:26:bd:1a:2e:a1:59:97:e9:
dc:3e:55:db:f1:df:47:43:f6:ad:f9:5d:ab:e4:a0:cc:0a:6d:
21:79:d1:f4:6c:58:c0:88:9b:9a:0a:95:f3:3b:98:7b:17:66:
40:da:5c:d3:b9:94:fd:7a:66:cb:5a:04:01:68:e8:3f:66:a1:
7a:35:72:05:7f:bf:11:88:66:30:ae:f4:f1:97:32:e7:13:1d:
30:f9:7f:89:dd:08:fb:28:a8:9a:fd:23:6c:cf:2d:a5:b9:e5:
a4:53:c7:85
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHYoOUOMbDHqWxDp1LBmMZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA5MjExMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODVlYjJlNGJlZTkzZjZkNTViYjYyNmFlNzJkM2M1NzZkYjI0ZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwEanHx2MXrTN7KbyG1lsb53MPgw
BsZKFAxFhh+OpHlBEtufYruUjFsCx1yBPwVQ0SRWlcMmlKfufdmu80wTV6o04jcH
rPg2JPJGZPqWgnA/ko8XHmISNxD2IjV8w/YxvY1RYP3iZftt4Tqh2SDKLspNhdS1
tBuBNjRUESJGzKIYyiMJjyOxh2TDIHokrYaGpqMNExTqR9KbFWh7b9ny0Wp6jBbf
+wJdRyOrZJDmKoV9HZSDxhyy60knXvsN9RENQQ/3l++Un82roa81J+44u2Lfrq8n
XcrpBqOSjlv2N6LfCzE/zuYwOqL7oOr3k15DeUYXhtaL/ymLkQCwodYX7QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFGhesuS+6T9tVbtiauctPFdtsk5NMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYUY2eTVMN3BQMjFWdTJKcTV5MDhWMjJ5VGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wDEQAgAQZ8AGT//wAAAZHYLDcb
MA0GCSqGSIb3DQEBCwUAA4IBAQCTc78r3r45qNW5gw3UYiFWloGHMclRTGA5SQNM
Hw9NJqE3PUFMFU79lM07Qk1YBy/21VZb87mv9JcBaMnsDt/CuC/s73U6vJoEv9Mj
ftWs2yG94hxmB0iX+EGTLOi7ZEP8EpuejYcRw6R8rWnCKZfeRsIwis3wFAFP5Cgd
/YuuNn6kKcbD3yx+RTZ1/pP/NFR+TvviIFz/OLtcJr0aLqFZl+ncPlXb8d9HQ/at
+V2r5KDMCm0hedH0bFjAiJuaCpXzO5h7F2ZA2lzTuZT9embLWgQBaOg/ZqF6NXIF
f78RiGYwrvTxlzLnEx0w+X+J3Qj7KKia/SNszy2lueWkU8eF
Generated at Mon Sep 9 23:25:10 2024 by rpki-client on console-fra.rpki-client.org