Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/pYQ0AqiY5gYskdvLQYYBGJzWT9M.roa
File: pYQ0AqiY5gYskdvLQYYBGJzWT9M.roa (raw, json)
Hash identifier: 6Qgwy75GMamwg7hmTjN1uU7OOvNzxusc5gFdFy2W9Sk=
Subject key identifier: A5:84:34:02:A8:98:E6:06:2C:91:DB:CB:41:86:01:18:9C:D6:4F:D3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01917DDD542924B86A4A58D08F02E2457B4F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/pYQ0AqiY5gYskdvLQYYBGJzWT9M.roa
Signing time: Fri 23 Aug 2024 06:12:22 +0000
ROA not before: Fri 23 Aug 2024 06:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 23 Aug 2024 07:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7d:dd:54:29:24:b8:6a:4a:58:d0:8f:02:e2:45:7b:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 23 06:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5843402a898e6062c91dbcb418601189cd64fd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e3:5d:35:01:26:56:b9:44:1a:b7:b9:3e:13:
97:7a:48:b4:f2:e0:7e:50:d1:ec:a6:14:bd:f2:dd:
6d:49:c5:ea:2b:15:a3:75:20:80:c2:d7:c5:83:47:
8e:4a:4d:54:58:bb:59:c0:0e:69:ef:6a:ed:23:12:
ab:cd:7e:9b:33:77:9c:04:18:b1:b1:6e:4f:e6:a9:
69:d2:fc:70:3d:60:7c:fc:7e:9e:7b:f6:34:8f:34:
99:02:2f:a9:96:5f:f6:78:10:bd:8d:ba:ba:86:c4:
f5:25:fc:28:ef:d0:c6:1d:6c:bd:40:ac:1b:56:6d:
00:83:d5:fd:aa:e5:4a:6b:e8:71:65:8a:15:b4:bc:
f1:8b:e3:87:2f:63:ea:94:5b:bc:bb:91:87:af:89:
a0:0a:17:53:d0:33:c2:c6:f7:85:64:00:d7:0f:51:
1d:29:84:0e:9a:c1:7e:9b:30:12:fa:d0:2f:81:8c:
f0:ab:a7:7d:c3:ea:b7:46:ff:be:d3:6f:5d:51:51:
1b:90:eb:ff:d9:59:d9:b9:cd:79:4e:c6:8a:cd:37:
e3:ed:93:e2:05:72:c7:ee:5f:01:b2:5f:79:ee:67:
12:0e:1e:8c:d9:bb:b0:09:9e:9a:94:1c:2d:2a:4e:
c9:54:75:57:8e:0a:73:3a:28:bd:93:ba:41:86:ed:
23:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:84:34:02:A8:98:E6:06:2C:91:DB:CB:41:86:01:18:9C:D6:4F:D3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/pYQ0AqiY5gYskdvLQYYBGJzWT9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
11:8e:2c:80:3d:bf:4d:f2:a0:0a:90:67:4a:31:18:7e:7e:39:
54:ef:57:63:ab:07:c3:10:fb:fe:f8:74:a1:ec:8a:f0:e7:53:
e3:2b:5f:bc:1b:3a:18:f4:2e:1d:ec:57:6a:88:f9:35:10:6d:
d1:f3:a2:23:1f:dd:bf:89:21:bd:c0:eb:0a:ca:5c:12:8c:04:
ad:44:b7:b6:8f:55:e0:a3:4f:35:0b:8e:9f:df:fa:c0:41:4b:
28:ef:fa:14:11:05:4d:c6:dc:6f:f1:07:0c:c6:6b:cb:cb:48:
61:b6:bd:40:5f:d5:57:f9:f7:f4:f7:48:8c:07:f3:49:5c:d5:
82:71:bb:bf:69:73:ed:da:b0:4b:74:b1:13:25:0f:fe:59:28:
b1:9a:fb:f2:d4:dc:51:67:38:be:8b:c9:3e:e7:1b:da:eb:e8:
0a:c3:ab:97:a6:4e:4d:6c:57:d8:b9:29:55:13:19:b8:3b:75:
c8:9b:ae:bf:98:08:14:32:cb:f0:a2:54:20:c8:69:5a:3d:c4:
3c:27:b7:4a:1c:7e:cb:13:b8:c7:97:78:c7:dd:e4:ff:99:49:
39:00:97:c6:a3:ca:d0:dc:67:26:25:b0:6c:18:6f:02:9d:cd:
91:b6:a1:1f:62:f7:8a:05:f9:3c:49:52:38:57:8b:c7:06:22:
2c:4d:d6:b9
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZF93VQpJLhqSljQjwLiRXtPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODIzMDYxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTg0MzQwMmE4OThlNjA2MmM5MWRiY2I0MTg2MDExODljZDY0ZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+NdNQEmVrlEGre5PhOXeki08uB+
UNHsphS98t1tScXqKxWjdSCAwtfFg0eOSk1UWLtZwA5p72rtIxKrzX6bM3ecBBix
sW5P5qlp0vxwPWB8/H6ee/Y0jzSZAi+pll/2eBC9jbq6hsT1Jfwo79DGHWy9QKwb
Vm0Ag9X9quVKa+hxZYoVtLzxi+OHL2PqlFu8u5GHr4mgChdT0DPCxveFZADXD1Ed
KYQOmsF+mzAS+tAvgYzwq6d9w+q3Rv++029dUVEbkOv/2VnZuc15TsaKzTfj7ZPi
BXLH7l8Bsl957mcSDh6M2buwCZ6alBwtKk7JVHVXjgpzOii9k7pBhu0jLwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKWENAKomOYGLJHby0GGARic1k/TMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcFlRMEFxaVk1Z1lza2R2TFFZWUJHSnpXVDlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAEY4sgD2/TfKgCpBnSjEYfn45
VO9XY6sHwxD7/vh0oeyK8OdT4ytfvBs6GPQuHexXaoj5NRBt0fOiIx/dv4khvcDr
CspcEowErUS3to9V4KNPNQuOn9/6wEFLKO/6FBEFTcbcb/EHDMZry8tIYba9QF/V
V/n39PdIjAfzSVzVgnG7v2lz7dqwS3SxEyUP/lkosZr78tTcUWc4vovJPucb2uvo
CsOrl6ZOTWxX2LkpVRMZuDt1yJuuv5gIFDLL8KJUIMhpWj3EPCe3Shx+yxO4x5d4
x93k/5lJOQCXxqPK0NxnJiWwbBhvAp3NkbahH2L3igX5PElSOFeLxwYiLE3WuQ==
-----END CERTIFICATE-----
Generated at Fri Aug 23 09:30:53 2024 by rpki-client on console-fra.rpki-client.org