Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/sJOd3Ca986xdet1Rhuugg9CdRrI.roa
File: sJOd3Ca986xdet1Rhuugg9CdRrI.roa (raw, json)
Hash identifier: A4b/+VPFK2MKA3Xp6lxUEWUOCR5waDyopMg6icrN2E8=
Subject key identifier: B0:93:9D:DC:26:BD:F3:AC:5D:7A:DD:51:86:EB:A0:83:D0:9D:46:B2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191223C54336E0E6DAEC9AC0A5FF7B54865
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/sJOd3Ca986xdet1Rhuugg9CdRrI.roa
Signing time: Mon 05 Aug 2024 11:11:04 +0000
ROA not before: Mon 05 Aug 2024 11:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 05 Aug 2024 12:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:22:3c:54:33:6e:0e:6d:ae:c9:ac:0a:5f:f7:b5:48:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 5 11:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0939ddc26bdf3ac5d7add5186eba083d09d46b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:02:20:20:d9:bc:26:a0:3e:bb:31:ac:5f:7c:
27:95:bb:5d:c0:f2:65:1d:82:65:0f:60:94:5a:d1:
d5:61:ae:e4:33:59:0b:55:a2:0d:17:18:9d:b4:55:
e6:8a:b5:9d:94:a8:54:72:fa:0b:86:1b:60:10:e6:
b4:bd:b8:da:51:3d:3d:4c:c1:e4:03:42:43:17:8f:
49:70:9c:46:8d:ac:15:33:16:96:73:57:ff:c6:22:
6d:6a:0c:29:81:28:41:9d:53:5e:b8:fc:4e:7a:dc:
2b:99:1e:7a:83:b1:a8:a4:e0:4a:82:2b:48:99:72:
9a:f7:d2:f2:63:8f:66:73:06:f5:22:73:be:37:b4:
ac:84:5b:77:d0:23:c9:2a:91:64:53:ff:9d:d0:4e:
ff:f9:9b:b2:e0:5d:0d:28:7a:9e:04:4f:d2:5f:09:
56:4a:49:5a:18:54:83:05:d2:c9:2c:3f:41:c1:be:
e7:44:a4:7b:4e:a8:a8:97:e1:25:ed:ef:f3:bf:45:
87:61:3f:4c:19:00:39:d6:29:0e:03:94:3f:be:3b:
87:16:9e:9f:2b:61:21:78:15:89:36:bd:7f:20:38:
1f:66:e1:06:b8:66:9e:58:49:f5:89:b7:df:b5:6c:
36:68:1f:24:dc:02:31:e6:60:4d:a0:2e:a9:a8:e6:
15:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:93:9D:DC:26:BD:F3:AC:5D:7A:DD:51:86:EB:A0:83:D0:9D:46:B2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/sJOd3Ca986xdet1Rhuugg9CdRrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
87:d6:a4:fd:99:13:49:83:da:67:df:a0:fa:64:2a:39:ba:df:
bf:3c:1a:51:e5:13:48:c0:93:c7:ef:69:88:4e:7f:ff:67:47:
4d:33:ca:48:a8:71:4f:50:26:c6:8b:08:fa:1a:f5:15:c5:bb:
d9:46:fe:ca:be:c6:7f:1b:54:63:76:be:99:7d:ad:a1:8a:f1:
c5:f6:91:e8:16:24:d6:c3:73:6b:0f:30:fd:c3:e9:db:f6:72:
f5:01:6c:cd:dd:80:9b:17:66:69:32:32:2a:2e:27:b7:93:ad:
a2:11:48:35:99:29:db:4c:cc:1d:71:86:c6:c3:f4:55:12:8e:
d0:ad:9b:e1:b4:5a:56:eb:30:a4:a1:66:71:0b:c3:34:ec:23:
18:55:f4:99:67:d9:22:45:d7:55:2b:6c:09:8d:0d:83:41:a9:
fd:23:a7:17:73:81:fc:32:23:e7:06:49:9b:82:ca:1c:9a:5c:
7e:ee:b2:5e:65:97:be:56:8e:ae:55:29:dd:61:10:41:60:55:
90:2f:5d:08:5a:28:32:64:f0:30:14:98:92:09:39:ba:0e:fc:
46:f2:0e:79:33:37:5b:1f:e0:f4:f8:e3:90:4a:53:91:0e:2b:
8b:85:f8:2d:ee:c3:16:f7:eb:ad:3d:a2:8e:63:b2:5e:be:12:
04:a7:cf:63
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEiPFQzbg5trsmsCl/3tUhlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA1MTExMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDkzOWRkYzI2YmRmM2FjNWQ3YWRkNTE4NmViYTA4M2QwOWQ0NmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgIgINm8JqA+uzGsX3wnlbtdwPJl
HYJlD2CUWtHVYa7kM1kLVaINFxidtFXmirWdlKhUcvoLhhtgEOa0vbjaUT09TMHk
A0JDF49JcJxGjawVMxaWc1f/xiJtagwpgShBnVNeuPxOetwrmR56g7GopOBKgitI
mXKa99LyY49mcwb1InO+N7SshFt30CPJKpFkU/+d0E7/+Zuy4F0NKHqeBE/SXwlW
SklaGFSDBdLJLD9Bwb7nRKR7Tqiol+El7e/zv0WHYT9MGQA51ikOA5Q/vjuHFp6f
K2EheBWJNr1/IDgfZuEGuGaeWEn1ibfftWw2aB8k3AIx5mBNoC6pqOYV4QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLCTndwmvfOsXXrdUYbroIPQnUayMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvc0pPZDNDYTk4NnhkZXQxUmh1dWdnOUNkUnJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAh9ak/ZkTSYPaZ9+g+mQqObrf
vzwaUeUTSMCTx+9piE5//2dHTTPKSKhxT1AmxosI+hr1FcW72Ub+yr7GfxtUY3a+
mX2toYrxxfaR6BYk1sNzaw8w/cPp2/Zy9QFszd2AmxdmaTIyKi4nt5OtohFINZkp
20zMHXGGxsP0VRKO0K2b4bRaVuswpKFmcQvDNOwjGFX0mWfZIkXXVStsCY0Ng0Gp
/SOnF3OB/DIj5wZJm4LKHJpcfu6yXmWXvlaOrlUp3WEQQWBVkC9dCFooMmTwMBSY
kgk5ug78RvIOeTM3Wx/g9PjjkEpTkQ4ri4X4Le7DFvfrrT2ijmOyXr4SBKfPYw==
-----END CERTIFICATE-----
Generated at Mon Aug 5 14:56:17 2024 by rpki-client on console-fra.rpki-client.org