Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/jAAqqOcorAlbUC2cSjvRNF04-mU.roa
File: jAAqqOcorAlbUC2cSjvRNF04-mU.roa (raw, json)
Hash identifier: 3EtsXu0rO/1V0/RPCEdjAbaQBv9w+HhBgJQIL82rF04=
Subject key identifier: 8C:00:2A:A8:E7:28:AC:09:5B:50:2D:9C:4A:3B:D1:34:5D:38:FA:65
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0192BAFAE29925103BF36B17F2B6474BA2C2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/jAAqqOcorAlbUC2cSjvRNF04-mU.roa
Signing time: Wed 23 Oct 2024 20:04:17 +0000
ROA not before: Wed 23 Oct 2024 20:04:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:192:bafa:d736/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 23 Oct 2024 20:12:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ba:fa:e2:99:25:10:3b:f3:6b:17:f2:b6:47:4b:a2:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Oct 23 20:04:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c002aa8e728ac095b502d9c4a3bd1345d38fa65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f5:c2:9c:3a:1f:a4:9e:cf:1f:57:00:36:7d:
dc:91:9c:b3:8b:34:a3:a9:d1:f9:8c:08:27:19:a9:
fc:b5:6f:0f:06:a3:c9:81:0c:60:66:4f:2a:0d:3c:
76:19:49:58:c4:f8:a9:37:63:24:a7:9d:4a:93:78:
4f:2f:60:b7:1a:6a:5a:96:8d:17:6c:cb:91:c3:83:
06:fd:1b:4b:2e:51:06:dd:72:2f:f6:74:e2:5b:36:
2b:1a:87:86:2d:2d:ca:f7:49:3c:14:fe:0f:02:be:
b7:e6:64:00:df:f4:ca:37:28:96:7e:07:ec:0a:28:
0e:a3:4f:4b:b4:17:83:79:a6:dd:3c:b3:d2:a7:20:
6c:17:da:34:2f:ea:77:5d:fd:00:28:c9:2e:a6:b0:
ba:58:c5:25:57:ad:6d:71:a3:fe:d6:6d:da:06:1b:
39:1f:10:60:cd:21:95:25:00:b8:4e:af:7f:72:ed:
a1:b6:6a:47:9a:26:8e:8d:95:cf:e8:90:5c:00:cd:
06:2c:99:2d:85:6e:f5:47:e7:9f:4c:48:e0:10:3c:
07:19:d5:c3:07:bb:70:2c:84:8d:c5:94:9a:fd:55:
75:fc:ee:60:d6:ff:83:30:cc:6a:5b:11:54:1d:c8:
32:7f:95:f7:b5:c7:2c:0c:01:a8:3c:c0:a9:4b:09:
15:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:00:2A:A8:E7:28:AC:09:5B:50:2D:9C:4A:3B:D1:34:5D:38:FA:65
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/jAAqqOcorAlbUC2cSjvRNF04-mU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:192:bafa:d736/128
Signature Algorithm: sha256WithRSAEncryption
28:20:c9:6b:fd:4c:3a:10:36:87:74:93:1c:3a:55:fe:08:a2:
c8:c0:72:e0:f0:17:e2:bb:0b:b6:1b:c5:fd:8e:ba:b1:83:3a:
9c:9a:13:30:bd:0e:46:7f:fb:99:43:05:76:e8:5d:3a:6b:c5:
f9:a7:0d:14:0d:6f:cc:82:aa:78:f2:74:4a:f9:04:87:c1:f9:
8b:9a:41:85:36:09:4d:a0:52:13:03:aa:6b:6c:84:6f:67:aa:
7b:c1:1c:98:c1:f0:f0:47:db:5d:28:bd:9f:bd:56:14:c5:41:
9b:e5:d6:18:2a:0a:18:9b:37:95:ab:8f:07:60:a1:ce:5c:9e:
59:4c:30:08:7f:f8:a0:3a:ad:ac:78:ee:84:f2:30:15:75:63:
83:24:2c:c9:21:04:0b:31:9b:4d:2b:d2:67:35:b3:6c:dd:99:
c2:bf:82:b5:ee:fa:2e:2f:68:40:58:18:0c:46:1c:40:37:80:
86:36:3e:f8:cd:4a:0f:17:7a:59:ba:33:72:a7:dc:39:6b:d5:
aa:5d:81:ff:2a:56:24:c6:81:4f:af:58:ed:cc:79:5f:99:ac:
eb:88:84:ed:35:46:dc:0e:6b:ab:6a:4b:03:26:40:37:85:df:
77:5a:e4:05:1c:7d:90:9b:b4:95:d2:e1:37:52:4d:2c:b6:6b:
a3:82:01:89
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZK6+uKZJRA782sX8rZHS6LCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMDIzMjAwNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzAwMmFhOGU3MjhhYzA5NWI1MDJkOWM0YTNiZDEzNDVkMzhmYTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvXCnDofpJ7PH1cANn3ckZyzizSj
qdH5jAgnGan8tW8PBqPJgQxgZk8qDTx2GUlYxPipN2Mkp51Kk3hPL2C3Gmpalo0X
bMuRw4MG/RtLLlEG3XIv9nTiWzYrGoeGLS3K90k8FP4PAr635mQA3/TKNyiWfgfs
CigOo09LtBeDeabdPLPSpyBsF9o0L+p3Xf0AKMkuprC6WMUlV61tcaP+1m3aBhs5
HxBgzSGVJQC4Tq9/cu2htmpHmiaOjZXP6JBcAM0GLJkthW71R+efTEjgEDwHGdXD
B7twLISNxZSa/VV1/O5g1v+DMMxqWxFUHcgyf5X3tccsDAGoPMCpSwkVIQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIwAKqjnKKwJW1AtnEo70TRdOPplMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvakFBcXFPY29yQWxiVUMyY1NqdlJORjA0LW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGSuvrXNjANBgkqhkiG9w0BAQsFAAOCAQEAKCDJa/1MOhA2h3STHDpV/gii
yMBy4PAX4rsLthvF/Y66sYM6nJoTML0ORn/7mUMFduhdOmvF+acNFA1vzIKqePJ0
SvkEh8H5i5pBhTYJTaBSEwOqa2yEb2eqe8EcmMHw8EfbXSi9n71WFMVBm+XWGCoK
GJs3lauPB2ChzlyeWUwwCH/4oDqtrHjuhPIwFXVjgyQsySEECzGbTSvSZzWzbN2Z
wr+Cte76Li9oQFgYDEYcQDeAhjY++M1KDxd6WbozcqfcOWvVql2B/ypWJMaBT69Y
7cx5X5ms64iE7TVG3A5rq2pLAyZAN4Xfd1rkBRx9kJu0ldLhN1JNLLZro4IBiQ==
-----END CERTIFICATE-----
Generated at Thu Oct 24 00:01:32 2024 by rpki-client on console-fra.rpki-client.org