Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wPh9Ir9d1CouBoRgGU7iFYViW1g.roa
File: wPh9Ir9d1CouBoRgGU7iFYViW1g.roa (raw, json)
Hash identifier: yGPZV1APvnaxcQHrAHoY1FJLd6d7lr2tCzeT7vLs1E8=
Subject key identifier: C0:F8:7D:22:BF:5D:D4:2A:2E:06:84:60:19:4E:E2:15:85:62:5B:58
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01918115886E621D13B4DB7F8E75E7B5EF3E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wPh9Ir9d1CouBoRgGU7iFYViW1g.roa
Signing time: Fri 23 Aug 2024 21:12:37 +0000
ROA not before: Fri 23 Aug 2024 21:12:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 23 Aug 2024 22:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:81:15:88:6e:62:1d:13:b4:db:7f:8e:75:e7:b5:ef:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 23 21:12:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0f87d22bf5dd42a2e068460194ee21585625b58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:9a:66:ec:46:d4:72:6d:84:3f:19:5c:b4:dc:
c3:f2:c1:f9:ad:65:62:55:86:8f:6d:57:ba:75:51:
1e:02:30:ee:93:04:18:8a:20:9e:70:a3:fb:86:4c:
fd:a5:6b:e7:27:83:dc:d0:79:54:94:3d:0e:13:e1:
fb:fa:2f:05:85:f6:c1:2f:e5:d6:07:f9:ae:72:aa:
59:99:53:4d:ba:c9:6a:32:38:25:a5:32:92:fc:2d:
05:4f:c8:f2:dd:19:43:9f:23:1a:f1:42:4d:d0:08:
07:cd:7d:b5:fb:a0:c4:13:6b:96:b5:66:b2:c1:84:
86:84:6a:40:b3:1a:30:a3:34:00:e6:97:61:5d:7e:
e7:6a:a8:e0:e3:9f:de:f8:54:4c:fe:37:26:fc:70:
ec:86:a2:8f:83:ea:41:72:0e:1d:df:0e:5c:fc:de:
d9:d1:52:e4:87:56:65:47:63:6d:d5:f3:b0:0d:3b:
ba:2d:75:87:91:ae:e5:f1:d6:d5:4b:36:e7:c6:64:
4b:94:08:da:33:70:74:fb:83:70:4a:95:2b:60:33:
15:3c:86:45:0a:2b:12:09:d4:17:5a:2c:d5:de:cb:
df:2b:f4:8f:1f:07:df:77:36:c2:ef:5f:f4:c7:d3:
9b:d3:46:d3:3d:54:d8:e6:ac:fa:bc:b1:25:2a:d2:
52:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:F8:7D:22:BF:5D:D4:2A:2E:06:84:60:19:4E:E2:15:85:62:5B:58
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wPh9Ir9d1CouBoRgGU7iFYViW1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
82:0a:14:f5:08:2f:d8:92:ae:d6:3e:4d:d2:3c:ed:6c:b4:7a:
27:e5:19:ef:f3:63:5a:69:4e:10:e9:15:11:2c:a2:c1:c1:20:
65:7b:c0:c1:2f:e2:82:5f:fb:07:e3:6a:85:39:b9:c1:31:03:
ee:8b:e4:38:41:51:f4:f5:ee:e5:d4:dc:d1:e0:21:c0:f6:5d:
dc:39:56:26:14:20:11:c7:ef:68:f5:e0:43:1b:81:ac:f6:0f:
c5:a8:c5:27:a4:9a:46:7c:01:1d:ac:2f:5e:91:97:1b:4f:4f:
e0:d3:06:87:cc:4d:f4:21:66:f6:67:5f:44:5d:68:93:7b:66:
86:25:c2:96:d4:64:ea:18:3f:58:7d:c9:fc:f1:e3:5f:8e:e4:
cd:34:f8:17:af:99:1f:6b:a4:4b:f3:60:0b:b3:05:bf:d8:de:
09:48:75:0b:19:92:00:da:24:cd:d7:7e:0a:36:85:20:a1:73:
a9:61:ea:9f:9b:9f:97:68:78:8f:f8:97:a8:9c:91:8d:2f:50:
aa:20:a6:9a:87:4b:c0:74:65:e3:5c:8f:75:61:e7:b7:d9:92:
c4:d9:a6:44:95:db:e5:0d:8a:99:b1:68:09:2c:9a:69:1d:d3:
b2:46:27:fd:98:a0:58:40:ed:35:62:ae:9b:b6:a9:53:a8:9f:
a7:c4:9c:26
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGBFYhuYh0TtNt/jnXnte8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODIzMjExMjM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGY4N2QyMmJmNWRkNDJhMmUwNjg0NjAxOTRlZTIxNTg1NjI1YjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA75pm7EbUcm2EPxlctNzD8sH5rWVi
VYaPbVe6dVEeAjDukwQYiiCecKP7hkz9pWvnJ4Pc0HlUlD0OE+H7+i8FhfbBL+XW
B/mucqpZmVNNuslqMjglpTKS/C0FT8jy3RlDnyMa8UJN0AgHzX21+6DEE2uWtWay
wYSGhGpAsxowozQA5pdhXX7naqjg45/e+FRM/jcm/HDshqKPg+pBcg4d3w5c/N7Z
0VLkh1ZlR2Nt1fOwDTu6LXWHka7l8dbVSzbnxmRLlAjaM3B0+4NwSpUrYDMVPIZF
CisSCdQXWizV3svfK/SPHwffdzbC71/0x9Ob00bTPVTY5qz6vLElKtJS3QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMD4fSK/XdQqLgaEYBlO4hWFYltYMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvd1BoOUlyOWQxQ291Qm9SZ0dVN2lGWVZpVzFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAggoU9Qgv2JKu1j5N0jztbLR6
J+UZ7/NjWmlOEOkVESyiwcEgZXvAwS/igl/7B+NqhTm5wTED7ovkOEFR9PXu5dTc
0eAhwPZd3DlWJhQgEcfvaPXgQxuBrPYPxajFJ6SaRnwBHawvXpGXG09P4NMGh8xN
9CFm9mdfRF1ok3tmhiXCltRk6hg/WH3J/PHjX47kzTT4F6+ZH2ukS/NgC7MFv9je
CUh1CxmSANokzdd+CjaFIKFzqWHqn5ufl2h4j/iXqJyRjS9QqiCmmodLwHRl41yP
dWHnt9mSxNmmRJXb5Q2KmbFoCSyaaR3TskYn/ZigWEDtNWKum7apU6ifp8ScJg==
-----END CERTIFICATE-----
Generated at Sat Aug 24 03:05:10 2024 by rpki-client on console-fra.rpki-client.org