Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hiZ_UPVu5yIqM7I1zOHqrK3eGtU.roa
File: hiZ_UPVu5yIqM7I1zOHqrK3eGtU.roa (raw, json)
Hash identifier: P3uzg6Y8z/IXagP65aPybsmyoFpvgeuGBvFDJo/mAts=
Subject key identifier: 86:26:7F:50:F5:6E:E7:22:2A:33:B2:35:CC:E1:EA:AC:AD:DE:1A:D5
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191AF00F697BBCEFC5C0944A5F15FFCA60B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hiZ_UPVu5yIqM7I1zOHqrK3eGtU.roa
Signing time: Sun 01 Sep 2024 19:12:41 +0000
ROA not before: Sun 01 Sep 2024 19:12:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 01 Sep 2024 20:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:af:00:f6:97:bb:ce:fc:5c:09:44:a5:f1:5f:fc:a6:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 1 19:12:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86267f50f56ee7222a33b235cce1eaacadde1ad5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:0c:15:8c:c3:22:50:00:cc:4f:cf:08:0e:9b:
b5:9b:f4:00:ed:5c:64:aa:59:ad:60:7d:89:e4:80:
64:4f:4d:01:4b:26:aa:a4:41:e5:b6:da:ee:d1:8f:
82:43:d1:da:26:bc:23:78:9d:e3:1e:e8:fe:21:dd:
b5:c3:8b:76:5d:53:51:4e:d4:72:1c:5a:99:37:b4:
ef:30:13:b2:9d:3d:91:10:94:97:a7:67:11:78:6b:
12:3c:5a:d1:61:10:85:83:de:40:48:94:61:de:06:
71:bb:57:11:69:8a:99:cd:30:24:c3:b1:fb:86:dd:
ea:dd:cb:44:31:57:a8:6e:b1:45:f8:34:df:9f:80:
a9:17:64:81:8f:b4:37:e2:d5:eb:44:e2:0c:17:b2:
2c:58:81:d6:49:c1:fa:8f:f3:fa:fd:5e:84:9d:4d:
8b:d3:0d:64:cd:d6:61:2a:89:5c:67:c7:ac:26:2d:
56:71:b8:ef:52:83:ab:09:35:b1:54:69:0b:0e:c7:
ab:9b:37:18:d2:4b:9c:6b:9e:c3:77:15:6f:8a:5f:
7e:94:6c:bc:8b:b5:57:9d:f6:60:84:f3:0a:4d:f9:
31:3f:24:a6:b6:da:e3:7b:4a:56:67:d9:19:a4:b9:
56:df:41:fc:0c:c3:df:c1:1a:d7:25:6d:b7:20:1e:
66:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:26:7F:50:F5:6E:E7:22:2A:33:B2:35:CC:E1:EA:AC:AD:DE:1A:D5
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hiZ_UPVu5yIqM7I1zOHqrK3eGtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
63:dc:29:82:55:21:7d:f9:7e:ae:7e:31:34:59:32:83:14:4d:
e4:9d:9d:43:ff:02:97:9d:de:57:7f:60:01:a3:66:0e:46:82:
6a:2d:67:0d:01:fc:4e:fb:0e:33:8a:b4:8e:4a:d7:58:cf:67:
af:b7:e8:f2:c6:85:c7:77:65:1a:ef:08:76:bc:64:13:56:99:
74:78:14:f7:90:70:be:c4:81:3b:33:04:96:04:96:6c:ff:9d:
3f:e8:ff:df:ec:b4:2c:a8:dc:d2:1f:70:7b:f8:01:8f:2e:7c:
b6:0e:64:04:91:21:be:b0:86:c4:bd:d2:6d:fe:52:ed:09:c0:
1d:fb:fa:c6:74:db:68:4f:ef:d3:a5:6c:2c:e5:1f:6a:1e:20:
4c:1a:00:74:1c:3b:ce:e0:a0:9a:4f:3f:ca:a2:96:ee:97:36:
3c:64:b5:bf:0f:fc:d7:86:86:45:26:79:ca:44:f2:ee:5e:ba:
3e:fe:eb:cb:6d:1d:01:a8:0a:3e:4f:e2:4f:bd:0e:55:1a:24:
b2:fc:5c:46:4d:76:53:8e:e5:d4:ea:ef:3c:5b:c7:65:89:ec:
4d:cb:1a:6b:0c:27:95:f3:e0:e2:a5:9f:cb:a4:27:06:92:94:
10:2b:db:90:90:fd:f4:eb:db:20:69:ae:7c:92:94:9c:1e:1d:
03:b6:da:88
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGvAPaXu878XAlEpfFf/KYLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAxMTkxMjQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjI2N2Y1MGY1NmVlNzIyMmEzM2IyMzVjY2UxZWFhY2FkZGUxYWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAwVjMMiUADMT88IDpu1m/QA7Vxk
qlmtYH2J5IBkT00BSyaqpEHlttru0Y+CQ9HaJrwjeJ3jHuj+Id21w4t2XVNRTtRy
HFqZN7TvMBOynT2REJSXp2cReGsSPFrRYRCFg95ASJRh3gZxu1cRaYqZzTAkw7H7
ht3q3ctEMVeobrFF+DTfn4CpF2SBj7Q34tXrROIMF7IsWIHWScH6j/P6/V6EnU2L
0w1kzdZhKolcZ8esJi1WcbjvUoOrCTWxVGkLDsermzcY0kuca57DdxVvil9+lGy8
i7VXnfZghPMKTfkxPySmttrje0pWZ9kZpLlW30H8DMPfwRrXJW23IB5mKwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIYmf1D1buciKjOyNczh6qyt3hrVMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaGlaX1VQVnU1eUlxTTdJMXpPSHFySzNlR3RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAY9wpglUhffl+rn4xNFkygxRN
5J2dQ/8Cl53eV39gAaNmDkaCai1nDQH8TvsOM4q0jkrXWM9nr7fo8saFx3dlGu8I
drxkE1aZdHgU95BwvsSBOzMElgSWbP+dP+j/3+y0LKjc0h9we/gBjy58tg5kBJEh
vrCGxL3Sbf5S7QnAHfv6xnTbaE/v06VsLOUfah4gTBoAdBw7zuCgmk8/yqKW7pc2
PGS1vw/814aGRSZ5ykTy7l66Pv7ry20dAagKPk/iT70OVRoksvxcRk12U47l1Orv
PFvHZYnsTcsaawwnlfPg4qWfy6QnBpKUECvbkJD99OvbIGmufJKUnB4dA7baiA==
-----END CERTIFICATE-----
Generated at Sun Sep 1 21:03:44 2024 by rpki-client on console-fra.rpki-client.org