Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/h5RcNM4xYNJLBC5dRuhiyHYTXAE.roa
File: h5RcNM4xYNJLBC5dRuhiyHYTXAE.roa (raw, json)
Hash identifier: 2e57ONLL1MsO7p2Fj4l6cLq0Q2jqPVgoEOjQuSjL5GA=
Subject key identifier: 87:94:5C:34:CE:31:60:D2:4B:04:2E:5D:46:E8:62:C8:76:13:5C:01
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01918B980A015ABBDEC00E8E90BFF1F99AA4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/h5RcNM4xYNJLBC5dRuhiyHYTXAE.roa
Signing time: Sun 25 Aug 2024 22:11:22 +0000
ROA not before: Sun 25 Aug 2024 22:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 25 Aug 2024 23:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8b:98:0a:01:5a:bb:de:c0:0e:8e:90:bf:f1:f9:9a:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 25 22:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87945c34ce3160d24b042e5d46e862c876135c01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ac:11:cb:1c:9b:10:89:33:00:9d:36:f1:c7:
cf:91:e0:48:73:31:0b:53:5b:c4:79:e8:ae:cf:d6:
5c:93:ae:d4:d3:9d:3d:0c:c0:68:83:e9:ae:6e:13:
4a:62:93:b9:cb:c6:fd:ec:34:c5:19:20:93:ae:52:
44:7b:5e:ab:5d:b1:02:35:5c:a9:4d:4e:0e:98:e4:
73:77:b2:a3:62:28:81:d9:2f:13:0c:42:66:9b:81:
e3:5d:d0:8c:f7:13:ce:82:0f:96:62:b6:d1:31:9d:
36:b6:ab:b6:7c:fa:10:ea:37:5a:fb:66:18:91:d1:
ae:dc:b5:05:60:d1:f8:0d:60:03:fd:2b:64:db:55:
95:4f:a4:eb:2b:e7:e8:18:83:20:3b:47:fd:6c:49:
2a:c0:c9:c2:46:86:a8:7c:8a:e9:6a:d9:4f:7e:0a:
72:29:1b:b2:e7:e3:ff:3c:77:8f:9c:16:f0:12:b6:
64:26:ac:33:08:95:84:01:4d:69:43:e3:f7:4c:83:
79:fb:26:ce:ef:29:b7:bd:b7:21:81:59:bb:35:37:
f3:13:f1:ff:44:f2:34:2a:a6:e8:85:8a:12:8a:3b:
db:86:87:b9:fe:ec:f5:8e:fc:35:24:23:58:03:e0:
b9:d0:01:0c:85:4c:3e:2e:c9:49:b3:df:18:3c:2b:
46:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:94:5C:34:CE:31:60:D2:4B:04:2E:5D:46:E8:62:C8:76:13:5C:01
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/h5RcNM4xYNJLBC5dRuhiyHYTXAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
03:80:21:09:16:74:94:92:b1:ab:d6:85:e1:73:a4:0f:78:59:
f2:f0:0c:4e:59:71:d6:f3:41:a1:3c:24:05:52:fc:b0:8c:47:
6d:3d:7d:c1:df:e9:00:52:40:01:02:ab:22:12:eb:e5:ac:e3:
f3:2a:ea:3c:33:2e:0b:fc:6c:e0:a1:db:2a:a1:9f:14:fe:80:
63:8c:fb:79:ea:26:c5:6a:a4:88:9a:e5:5d:4a:31:e0:12:69:
15:51:68:38:21:81:4e:14:f8:db:7c:c2:20:34:cc:6f:ed:7b:
58:1d:c3:f2:9e:83:89:95:54:85:2e:cd:69:e1:93:b5:50:4a:
3b:16:1e:0a:33:ac:a1:20:2b:51:78:7d:ee:83:45:8f:8f:f6:
e3:0f:48:93:bb:43:aa:f9:74:86:f6:6e:1c:de:14:41:d5:9c:
6a:85:84:e1:bf:4c:b9:63:95:08:c5:a3:e1:4a:0d:e9:50:f2:
3b:97:25:10:3f:b3:4d:6c:86:fc:35:fa:d2:10:1d:97:00:13:
3f:b4:9f:03:4f:55:b9:7f:82:a9:9e:ac:73:d3:dc:15:d8:c5:
03:33:8c:0a:d0:7f:ba:07:66:a2:8d:3f:37:9d:9a:2d:60:8a:
63:00:56:8f:e0:1e:7d:22:7f:4a:10:4e:8b:75:a3:32:56:b8:
ca:d2:76:25
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGLmAoBWrvewA6OkL/x+ZqkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI1MjIxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzk0NWMzNGNlMzE2MGQyNGIwNDJlNWQ0NmU4NjJjODc2MTM1YzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqwRyxybEIkzAJ028cfPkeBIczEL
U1vEeeiuz9Zck67U0509DMBog+mubhNKYpO5y8b97DTFGSCTrlJEe16rXbECNVyp
TU4OmORzd7KjYiiB2S8TDEJmm4HjXdCM9xPOgg+WYrbRMZ02tqu2fPoQ6jda+2YY
kdGu3LUFYNH4DWAD/Stk21WVT6TrK+foGIMgO0f9bEkqwMnCRoaofIrpatlPfgpy
KRuy5+P/PHePnBbwErZkJqwzCJWEAU1pQ+P3TIN5+ybO7ym3vbchgVm7NTfzE/H/
RPI0KqbohYoSijvbhoe5/uz1jvw1JCNYA+C50AEMhUw+LslJs98YPCtGxwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIeUXDTOMWDSSwQuXUboYsh2E1wBMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaDVSY05NNHhZTkpMQkM1ZFJ1aGl5SFlUWEFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAA4AhCRZ0lJKxq9aF4XOkD3hZ
8vAMTllx1vNBoTwkBVL8sIxHbT19wd/pAFJAAQKrIhLr5azj8yrqPDMuC/xs4KHb
KqGfFP6AY4z7eeomxWqkiJrlXUox4BJpFVFoOCGBThT423zCIDTMb+17WB3D8p6D
iZVUhS7NaeGTtVBKOxYeCjOsoSArUXh97oNFj4/24w9Ik7tDqvl0hvZuHN4UQdWc
aoWE4b9MuWOVCMWj4UoN6VDyO5clED+zTWyG/DX60hAdlwATP7SfA09VuX+CqZ6s
c9PcFdjFAzOMCtB/ugdmoo0/N52aLWCKYwBWj+AefSJ/ShBOi3WjMla4ytJ2JQ==
-----END CERTIFICATE-----
Generated at Mon Aug 26 01:56:14 2024 by rpki-client on console-ams.rpki-client.org