Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/vT5RP1jor0wrsOCzK4rs2wwcfT4.roa
File: vT5RP1jor0wrsOCzK4rs2wwcfT4.roa (raw, json)
Hash identifier: ogZqKob9IJlkKky4R929cvnK6wb79NDdLubiJ4URmXA=
Subject key identifier: BD:3E:51:3F:58:E8:AF:4C:2B:B0:E0:B3:2B:8A:EC:DB:0C:1C:7D:3E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019227C8892B017CFA84C3F9D67BC64E6C20
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/vT5RP1jor0wrsOCzK4rs2wwcfT4.roa
Signing time: Wed 25 Sep 2024 06:05:06 +0000
ROA not before: Wed 25 Sep 2024 06:05:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:192:27c7:b24c/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 25 Sep 2024 06:10:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:27:c8:89:2b:01:7c:fa:84:c3:f9:d6:7b:c6:4e:6c:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 25 06:05:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd3e513f58e8af4c2bb0e0b32b8aecdb0c1c7d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e0:1e:a1:af:1a:d3:c8:57:b1:03:f6:ee:96:
38:52:cd:e4:66:b4:d4:71:57:84:b1:52:b3:64:bc:
33:5e:4f:dd:f9:25:87:e5:2f:32:7b:42:eb:72:e0:
97:42:c9:7f:e2:19:b1:b8:9d:06:59:80:f2:d0:db:
68:43:bf:d2:5e:43:15:c8:de:31:e4:39:c5:30:2e:
9a:11:0b:fd:ba:31:16:2e:68:b3:d6:81:f8:fc:e6:
48:d1:dc:57:89:53:a2:d5:8e:04:47:9c:f9:e4:30:
4b:64:cc:4a:44:1a:08:cf:00:e2:48:27:d2:e1:f0:
e7:d3:8a:f9:13:6d:50:53:3f:88:db:e6:71:03:e1:
70:c4:45:d0:f5:08:66:34:ac:37:4c:32:70:98:db:
b5:3a:a0:1f:29:7c:07:c7:be:d5:fd:32:41:fa:be:
db:0a:1c:74:67:f4:5a:6b:4a:83:0d:eb:da:90:62:
30:40:1a:41:f5:9a:d4:76:74:ba:3c:21:cc:5d:3e:
80:ac:ff:39:cf:31:45:b6:f5:ae:fd:1e:26:b1:b0:
e8:ce:79:15:b8:94:5f:08:16:47:71:e8:da:13:dd:
68:67:3f:6e:81:a1:59:c2:ba:7c:15:3b:aa:05:ad:
a7:b1:ed:94:ab:31:aa:44:a7:cc:f2:0a:2f:14:74:
d0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:3E:51:3F:58:E8:AF:4C:2B:B0:E0:B3:2B:8A:EC:DB:0C:1C:7D:3E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/vT5RP1jor0wrsOCzK4rs2wwcfT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:192:27c7:b24c/128
Signature Algorithm: sha256WithRSAEncryption
7c:a9:a3:00:31:6e:b1:77:5f:3a:42:8f:50:a1:cc:0b:5f:5e:
9a:7e:f4:f9:cf:73:46:0d:24:27:c6:d4:78:e5:18:f0:4f:9c:
a2:f7:1a:56:9d:5e:40:97:62:52:0e:a8:b5:56:dd:6a:eb:6c:
56:b7:9c:79:3a:05:49:0d:3c:18:59:55:bf:d3:15:0c:0b:7d:
ee:fd:49:71:f5:2b:30:ce:0f:32:b6:62:84:8e:b1:c7:03:33:
e4:a9:35:05:43:1a:d4:9d:c2:b0:9a:71:20:5b:16:5a:78:ac:
ea:5f:5c:90:12:cf:85:1e:b1:c8:c7:13:ff:36:8c:ee:1b:0d:
55:03:5c:7a:20:6e:46:d8:3a:6b:52:d0:b8:a0:7b:2c:f0:e2:
77:5d:6b:a6:71:16:61:4c:36:cc:7c:c1:31:7c:b2:81:1b:7d:
db:c2:e9:78:5f:c8:cf:72:49:0d:b8:bd:32:4d:6b:b2:e6:c8:
8b:f3:62:5a:8f:30:57:49:69:c4:39:88:24:ee:cb:94:12:da:
ac:9f:6e:1d:3e:80:f5:fd:d3:59:b8:b2:aa:50:36:6c:ef:59:
59:b0:07:04:65:1c:11:69:8f:9f:aa:cb:a7:12:ff:c0:64:36:
4e:a1:73:ab:f1:d2:b0:f0:a7:75:c0:0a:d7:dc:6d:39:ec:6a:
99:e1:d0:38
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZInyIkrAXz6hMP51nvGTmwgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTI1MDYwNTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDNlNTEzZjU4ZThhZjRjMmJiMGUwYjMyYjhhZWNkYjBjMWM3ZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+Aeoa8a08hXsQP27pY4Us3kZrTU
cVeEsVKzZLwzXk/d+SWH5S8ye0LrcuCXQsl/4hmxuJ0GWYDy0NtoQ7/SXkMVyN4x
5DnFMC6aEQv9ujEWLmiz1oH4/OZI0dxXiVOi1Y4ER5z55DBLZMxKRBoIzwDiSCfS
4fDn04r5E21QUz+I2+ZxA+FwxEXQ9QhmNKw3TDJwmNu1OqAfKXwHx77V/TJB+r7b
Chx0Z/Raa0qDDevakGIwQBpB9ZrUdnS6PCHMXT6ArP85zzFFtvWu/R4msbDoznkV
uJRfCBZHcejaE91oZz9ugaFZwrp8FTuqBa2nse2UqzGqRKfM8govFHTQdQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFL0+UT9Y6K9MK7DgsyuK7NsMHH0+MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdlQ1UlAxam9yMHdyc09Deks0cnMyd3djZlQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGSJ8eyTDANBgkqhkiG9w0BAQsFAAOCAQEAfKmjADFusXdfOkKPUKHMC19e
mn70+c9zRg0kJ8bUeOUY8E+covcaVp1eQJdiUg6otVbdautsVreceToFSQ08GFlV
v9MVDAt97v1JcfUrMM4PMrZihI6xxwMz5Kk1BUMa1J3CsJpxIFsWWnis6l9ckBLP
hR6xyMcT/zaM7hsNVQNceiBuRtg6a1LQuKB7LPDid11rpnEWYUw2zHzBMXyygRt9
28LpeF/Iz3JJDbi9Mk1rsubIi/NiWo8wV0lpxDmIJO7LlBLarJ9uHT6A9f3TWbiy
qlA2bO9ZWbAHBGUcEWmPn6rLpxL/wGQ2TqFzq/HSsPCndcAK19xtOexqmeHQOA==
-----END CERTIFICATE-----
Generated at Wed Sep 25 08:13:21 2024 by rpki-client on console-fra.rpki-client.org