Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/szpJutQB0yhY6yaqZ67Uh6H8v1k.roa
File: szpJutQB0yhY6yaqZ67Uh6H8v1k.roa (raw, json)
Hash identifier: WjKlc8XUZv+QmP7qFJeB6Lgim6DNdEJrUCXl7zTelAw=
Subject key identifier: B3:3A:49:BA:D4:01:D3:28:58:EB:26:AA:67:AE:D4:87:A1:FC:BF:59
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191A6A16C6B5BC38E34D229AB34483D4FE9
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/szpJutQB0yhY6yaqZ67Uh6H8v1k.roa
Signing time: Sat 31 Aug 2024 04:11:22 +0000
ROA not before: Sat 31 Aug 2024 04:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 31 Aug 2024 05:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a6:a1:6c:6b:5b:c3:8e:34:d2:29:ab:34:48:3d:4f:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 31 04:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b33a49bad401d32858eb26aa67aed487a1fcbf59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:40:35:f2:ac:99:f0:bb:c8:c5:25:25:b0:68:
60:9f:6a:0e:84:4c:d0:15:db:99:35:1b:36:d3:80:
8d:e0:98:3d:ef:a6:d3:68:a7:09:29:43:c6:90:5f:
62:8d:30:42:df:98:d0:d6:d7:18:26:85:92:82:ca:
9f:96:29:0b:77:0a:61:36:fb:3c:7f:5d:88:6c:c9:
e4:1c:94:38:48:b7:41:ec:49:44:ae:72:8c:86:1e:
e4:57:e4:d5:5a:f8:fc:37:99:f5:53:d8:51:2d:07:
0b:1c:8d:bc:15:89:4c:fc:23:db:d4:03:60:93:ff:
74:43:d2:ac:b2:b7:47:c5:8a:d4:7c:9a:9b:e7:8f:
30:80:2d:e5:a0:5d:2f:8a:ae:7d:32:9a:25:ee:cf:
e2:a9:49:f4:b8:1b:e4:68:06:66:93:11:82:e6:16:
76:9e:2a:de:7c:6a:01:c3:1b:5f:d2:2b:26:f8:0f:
c2:38:68:0f:58:17:d0:d8:7b:26:d1:c6:3e:91:1e:
90:29:2e:4e:3b:8a:df:4c:f4:9f:2c:0f:ea:41:1a:
3a:a6:02:c6:cf:df:01:01:73:06:e6:f2:76:e1:1c:
19:95:2c:dd:13:46:e1:dc:f6:7d:a9:4d:bd:76:a1:
a1:65:b2:b0:89:6e:be:b3:78:84:1a:96:30:f7:e0:
6e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:3A:49:BA:D4:01:D3:28:58:EB:26:AA:67:AE:D4:87:A1:FC:BF:59
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/szpJutQB0yhY6yaqZ67Uh6H8v1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
15:bb:bd:77:9c:99:47:a6:47:32:cc:b3:6e:11:58:5b:36:4b:
16:9d:f8:99:79:b3:e1:be:26:16:b8:89:84:e7:29:aa:23:69:
26:6e:c2:4f:b9:67:3b:ca:03:75:d4:74:a2:4b:ea:15:22:11:
83:11:89:e5:d2:45:b5:cb:3e:8c:b7:b7:af:c1:c4:56:3f:c3:
9f:d8:98:02:c6:ee:44:f5:3b:94:d9:a8:38:9a:59:a0:94:38:
6d:57:52:c6:8c:c5:8c:79:9b:11:ac:90:ef:fc:02:43:e4:ef:
a4:cf:64:88:6e:e6:d2:fb:29:de:25:04:18:b6:67:3d:01:66:
07:7c:97:05:41:61:ab:2f:d1:22:bf:af:3a:b7:da:65:0a:ee:
1b:9a:67:fa:6d:0b:5c:e7:4e:e8:93:e3:f1:91:22:6c:98:df:
19:12:38:7e:b2:14:7e:27:56:dd:7d:a2:89:23:b1:2a:f9:89:
26:0e:f2:70:a2:7d:01:49:04:00:7a:4a:ab:83:24:d0:a9:f5:
fd:59:ce:7d:60:34:0f:6f:f4:13:a9:43:98:b1:4b:5f:5b:34:
ab:d7:1f:76:52:a8:c5:a7:43:c0:41:6d:d5:c9:0f:99:e0:2d:
a0:e8:1b:b3:6f:42:01:e6:44:23:ee:e6:28:69:a0:8a:f4:ff:
75:35:f9:9a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGmoWxrW8OONNIpqzRIPU/pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODMxMDQxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzNhNDliYWQ0MDFkMzI4NThlYjI2YWE2N2FlZDQ4N2ExZmNiZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkA18qyZ8LvIxSUlsGhgn2oOhEzQ
FduZNRs204CN4Jg976bTaKcJKUPGkF9ijTBC35jQ1tcYJoWSgsqflikLdwphNvs8
f12IbMnkHJQ4SLdB7ElErnKMhh7kV+TVWvj8N5n1U9hRLQcLHI28FYlM/CPb1ANg
k/90Q9KssrdHxYrUfJqb548wgC3loF0viq59Mpol7s/iqUn0uBvkaAZmkxGC5hZ2
nirefGoBwxtf0ism+A/COGgPWBfQ2Hsm0cY+kR6QKS5OO4rfTPSfLA/qQRo6pgLG
z98BAXMG5vJ24RwZlSzdE0bh3PZ9qU29dqGhZbKwiW6+s3iEGpYw9+BuFwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLM6SbrUAdMoWOsmqmeu1Ieh/L9ZMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvc3pwSnV0UUIweWhZNnlhcVo2N1VoNkg4djFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAFbu9d5yZR6ZHMsyzbhFYWzZL
Fp34mXmz4b4mFriJhOcpqiNpJm7CT7lnO8oDddR0okvqFSIRgxGJ5dJFtcs+jLe3
r8HEVj/Dn9iYAsbuRPU7lNmoOJpZoJQ4bVdSxozFjHmbEayQ7/wCQ+TvpM9kiG7m
0vsp3iUEGLZnPQFmB3yXBUFhqy/RIr+vOrfaZQruG5pn+m0LXOdO6JPj8ZEibJjf
GRI4frIUfidW3X2iiSOxKvmJJg7ycKJ9AUkEAHpKq4Mk0Kn1/VnOfWA0D2/0E6lD
mLFLX1s0q9cfdlKoxadDwEFt1ckPmeAtoOgbs29CAeZEI+7mKGmgivT/dTX5mg==
-----END CERTIFICATE-----
Generated at Sat Aug 31 07:50:01 2024 by rpki-client on console-ams.rpki-client.org