Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/l9M9C-KVRsRg3NrUj7E6QEQDgYo.roa
File: l9M9C-KVRsRg3NrUj7E6QEQDgYo.roa (raw, json)
Hash identifier: 2728nDgjmgqLUR3WxaM76Uijlawh1lR05y1KjkgOQQw=
Subject key identifier: 97:D3:3D:0B:E2:95:46:C4:60:DC:DA:D4:8F:B1:3A:40:44:03:81:8A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191D532BD9CF734D8616614FA1C966B17E0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/l9M9C-KVRsRg3NrUj7E6QEQDgYo.roa
Signing time: Mon 09 Sep 2024 05:12:37 +0000
ROA not before: Mon 09 Sep 2024 05:12:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 09 Sep 2024 06:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d5:32:bd:9c:f7:34:d8:61:66:14:fa:1c:96:6b:17:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 9 05:12:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97d33d0be29546c460dcdad48fb13a404403818a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:33:8f:fb:1b:2c:c3:ac:50:dc:49:c2:d7:22:
8a:44:d0:9a:7b:48:38:74:d3:b4:93:54:f7:df:c8:
c3:25:24:e7:1a:39:7c:f4:04:38:f9:1a:83:f9:a8:
60:23:98:4b:17:53:43:8e:dd:c7:62:37:f2:9c:7d:
25:3a:61:5d:55:79:9e:96:5a:ce:d7:b5:5e:8b:33:
a1:e2:88:55:a9:8d:52:c0:94:73:d3:0a:59:27:55:
7f:c9:3a:68:ee:f8:d9:1d:bd:15:c0:83:7d:73:5d:
cd:51:b9:19:8a:e9:a8:05:8a:4e:7b:76:ac:21:ea:
c2:2d:3b:0e:b2:53:c0:12:21:42:17:0c:18:63:80:
8e:82:21:46:9d:8c:c3:cb:56:15:7b:41:ee:ce:25:
d3:8c:17:47:02:e5:25:7f:40:85:ad:9b:f4:34:d3:
0b:03:81:70:ff:fc:bf:e7:88:db:50:fc:5d:e7:99:
6f:29:6b:0b:30:6c:7a:73:c8:4d:71:e6:15:34:06:
0d:64:87:ab:93:a8:5b:aa:12:e0:c7:8c:73:ba:ad:
d0:ec:ce:e2:b1:c2:65:45:88:6e:4d:39:9b:a4:a5:
f7:11:b0:65:ae:40:16:20:47:ac:83:18:31:01:71:
c2:10:aa:ed:16:b1:dc:db:5e:18:90:1a:da:ad:41:
73:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:D3:3D:0B:E2:95:46:C4:60:DC:DA:D4:8F:B1:3A:40:44:03:81:8A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/l9M9C-KVRsRg3NrUj7E6QEQDgYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
39:e6:f8:29:0d:de:e5:7a:1e:ed:70:0c:62:6d:65:67:13:18:
a7:66:31:d7:d4:1d:49:c6:e3:35:5e:5f:4d:e1:7d:b5:44:dd:
c8:79:38:13:ec:6c:65:c6:32:48:17:d1:63:9a:76:6b:8e:92:
90:b4:ff:af:ed:64:41:24:c6:cc:60:23:b9:c1:13:a7:07:0c:
71:23:47:66:3d:6b:a8:51:a0:76:01:94:ed:37:04:50:8d:ed:
e0:c9:ec:4d:ac:8d:ef:14:f2:ad:46:2b:47:ae:f8:bd:c6:6e:
65:6a:22:b8:20:9a:11:eb:88:cf:29:ad:9b:1f:62:a4:13:df:
fb:85:94:8c:1f:71:e2:ff:a9:8a:01:8d:b8:58:e0:39:e0:30:
9f:c9:65:b9:35:bc:65:8a:0f:a5:2a:ec:ff:ac:f9:1c:27:0d:
ab:82:ae:02:ff:ca:b6:11:cc:14:5b:92:02:cf:9b:f8:8e:b6:
87:35:46:f5:87:44:64:81:95:5e:0d:3e:28:59:4c:98:c7:de:
4a:a0:27:fa:4e:5a:09:25:e9:1d:39:77:05:49:b5:d6:92:e2:
5f:be:0d:9c:59:23:a0:19:69:0a:e1:c7:af:47:8b:41:bc:c0:
92:cc:0e:ef:66:45:de:07:51:26:28:b5:aa:b8:3f:ec:b1:86:
14:fb:af:06
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZHVMr2c9zTYYWYU+hyWaxfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA5MDUxMjM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2QzM2QwYmUyOTU0NmM0NjBkY2RhZDQ4ZmIxM2E0MDQ0MDM4MThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTOP+xssw6xQ3EnC1yKKRNCae0g4
dNO0k1T338jDJSTnGjl89AQ4+RqD+ahgI5hLF1NDjt3HYjfynH0lOmFdVXmellrO
17VeizOh4ohVqY1SwJRz0wpZJ1V/yTpo7vjZHb0VwIN9c13NUbkZiumoBYpOe3as
IerCLTsOslPAEiFCFwwYY4COgiFGnYzDy1YVe0HuziXTjBdHAuUlf0CFrZv0NNML
A4Fw//y/54jbUPxd55lvKWsLMGx6c8hNceYVNAYNZIerk6hbqhLgx4xzuq3Q7M7i
scJlRYhuTTmbpKX3EbBlrkAWIEesgxgxAXHCEKrtFrHc214YkBrarUFzqQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJfTPQvilUbEYNza1I+xOkBEA4GKMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbDlNOUMtS1ZSc1JnM05yVWo3RTZRRVFEZ1lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAOeb4KQ3e5Xoe7XAMYm1lZxMY
p2Yx19QdScbjNV5fTeF9tUTdyHk4E+xsZcYySBfRY5p2a46SkLT/r+1kQSTGzGAj
ucETpwcMcSNHZj1rqFGgdgGU7TcEUI3t4MnsTayN7xTyrUYrR674vcZuZWoiuCCa
EeuIzymtmx9ipBPf+4WUjB9x4v+pigGNuFjgOeAwn8lluTW8ZYoPpSrs/6z5HCcN
q4KuAv/KthHMFFuSAs+b+I62hzVG9YdEZIGVXg0+KFlMmMfeSqAn+k5aCSXpHTl3
BUm11pLiX74NnFkjoBlpCuHHr0eLQbzAkswO72ZF3gdRJii1qrg/7LGGFPuvBg==
-----END CERTIFICATE-----
Generated at Mon Sep 9 07:50:04 2024 by rpki-client on console-fra.rpki-client.org