Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/n9rhSVOrWjly__Bq92NE1D9awq8.roa
File: n9rhSVOrWjly__Bq92NE1D9awq8.roa (raw, json)
Hash identifier: Y3gAgrodfAcOJ3WBcf7RhSC9VnI+913Uq84FBAIZT4Y=
Subject key identifier: 9F:DA:E1:49:53:AB:5A:39:72:FF:F0:6A:F7:63:44:D4:3F:5A:C2:AF
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191136EF792C83E3A12F54C4A3EA7C3EE2F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/n9rhSVOrWjly__Bq92NE1D9awq8.roa
Signing time: Fri 02 Aug 2024 14:12:04 +0000
ROA not before: Fri 02 Aug 2024 14:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 02 Aug 2024 15:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:13:6e:f7:92:c8:3e:3a:12:f5:4c:4a:3e:a7:c3:ee:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 2 14:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fdae14953ab5a3972fff06af76344d43f5ac2af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:4e:c6:88:f0:80:8a:e6:8c:e5:78:d3:e4:a5:
ae:f9:a0:64:38:dc:bc:50:02:29:a7:1b:af:9c:fe:
d4:cf:24:45:4c:ae:b7:5e:fd:28:f0:3a:8a:0a:b2:
4b:8e:d7:68:9c:9b:29:5c:da:3f:48:ee:de:75:81:
86:bd:d4:75:74:6b:77:4d:56:0d:89:99:81:b8:15:
a3:7f:58:a1:b9:bd:6a:98:b9:c5:b4:9d:49:90:6f:
98:5e:d5:38:af:f8:15:dd:ad:90:4f:bc:75:f2:e9:
34:ea:04:71:cc:8a:f0:c9:e3:1b:12:ba:10:a0:ae:
ee:76:9f:2d:bc:02:11:11:9d:2d:8d:4d:64:2c:20:
6d:59:c1:fa:59:a4:41:83:d0:fb:47:83:ba:3d:51:
cc:36:81:2d:30:8d:b6:30:2d:61:16:db:7e:f6:1c:
d1:20:30:5a:ba:97:c3:42:d6:67:6c:fe:98:c4:5d:
3b:93:85:06:12:2e:40:fd:2a:b8:e5:68:a9:d8:8d:
bc:0c:35:51:05:80:98:ea:b3:23:62:14:71:b9:56:
66:f2:6b:65:74:99:dd:ee:d2:46:51:9b:66:53:fb:
4b:14:7c:14:70:47:a7:6a:e2:0c:3c:9d:e1:97:f4:
bf:bd:da:76:dd:89:d9:c5:34:af:7c:9a:89:61:e7:
6c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:DA:E1:49:53:AB:5A:39:72:FF:F0:6A:F7:63:44:D4:3F:5A:C2:AF
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/n9rhSVOrWjly__Bq92NE1D9awq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
6d:1a:4f:f0:4b:1c:cc:de:bb:6a:7d:c4:e5:fb:fc:38:f1:13:
11:89:85:88:8b:1f:72:4d:9f:af:ff:bc:af:2c:47:6b:ca:e2:
94:27:33:ce:db:26:40:b6:4f:24:56:f9:7a:f5:7f:49:1f:8d:
a1:8c:48:6f:f1:28:3b:d9:10:de:f0:16:3c:da:4b:39:4b:ef:
af:05:8c:3b:4d:0d:5e:05:87:4a:f2:2a:55:28:64:8e:bc:9f:
a4:1c:75:e9:e7:cc:1e:21:51:1d:a5:c3:a3:a2:5c:8f:97:73:
04:99:cb:bb:fe:4b:92:78:d5:88:02:05:c1:7e:98:8d:69:43:
f5:d9:13:d6:ad:a4:7d:bc:fa:3e:ca:53:b6:ef:22:42:1b:24:
9c:5b:a7:5c:05:9b:56:15:b6:be:c0:f3:66:ff:f6:7c:0d:2f:
d7:66:41:92:ac:e8:5d:01:1d:5d:2b:1b:85:c8:b3:57:70:ef:
86:ae:d3:66:44:ff:d5:7c:cb:cd:18:95:dc:09:d7:95:cf:d8:
5e:19:31:a6:71:1f:0d:e2:dc:01:85:9f:9b:d5:0b:7f:13:36:
21:92:fa:22:ba:6a:8d:19:28:9a:f9:f6:fd:8d:f4:41:48:65:
5c:73:f2:4b:6a:85:21:09:b6:4c:41:52:67:f1:f3:fa:f2:0c:
f9:a9:e6:99
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZETbveSyD46EvVMSj6nw+4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODAyMTQxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmRhZTE0OTUzYWI1YTM5NzJmZmYwNmFmNzYzNDRkNDNmNWFjMmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA307GiPCAiuaM5XjT5KWu+aBkONy8
UAIppxuvnP7UzyRFTK63Xv0o8DqKCrJLjtdonJspXNo/SO7edYGGvdR1dGt3TVYN
iZmBuBWjf1ihub1qmLnFtJ1JkG+YXtU4r/gV3a2QT7x18uk06gRxzIrwyeMbEroQ
oK7udp8tvAIREZ0tjU1kLCBtWcH6WaRBg9D7R4O6PVHMNoEtMI22MC1hFtt+9hzR
IDBaupfDQtZnbP6YxF07k4UGEi5A/Sq45Wip2I28DDVRBYCY6rMjYhRxuVZm8mtl
dJnd7tJGUZtmU/tLFHwUcEenauIMPJ3hl/S/vdp23YnZxTSvfJqJYeds3wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJ/a4UlTq1o5cv/wavdjRNQ/WsKvMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbjlyaFNWT3JXamx5X19CcTkyTkUxRDlhd3E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAbRpP8EsczN67an3E5fv8OPET
EYmFiIsfck2fr/+8ryxHa8rilCczztsmQLZPJFb5evV/SR+NoYxIb/EoO9kQ3vAW
PNpLOUvvrwWMO00NXgWHSvIqVShkjryfpBx16efMHiFRHaXDo6Jcj5dzBJnLu/5L
knjViAIFwX6YjWlD9dkT1q2kfbz6PspTtu8iQhsknFunXAWbVhW2vsDzZv/2fA0v
12ZBkqzoXQEdXSsbhcizV3Dvhq7TZkT/1XzLzRiV3AnXlc/YXhkxpnEfDeLcAYWf
m9ULfxM2IZL6IrpqjRkomvn2/Y30QUhlXHPyS2qFIQm2TEFSZ/Hz+vIM+anmmQ==
-----END CERTIFICATE-----
Generated at Fri Aug 2 17:58:38 2024 by rpki-client on console-fra.rpki-client.org