Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oaOlhMDe4O5bA3A2bjDHGnlq5FY.roa
File: oaOlhMDe4O5bA3A2bjDHGnlq5FY.roa (raw, json)
Hash identifier: L5XDSDgOEBVOcsuOtSmhp3hXUtWilRYQTqZ9GhYaSBw=
Subject key identifier: A1:A3:A5:84:C0:DE:E0:EE:5B:03:70:36:6E:30:C7:1A:79:6A:E4:56
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019165D4FBCC44A2BD75A90BF60A7756E4A7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oaOlhMDe4O5bA3A2bjDHGnlq5FY.roa
Signing time: Sun 18 Aug 2024 14:12:22 +0000
ROA not before: Sun 18 Aug 2024 14:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 18 Aug 2024 15:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:65:d4:fb:cc:44:a2:bd:75:a9:0b:f6:0a:77:56:e4:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 18 14:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1a3a584c0dee0ee5b0370366e30c71a796ae456
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:93:b0:35:f9:b7:90:15:c4:76:43:5f:01:40:
b9:77:c5:67:a1:a7:a2:5b:bd:0f:3a:d4:41:79:67:
4a:32:f0:07:4f:cc:56:00:26:a5:1d:c7:d3:e9:ba:
3e:cb:44:db:23:04:16:98:34:8b:35:0c:ec:af:51:
2c:39:a9:26:70:a3:f0:26:7c:75:7d:49:3b:0f:97:
a5:3f:48:6a:17:22:6d:d6:f5:2d:fa:d0:d9:62:79:
a9:43:3c:18:ab:18:60:56:86:ff:53:06:7d:88:25:
97:96:62:3d:7e:c7:13:20:34:dd:86:b5:8b:14:18:
e8:cf:60:40:25:cf:0e:6c:86:94:76:65:81:d5:a1:
2c:62:54:a6:04:a4:72:78:b0:56:38:de:d4:ee:d8:
b3:1a:51:0c:26:86:ba:36:3a:18:65:b9:16:92:8f:
ce:08:d2:f5:25:56:fc:ea:54:24:7d:59:5f:04:15:
68:a0:c6:ff:17:71:58:5a:a0:20:26:a8:f7:37:53:
27:dd:5d:71:e8:8d:73:3d:0f:c7:34:56:6b:9c:cf:
9f:08:3e:ba:90:44:c3:c6:3e:14:d3:fe:36:88:c1:
73:79:2d:ee:ec:33:77:08:3b:0a:38:b4:3f:9f:5b:
6f:f1:03:74:7a:63:ea:09:30:cd:90:17:1c:35:57:
7c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A3:A5:84:C0:DE:E0:EE:5B:03:70:36:6E:30:C7:1A:79:6A:E4:56
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oaOlhMDe4O5bA3A2bjDHGnlq5FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
83:83:5c:3f:14:24:f4:ab:77:c2:60:c1:f3:a8:4c:bb:2d:e3:
c9:fe:5f:d8:39:3a:17:94:0b:e2:c0:68:2f:9b:97:54:0d:d1:
d0:4c:02:b7:d9:fb:c7:87:68:25:54:63:db:d6:c6:af:f1:7f:
b6:db:5e:cc:f5:34:e3:fd:33:0e:06:fd:b6:c0:6d:c0:14:46:
ca:bf:7c:46:1b:00:35:be:1a:c7:70:1f:11:4f:b8:c0:46:01:
85:86:ab:a1:1c:63:71:0c:ea:b0:e9:1a:4c:ab:67:75:0e:36:
08:ac:3c:d7:fc:d8:8a:3e:24:f9:35:f4:9c:6a:08:b6:af:71:
c3:1b:ff:74:ae:33:7f:db:31:e1:4f:31:27:e4:fa:b0:69:2f:
dc:d8:56:e6:40:e2:aa:46:6e:cb:6e:0d:7a:14:84:36:13:13:
b3:b9:2d:e0:8b:80:d8:3e:46:94:58:ca:4a:60:aa:c7:10:e9:
61:ca:ee:a5:99:20:81:f6:a7:34:3c:bd:cf:c1:bc:69:16:69:
c8:b7:b7:33:84:c5:86:04:9e:c7:bc:11:e0:3f:6e:68:fa:dd:
71:5c:ec:63:58:25:c4:70:cd:7f:18:10:20:c3:1a:5a:e4:fa:
c5:cc:f4:7e:58:1b:55:3b:01:e5:dd:67:c7:84:98:33:ad:37:
5b:b3:77:61
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFl1PvMRKK9dakL9gp3VuSnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODE4MTQxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWEzYTU4NGMwZGVlMGVlNWIwMzcwMzY2ZTMwYzcxYTc5NmFlNDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJOwNfm3kBXEdkNfAUC5d8Vnoaei
W70POtRBeWdKMvAHT8xWACalHcfT6bo+y0TbIwQWmDSLNQzsr1EsOakmcKPwJnx1
fUk7D5elP0hqFyJt1vUt+tDZYnmpQzwYqxhgVob/UwZ9iCWXlmI9fscTIDTdhrWL
FBjoz2BAJc8ObIaUdmWB1aEsYlSmBKRyeLBWON7U7tizGlEMJoa6NjoYZbkWko/O
CNL1JVb86lQkfVlfBBVooMb/F3FYWqAgJqj3N1Mn3V1x6I1zPQ/HNFZrnM+fCD66
kETDxj4U0/42iMFzeS3u7DN3CDsKOLQ/n1tv8QN0emPqCTDNkBccNVd88QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKGjpYTA3uDuWwNwNm4wxxp5auRWMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvb2FPbGhNRGU0TzViQTNBMmJqREhHbmxxNUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAg4NcPxQk9Kt3wmDB86hMuy3j
yf5f2Dk6F5QL4sBoL5uXVA3R0EwCt9n7x4doJVRj29bGr/F/tttezPU04/0zDgb9
tsBtwBRGyr98RhsANb4ax3AfEU+4wEYBhYaroRxjcQzqsOkaTKtndQ42CKw81/zY
ij4k+TX0nGoItq9xwxv/dK4zf9sx4U8xJ+T6sGkv3NhW5kDiqkZuy24NehSENhMT
s7kt4IuA2D5GlFjKSmCqxxDpYcrupZkggfanNDy9z8G8aRZpyLe3M4TFhgSex7wR
4D9uaPrdcVzsY1glxHDNfxgQIMMaWuT6xcz0flgbVTsB5d1nx4SYM603W7N3YQ==
-----END CERTIFICATE-----
Generated at Sun Aug 18 18:53:34 2024 by rpki-client on console-fra.rpki-client.org