Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/n7QT-gv2qxlky7OTsSYyYGNuSHw.roa
File: n7QT-gv2qxlky7OTsSYyYGNuSHw.roa (raw, json)
Hash identifier: P7AJOGfbeUBaojnzDhqNEPbpqTUl+caJeiPrAmS+iqw=
Subject key identifier: 9F:B4:13:FA:0B:F6:AB:19:64:CB:B3:93:B1:26:32:60:63:6E:48:7C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191A220E4D30B60A93308E353D295B00DF1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/n7QT-gv2qxlky7OTsSYyYGNuSHw.roa
Signing time: Fri 30 Aug 2024 07:12:30 +0000
ROA not before: Fri 30 Aug 2024 07:12:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 30 Aug 2024 08:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a2:20:e4:d3:0b:60:a9:33:08:e3:53:d2:95:b0:0d:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 30 07:12:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fb413fa0bf6ab1964cbb393b1263260636e487c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:48:83:a7:24:d9:7d:0a:51:7d:03:f5:11:76:
5c:2e:86:e2:dc:a1:c5:92:93:2e:b9:5d:22:51:64:
3e:e2:ba:b8:59:09:47:94:2e:06:b8:66:c6:05:31:
c2:48:2c:92:76:45:bf:44:05:52:b9:20:3b:8e:28:
f3:7c:b8:7b:38:39:50:60:66:4f:60:2e:53:76:f4:
e5:a0:a7:a8:bb:77:93:8f:5b:10:ec:95:aa:65:29:
34:b8:46:19:e6:5e:2a:3e:ee:4c:f4:82:ab:a5:3f:
8d:2c:51:00:24:31:b5:bb:7f:47:53:3f:b6:77:30:
76:37:36:b0:fb:97:71:05:85:73:22:8c:31:20:d7:
97:6c:ba:2c:95:7b:76:19:33:54:6c:7a:d2:a3:76:
df:e9:90:71:3c:22:83:a4:0a:b3:72:93:6f:b9:fd:
ff:fe:a4:82:36:6b:b7:27:b1:40:42:7e:b7:d8:c9:
e5:8a:10:a9:d6:8c:a4:4b:ca:2f:bb:38:21:6c:b8:
d9:10:3c:a4:b9:de:64:6e:aa:52:7a:0f:b9:75:2d:
e8:6e:a7:1d:f7:0d:c8:f5:f5:0d:c1:44:d3:fe:fc:
b7:e1:70:f2:81:c5:04:6d:de:50:57:4d:68:c1:46:
91:c7:2a:c4:7d:b0:29:13:f8:14:91:d1:83:9f:8a:
28:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:B4:13:FA:0B:F6:AB:19:64:CB:B3:93:B1:26:32:60:63:6E:48:7C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/n7QT-gv2qxlky7OTsSYyYGNuSHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
2f:b4:da:c8:50:f6:28:77:c7:d1:84:04:8b:46:28:33:e0:f6:
71:8c:f0:98:58:6a:be:9a:c7:e2:36:24:73:51:21:22:af:e2:
b2:88:3a:ad:a1:0e:cd:3b:6e:bb:0b:96:90:c8:61:26:36:b6:
bf:97:c8:30:16:93:31:fe:6b:f5:2e:ec:55:2c:31:88:fc:b0:
48:16:cb:20:9c:5a:a2:9e:50:df:a7:80:14:8f:32:f0:00:08:
46:c5:9b:8c:d8:d8:02:78:4e:69:b3:41:62:29:23:ba:9c:28:
8a:38:0a:7c:03:d1:e4:c2:73:c1:17:f6:3b:e2:08:23:9c:ca:
69:47:a7:e9:a4:5d:a3:d9:9d:84:34:95:94:73:09:ac:9f:29:
97:07:07:ee:0f:29:3e:76:18:a9:d8:7c:5f:4c:5e:15:80:d3:
12:86:3d:bc:81:5a:70:9b:6f:49:fa:09:fb:d9:30:99:8a:9c:
da:e8:a0:75:16:4d:da:ca:81:4c:4d:8e:52:ad:5f:2b:df:04:
6a:78:b2:eb:92:0d:43:78:8d:f9:69:89:ba:bb:8d:2d:35:a4:
8a:c8:ac:37:97:10:15:37:68:07:cd:ec:7e:e1:0b:76:ad:65:
33:c9:a4:33:48:22:b6:b5:36:e1:77:f3:d7:7d:e3:c9:97:f5:
5d:23:ba:e6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGiIOTTC2CpMwjjU9KVsA3xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODMwMDcxMjMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmI0MTNmYTBiZjZhYjE5NjRjYmIzOTNiMTI2MzI2MDYzNmU0ODdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokiDpyTZfQpRfQP1EXZcLobi3KHF
kpMuuV0iUWQ+4rq4WQlHlC4GuGbGBTHCSCySdkW/RAVSuSA7jijzfLh7ODlQYGZP
YC5TdvTloKeou3eTj1sQ7JWqZSk0uEYZ5l4qPu5M9IKrpT+NLFEAJDG1u39HUz+2
dzB2Nzaw+5dxBYVzIowxINeXbLoslXt2GTNUbHrSo3bf6ZBxPCKDpAqzcpNvuf3/
/qSCNmu3J7FAQn632MnlihCp1oykS8ovuzghbLjZEDykud5kbqpSeg+5dS3obqcd
9w3I9fUNwUTT/vy34XDygcUEbd5QV01owUaRxyrEfbApE/gUkdGDn4oo0wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJ+0E/oL9qsZZMuzk7EmMmBjbkh8MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbjdRVC1ndjJxeGxreTdPVHNTWXlZR051U0h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAL7TayFD2KHfH0YQEi0YoM+D2
cYzwmFhqvprH4jYkc1EhIq/isog6raEOzTtuuwuWkMhhJja2v5fIMBaTMf5r9S7s
VSwxiPywSBbLIJxaop5Q36eAFI8y8AAIRsWbjNjYAnhOabNBYikjupwoijgKfAPR
5MJzwRf2O+III5zKaUen6aRdo9mdhDSVlHMJrJ8plwcH7g8pPnYYqdh8X0xeFYDT
EoY9vIFacJtvSfoJ+9kwmYqc2uigdRZN2sqBTE2OUq1fK98Eaniy65INQ3iN+WmJ
uruNLTWkisisN5cQFTdoB83sfuELdq1lM8mkM0gitrU24Xfz133jyZf1XSO65g==
-----END CERTIFICATE-----
Generated at Fri Aug 30 11:05:22 2024 by rpki-client on console-ams.rpki-client.org