Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hgJz8CcjO_-IhM4sviaFmNNpybs.roa
File: hgJz8CcjO_-IhM4sviaFmNNpybs.roa (raw, json)
Hash identifier: AsSnQ6O+WS4JNN4RwHIxW9Z+cZnvvGMGqycreB1t8mg=
Subject key identifier: 86:02:73:F0:27:23:3B:FF:88:84:CE:2C:BE:26:85:98:D3:69:C9:BB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019109206A05F30A238FBD1333F5A30B8EA9
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hgJz8CcjO_-IhM4sviaFmNNpybs.roa
Signing time: Wed 31 Jul 2024 14:10:04 +0000
ROA not before: Wed 31 Jul 2024 14:10:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 31 Jul 2024 15:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:09:20:6a:05:f3:0a:23:8f:bd:13:33:f5:a3:0b:8e:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 31 14:10:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=860273f027233bff8884ce2cbe268598d369c9bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:96:17:56:54:bb:d2:c2:ef:7d:0f:34:97:a4:
c9:40:fe:42:05:41:44:8f:8d:ad:43:7d:b5:c6:13:
0e:70:3f:06:3e:89:63:8b:df:37:51:cb:00:5c:49:
d2:dc:17:94:20:83:97:a8:6c:fd:47:5d:31:4b:de:
16:ab:9d:e3:63:fa:93:27:3f:05:5b:40:b7:c4:ca:
bb:13:73:4b:8c:96:93:e3:f8:ac:0b:41:48:cf:e1:
0f:37:74:ed:dd:a9:4b:80:f8:11:29:fe:c2:3e:e5:
42:f0:3b:0e:3d:7b:a8:c4:a2:07:bc:ee:0b:c5:7a:
1e:9d:2d:8e:c1:3a:99:8b:a0:02:71:71:e4:bf:7f:
ef:fc:b2:59:c0:4e:d6:5c:95:2b:9f:f4:8c:f8:22:
8a:7b:d9:59:11:51:0d:28:5b:a9:c0:8c:b6:4d:5c:
a6:85:61:e3:5b:b0:b2:9d:07:93:7c:1e:11:ce:7a:
b1:68:43:5b:8d:a0:28:ec:52:93:18:5b:b4:da:39:
e0:f5:35:f5:a3:40:d2:11:ef:44:82:a8:b5:bb:05:
32:32:94:e0:6d:5c:9f:95:08:a8:fa:1c:bf:8e:fc:
8b:97:9e:2c:d6:c0:43:6c:1e:9b:1c:01:75:55:be:
92:e2:ee:94:bb:20:61:2e:68:41:b4:be:c0:af:df:
5a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:02:73:F0:27:23:3B:FF:88:84:CE:2C:BE:26:85:98:D3:69:C9:BB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hgJz8CcjO_-IhM4sviaFmNNpybs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
5c:23:2b:43:a4:cc:e1:8a:dd:b2:24:c1:2c:ec:8a:7a:a8:23:
41:0e:4a:ac:db:28:2f:99:d2:d5:c9:6a:0b:0c:dd:cf:99:49:
12:53:8c:b8:4e:7d:14:47:03:d7:1d:00:01:27:0e:bb:33:48:
5d:c5:71:87:4f:27:5c:5e:6b:70:6f:b4:c6:98:e1:5e:7f:11:
47:00:aa:48:45:8f:51:4b:eb:20:3c:91:7b:96:7f:a2:aa:ea:
55:d7:97:8d:31:88:f1:76:72:16:0e:60:fc:68:47:98:86:f8:
60:42:ed:9a:ec:67:0e:ac:92:01:af:db:ba:e7:26:0c:2a:8d:
5f:fa:3e:1f:7f:a9:ee:40:6a:06:a6:60:e8:3d:5a:94:71:0d:
31:c5:fc:03:07:0f:0d:35:bc:f7:87:ce:ae:d5:f8:c8:5d:56:
38:1a:68:08:ac:9f:c3:14:d5:f4:7e:67:2b:e2:54:dd:9c:6e:
a0:d1:4b:c2:43:8f:49:68:08:17:d3:9f:c8:62:18:c8:3d:34:
3a:bd:c9:2f:86:62:06:76:83:f5:d6:1a:8f:94:be:98:92:bf:
78:84:49:62:93:9e:6b:ff:68:d3:c4:af:bc:58:54:67:af:e9:
97:80:af:4b:1c:f7:8d:9f:03:c8:e0:bb:de:3f:55:f9:76:c2:
58:46:e3:28
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEJIGoF8wojj70TM/WjC46pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzMxMTQxMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjAyNzNmMDI3MjMzYmZmODg4NGNlMmNiZTI2ODU5OGQzNjljOWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5YXVlS70sLvfQ80l6TJQP5CBUFE
j42tQ321xhMOcD8GPolji983UcsAXEnS3BeUIIOXqGz9R10xS94Wq53jY/qTJz8F
W0C3xMq7E3NLjJaT4/isC0FIz+EPN3Tt3alLgPgRKf7CPuVC8DsOPXuoxKIHvO4L
xXoenS2OwTqZi6ACcXHkv3/v/LJZwE7WXJUrn/SM+CKKe9lZEVENKFupwIy2TVym
hWHjW7CynQeTfB4RznqxaENbjaAo7FKTGFu02jng9TX1o0DSEe9Egqi1uwUyMpTg
bVyflQio+hy/jvyLl54s1sBDbB6bHAF1Vb6S4u6UuyBhLmhBtL7Ar99amwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIYCc/AnIzv/iITOLL4mhZjTacm7MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaGdKejhDY2pPXy1JaE00c3ZpYUZtTk5weWJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAXCMrQ6TM4YrdsiTBLOyKeqgj
QQ5KrNsoL5nS1clqCwzdz5lJElOMuE59FEcD1x0AAScOuzNIXcVxh08nXF5rcG+0
xpjhXn8RRwCqSEWPUUvrIDyRe5Z/oqrqVdeXjTGI8XZyFg5g/GhHmIb4YELtmuxn
DqySAa/buucmDCqNX/o+H3+p7kBqBqZg6D1alHENMcX8AwcPDTW894fOrtX4yF1W
OBpoCKyfwxTV9H5nK+JU3ZxuoNFLwkOPSWgIF9OfyGIYyD00Or3JL4ZiBnaD9dYa
j5S+mJK/eIRJYpOea/9o08SvvFhUZ6/pl4CvSxz3jZ8DyOC73j9V+XbCWEbjKA==
-----END CERTIFICATE-----
Generated at Wed Jul 31 18:39:27 2024 by rpki-client on console-ams.rpki-client.org