Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ocmzYquaTLXb5yY8AeTGJRPMDo4.roa
File: ocmzYquaTLXb5yY8AeTGJRPMDo4.roa (raw, json)
Hash identifier: arnNlSF2s+cdY9el+XV+j2rTHXtNi0J+6sEbNC8at68=
Subject key identifier: A1:C9:B3:62:AB:9A:4C:B5:DB:E7:26:3C:01:E4:C6:25:13:CC:0E:8E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01911CE0DE1260A6989C722C6DBFAB541325
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ocmzYquaTLXb5yY8AeTGJRPMDo4.roa
Signing time: Sun 04 Aug 2024 10:13:04 +0000
ROA not before: Sun 04 Aug 2024 10:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 04 Aug 2024 11:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1c:e0:de:12:60:a6:98:9c:72:2c:6d:bf:ab:54:13:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 4 10:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1c9b362ab9a4cb5dbe7263c01e4c62513cc0e8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d1:a6:2c:a4:8b:13:21:d8:35:b1:a0:21:9e:
cb:ef:ba:ab:4f:03:e0:a7:07:80:15:fe:dd:e7:29:
d2:d7:1a:32:61:f6:89:7e:cd:91:38:dc:dd:61:fe:
25:0b:41:d5:c1:73:a8:b3:49:14:c2:72:2b:8d:6f:
07:46:3b:90:7f:67:79:c8:b7:92:09:6b:57:fe:4f:
03:bc:a5:66:24:6a:67:00:77:8f:44:62:3b:87:4f:
98:7b:70:48:8a:74:41:3c:c1:41:74:2b:49:40:f7:
c8:36:77:5c:e5:47:c6:8b:36:02:70:02:88:3b:fc:
82:7a:bd:aa:5e:f5:d3:c5:a2:43:1c:e8:2c:5a:bb:
c0:91:2d:f1:c3:50:1d:24:4c:de:ad:48:50:8e:a3:
7f:35:5b:82:04:83:29:bc:b4:b2:7a:ad:ad:30:7e:
ad:e4:fc:9c:6c:39:fb:51:de:07:50:9d:83:cf:13:
da:8b:1c:68:0c:ab:b9:ea:6d:e7:58:23:22:53:e0:
e5:84:5d:4d:df:c5:48:d0:3f:1b:fb:ff:67:3f:ff:
78:f8:ef:90:4d:76:e0:6f:6f:6f:bd:55:f3:b9:87:
41:56:aa:a7:b2:03:7e:62:52:1e:2b:ab:0b:9e:d2:
67:30:a8:05:a6:c2:8a:9f:f4:f4:57:57:da:7d:98:
8b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C9:B3:62:AB:9A:4C:B5:DB:E7:26:3C:01:E4:C6:25:13:CC:0E:8E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ocmzYquaTLXb5yY8AeTGJRPMDo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
1e:2e:9e:f3:50:0b:44:7f:30:40:7a:14:a0:22:da:9e:c1:5a:
74:28:95:c5:d1:52:59:fa:cc:49:67:15:4c:e3:a9:fd:4a:54:
52:fa:52:f8:5e:af:d7:7c:ec:5d:23:7e:29:d7:4e:6b:70:e8:
23:25:5e:ec:33:96:a8:16:41:1c:07:ec:51:14:4b:9f:e0:a7:
fb:80:29:e1:c4:fe:3e:dd:94:36:a2:f7:97:16:f5:fe:b9:23:
e0:9a:6e:aa:b3:92:f3:19:7e:7d:c5:50:11:94:36:73:9a:76:
b2:02:ab:50:8d:3a:bf:bc:72:8c:24:94:4e:67:47:5a:67:69:
c4:49:c6:d7:9c:94:34:59:00:6c:a0:5a:b1:1e:e0:4f:33:1f:
8c:50:b7:b4:20:39:fb:31:9d:2e:6d:ee:7f:a2:2a:0e:ab:88:
23:df:76:74:70:10:7a:aa:9a:c1:d6:2a:67:9d:a6:b1:d8:71:
e1:67:7d:22:43:47:8b:cb:10:7c:38:9f:0e:1d:eb:5d:e2:1f:
b0:ed:e7:25:0c:ff:3b:38:19:f3:d1:90:d7:7a:e6:97:d2:ed:
53:3f:14:be:3f:6c:51:e3:2f:05:32:21:39:2d:52:f9:19:90:
07:91:b4:20:ce:72:e0:73:ac:9a:21:0d:66:5d:1a:4f:98:3f:
ab:c4:01:88
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEc4N4SYKaYnHIsbb+rVBMlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA0MTAxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWM5YjM2MmFiOWE0Y2I1ZGJlNzI2M2MwMWU0YzYyNTEzY2MwZThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NGmLKSLEyHYNbGgIZ7L77qrTwPg
pweAFf7d5ynS1xoyYfaJfs2RONzdYf4lC0HVwXOos0kUwnIrjW8HRjuQf2d5yLeS
CWtX/k8DvKVmJGpnAHePRGI7h0+Ye3BIinRBPMFBdCtJQPfINndc5UfGizYCcAKI
O/yCer2qXvXTxaJDHOgsWrvAkS3xw1AdJEzerUhQjqN/NVuCBIMpvLSyeq2tMH6t
5PycbDn7Ud4HUJ2DzxPaixxoDKu56m3nWCMiU+DlhF1N38VI0D8b+/9nP/94+O+Q
TXbgb29vvVXzuYdBVqqnsgN+YlIeK6sLntJnMKgFpsKKn/T0V1fafZiLrwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKHJs2Krmky12+cmPAHkxiUTzA6OMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvb2NtellxdWFUTFhiNXlZOEFlVEdKUlBNRG80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAHi6e81ALRH8wQHoUoCLansFa
dCiVxdFSWfrMSWcVTOOp/UpUUvpS+F6v13zsXSN+KddOa3DoIyVe7DOWqBZBHAfs
URRLn+Cn+4Ap4cT+Pt2UNqL3lxb1/rkj4JpuqrOS8xl+fcVQEZQ2c5p2sgKrUI06
v7xyjCSUTmdHWmdpxEnG15yUNFkAbKBasR7gTzMfjFC3tCA5+zGdLm3uf6IqDquI
I992dHAQeqqawdYqZ52msdhx4Wd9IkNHi8sQfDifDh3rXeIfsO3nJQz/OzgZ89GQ
13rml9LtUz8Uvj9sUeMvBTIhOS1S+RmQB5G0IM5y4HOsmiENZl0aT5g/q8QBiA==
-----END CERTIFICATE-----
Generated at Sun Aug 4 14:00:38 2024 by rpki-client on console-ams.rpki-client.org