Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/qQmiLEDKXlIYDALoxBiZXgJPaV4.roa
File: qQmiLEDKXlIYDALoxBiZXgJPaV4.roa (raw, json)
Hash identifier: LvGnpTbeAqTznDRKaZiLUizn6PXGDYBvdccFkFyVSiI=
Subject key identifier: A9:09:A2:2C:40:CA:5E:52:18:0C:02:E8:C4:18:99:5E:02:4F:69:5E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191905173066DE94CA7381AA997DF061F0B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/qQmiLEDKXlIYDALoxBiZXgJPaV4.roa
Signing time: Mon 26 Aug 2024 20:12:22 +0000
ROA not before: Mon 26 Aug 2024 20:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 26 Aug 2024 21:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:90:51:73:06:6d:e9:4c:a7:38:1a:a9:97:df:06:1f:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 26 20:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a909a22c40ca5e52180c02e8c418995e024f695e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:47:d2:3b:de:53:0d:d9:7b:ef:c9:f1:1e:ac:
15:af:b6:ef:bf:84:e3:0b:54:cf:cf:1a:ca:42:ec:
3d:47:ad:43:fd:bf:19:f5:75:24:c1:fe:e3:34:94:
ad:30:4a:4c:a3:ce:e7:1d:e4:11:24:f7:f7:ba:96:
74:f5:aa:6d:e8:fa:88:b4:da:d4:09:4f:41:b4:b5:
0b:e1:63:ab:42:98:67:a3:ae:3c:ac:21:f9:06:b3:
99:43:34:84:03:24:3f:34:07:61:07:53:59:3f:b3:
a5:f6:48:67:87:83:66:8e:aa:0d:72:95:73:a6:91:
39:f9:da:37:2c:8c:e6:b0:92:80:94:fd:b0:c7:83:
2f:a1:50:dd:a1:0a:80:87:7f:06:88:7c:ca:00:98:
78:73:a8:27:34:2a:0b:13:31:8e:a5:26:af:3b:03:
07:7f:05:d4:23:f9:b3:4f:d3:d8:71:89:12:a8:26:
54:51:3b:a3:d3:14:73:46:0a:1c:b1:9d:42:d2:6e:
c4:8e:74:53:41:d0:b4:0c:5e:ec:0b:5b:b4:ae:a5:
f9:cd:b0:cf:ea:15:62:71:a5:14:8d:41:ff:51:8a:
28:4c:6e:06:3a:12:06:f1:ea:2a:32:b6:a6:a1:2e:
d7:9c:e1:27:f7:60:83:14:e0:a9:66:ae:43:20:18:
f4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:09:A2:2C:40:CA:5E:52:18:0C:02:E8:C4:18:99:5E:02:4F:69:5E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/qQmiLEDKXlIYDALoxBiZXgJPaV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
92:1f:c8:0f:de:fb:4a:e2:61:f9:be:ba:14:bd:09:c7:c5:d1:
34:2e:ec:4f:d5:19:b0:bd:d7:44:28:6e:b3:06:3d:67:05:dc:
5b:b4:40:85:d9:85:d0:28:29:dd:c9:1a:4e:6b:a6:cb:68:b4:
52:24:44:f7:98:d2:dc:76:69:04:08:0e:f6:34:e6:cb:72:c9:
c3:b9:34:78:22:7c:85:59:31:bb:a3:33:74:cd:a5:42:74:f6:
00:8b:7b:e7:8a:82:c0:af:72:70:d9:ad:57:d1:f5:d0:46:1f:
fe:83:27:c6:a5:25:a9:c2:23:e5:a2:07:57:11:6a:2a:39:27:
96:31:28:2b:84:27:f9:5c:ef:bf:b2:6f:0f:49:ef:80:7e:2d:
3f:83:6a:d8:10:36:a0:77:80:1b:1b:a6:bb:6a:e3:92:9e:a4:
ed:ff:b4:8d:ec:33:ac:18:ab:96:04:44:e5:fa:5b:99:30:1b:
f1:46:ed:f1:af:04:fc:d9:96:7a:d6:3a:02:23:13:0e:39:fd:
3a:91:32:a8:5b:07:64:c6:31:ef:1e:36:4c:f4:51:88:78:65:
b1:1b:ec:eb:5e:89:ec:1d:fc:82:14:64:99:85:39:3a:06:e6:
54:55:55:61:91:b8:ae:fe:05:ed:bc:16:56:ac:d0:16:38:1b:
1d:e2:69:4e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGQUXMGbelMpzgaqZffBh8LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI2MjAxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTA5YTIyYzQwY2E1ZTUyMTgwYzAyZThjNDE4OTk1ZTAyNGY2OTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0fSO95TDdl778nxHqwVr7bvv4Tj
C1TPzxrKQuw9R61D/b8Z9XUkwf7jNJStMEpMo87nHeQRJPf3upZ09apt6PqItNrU
CU9BtLUL4WOrQphno648rCH5BrOZQzSEAyQ/NAdhB1NZP7Ol9khnh4NmjqoNcpVz
ppE5+do3LIzmsJKAlP2wx4MvoVDdoQqAh38GiHzKAJh4c6gnNCoLEzGOpSavOwMH
fwXUI/mzT9PYcYkSqCZUUTuj0xRzRgocsZ1C0m7EjnRTQdC0DF7sC1u0rqX5zbDP
6hVicaUUjUH/UYooTG4GOhIG8eoqMramoS7XnOEn92CDFOCpZq5DIBj0FQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKkJoixAyl5SGAwC6MQYmV4CT2leMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcVFtaUxFREtYbElZREFMb3hCaVpYZ0pQYVY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAkh/ID977SuJh+b66FL0Jx8XR
NC7sT9UZsL3XRChuswY9ZwXcW7RAhdmF0Cgp3ckaTmumy2i0UiRE95jS3HZpBAgO
9jTmy3LJw7k0eCJ8hVkxu6MzdM2lQnT2AIt754qCwK9ycNmtV9H10EYf/oMnxqUl
qcIj5aIHVxFqKjknljEoK4Qn+Vzvv7JvD0nvgH4tP4Nq2BA2oHeAGxumu2rjkp6k
7f+0jewzrBirlgRE5fpbmTAb8Ubt8a8E/NmWetY6AiMTDjn9OpEyqFsHZMYx7x42
TPRRiHhlsRvs616J7B38ghRkmYU5OgbmVFVVYZG4rv4F7bwWVqzQFjgbHeJpTg==
-----END CERTIFICATE-----
Generated at Mon Aug 26 23:15:22 2024 by rpki-client on console-fra.rpki-client.org