Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/prkZxVjFHO2rFaiojdhe3lfmVFQ.roa
File: prkZxVjFHO2rFaiojdhe3lfmVFQ.roa (raw, json)
Hash identifier: pFc0VUyFcvyE19eQ/F1S6i4afQzdzekeb4Yr4FqCvAU=
Subject key identifier: A6:B9:19:C5:58:C5:1C:ED:AB:15:A8:A8:8D:D8:5E:DE:57:E6:54:54
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01910E47B01B40527DE9D42A2769FD449908
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/prkZxVjFHO2rFaiojdhe3lfmVFQ.roa
Signing time: Thu 01 Aug 2024 14:11:04 +0000
ROA not before: Thu 01 Aug 2024 14:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 01 Aug 2024 15:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0e:47:b0:1b:40:52:7d:e9:d4:2a:27:69:fd:44:99:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 1 14:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6b919c558c51cedab15a8a88dd85ede57e65454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:94:f1:54:66:87:8d:93:35:e7:1a:1e:b1:80:
27:34:66:aa:11:db:33:8a:f9:09:23:32:f7:3f:b3:
93:dd:44:e7:a3:78:8b:e2:45:81:dc:99:ac:36:d2:
9e:77:fc:ec:5b:87:7e:8a:9e:8a:e2:e4:da:4f:64:
3b:2b:0b:46:63:b8:32:93:42:1b:b4:cd:b9:ac:c8:
3b:e8:e4:28:2f:00:e5:e9:34:37:84:17:0b:3c:0a:
e0:de:94:fb:0b:5e:2b:cf:6c:26:1d:ef:99:01:91:
56:7c:0a:49:9f:2c:1f:6c:88:3b:33:db:6f:1f:ad:
c2:ab:e3:a3:f9:50:1b:84:67:23:9c:00:ba:16:27:
9b:4c:40:dc:ce:8d:2e:46:1c:b5:25:43:6e:99:d7:
f4:75:e9:ea:ba:2f:42:88:05:d0:5d:02:3d:53:64:
c2:c8:52:8c:f2:88:94:ed:28:e1:50:59:ca:90:b0:
10:8a:4d:87:8d:fc:b4:0e:99:cf:ad:df:66:47:db:
df:2f:1b:be:65:aa:bf:d5:99:1f:98:bd:02:4a:f4:
5d:a1:f1:81:e7:38:9b:0d:a0:f3:9c:ee:7c:9a:4b:
64:2f:a5:25:ea:f0:f0:0a:5a:34:37:d5:e3:7a:d9:
3e:71:c8:8b:2b:7c:69:8d:87:42:1f:5e:e3:db:1f:
06:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B9:19:C5:58:C5:1C:ED:AB:15:A8:A8:8D:D8:5E:DE:57:E6:54:54
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/prkZxVjFHO2rFaiojdhe3lfmVFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
67:e5:6e:e1:64:e7:42:8f:c4:36:83:d7:71:84:b6:9d:d6:d3:
5b:64:5b:f8:e7:e6:18:bb:ae:2d:09:5f:76:54:48:c3:d2:3e:
59:67:17:f3:6e:57:06:64:ef:56:cc:8d:88:a0:ba:83:06:31:
c3:ec:80:44:a7:78:89:aa:22:df:7a:07:dc:d2:1d:c6:ff:c4:
bd:ea:1e:e9:b3:50:25:3f:10:7b:dc:67:45:28:04:bd:04:6e:
10:1d:37:b5:a4:4a:98:19:7d:c1:86:78:6c:df:2d:5e:6b:a7:
2f:51:57:4b:3d:ef:2e:b9:47:42:2b:a2:3d:78:c6:16:ed:7d:
e4:42:65:d4:5d:b0:ad:dd:b9:c4:2e:0d:dc:0b:17:c2:e6:fa:
0d:35:bf:28:dc:b0:85:72:3b:a1:ba:fe:1d:df:e6:2a:dc:37:
c6:6f:d7:77:18:3a:8e:fb:3d:91:97:70:3f:2d:02:60:8a:d5:
2f:74:69:10:5b:24:f0:1b:e4:6e:01:65:70:a0:d1:04:34:4a:
76:b4:27:ee:03:67:6a:c0:0d:d1:72:71:1a:a5:88:95:71:74:
bc:5e:54:7c:02:45:87:94:c1:77:2d:6c:47:a2:ce:de:3a:35:
b0:e7:ee:63:dc:a8:e7:d1:bd:00:d7:5b:61:cb:31:6d:d0:aa:
61:31:75:c8
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEOR7AbQFJ96dQqJ2n9RJkIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODAxMTQxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmI5MTljNTU4YzUxY2VkYWIxNWE4YTg4ZGQ4NWVkZTU3ZTY1NDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ZTxVGaHjZM15xoesYAnNGaqEdsz
ivkJIzL3P7OT3UTno3iL4kWB3JmsNtKed/zsW4d+ip6K4uTaT2Q7KwtGY7gyk0Ib
tM25rMg76OQoLwDl6TQ3hBcLPArg3pT7C14rz2wmHe+ZAZFWfApJnywfbIg7M9tv
H63Cq+Oj+VAbhGcjnAC6FiebTEDczo0uRhy1JUNumdf0denqui9CiAXQXQI9U2TC
yFKM8oiU7SjhUFnKkLAQik2Hjfy0DpnPrd9mR9vfLxu+Zaq/1ZkfmL0CSvRdofGB
5zibDaDznO58mktkL6Ul6vDwClo0N9Xjetk+cciLK3xpjYdCH17j2x8GDQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKa5GcVYxRztqxWoqI3YXt5X5lRUMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcHJrWnhWakZITzJyRmFpb2pkaGUzbGZtVkZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAZ+Vu4WTnQo/ENoPXcYS2ndbT
W2Rb+OfmGLuuLQlfdlRIw9I+WWcX825XBmTvVsyNiKC6gwYxw+yARKd4iaoi33oH
3NIdxv/Eveoe6bNQJT8Qe9xnRSgEvQRuEB03taRKmBl9wYZ4bN8tXmunL1FXSz3v
LrlHQiuiPXjGFu195EJl1F2wrd25xC4N3AsXwub6DTW/KNywhXI7obr+Hd/mKtw3
xm/Xdxg6jvs9kZdwPy0CYIrVL3RpEFsk8BvkbgFlcKDRBDRKdrQn7gNnasAN0XJx
GqWIlXF0vF5UfAJFh5TBdy1sR6LO3jo1sOfuY9yo59G9ANdbYcsxbdCqYTF1yA==
-----END CERTIFICATE-----
Generated at Thu Aug 1 17:54:14 2024 by rpki-client on console-fra.rpki-client.org