Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/x6T_Ekpf8SM8SpVfTGR3O4H3jak.roa
File: x6T_Ekpf8SM8SpVfTGR3O4H3jak.roa (raw, json)
Hash identifier: ifhcl32oNqPCokclQWNESB1THVr3naNfHbZTtTx0VAo=
Subject key identifier: C7:A4:FF:12:4A:5F:F1:23:3C:4A:95:5F:4C:64:77:3B:81:F7:8D:A9
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019138502EBB0298EEF8B536133D7896EDB7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/x6T_Ekpf8SM8SpVfTGR3O4H3jak.roa
Signing time: Fri 09 Aug 2024 18:04:24 +0000
ROA not before: Fri 09 Aug 2024 18:04:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:3850:27a9/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 09 Aug 2024 18:10:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:38:50:2e:bb:02:98:ee:f8:b5:36:13:3d:78:96:ed:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 9 18:04:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7a4ff124a5ff1233c4a955f4c64773b81f78da9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:46:66:78:c5:2e:f0:13:06:36:ab:3c:a3:eb:
81:c9:9a:d0:41:f2:c3:e9:0f:1a:01:73:48:83:eb:
50:b5:a3:e7:d0:d9:6e:14:99:3b:73:6c:3b:1f:2c:
14:9c:5a:9a:71:fa:49:dd:8b:ec:04:d4:32:ec:8e:
6e:7f:e4:6e:40:8b:51:d2:31:fd:e9:17:3f:ff:eb:
65:b5:91:d1:2e:c0:59:49:ab:15:7c:96:71:4f:e7:
9b:64:2f:af:27:b8:b1:a7:1e:bf:bd:09:3e:ee:55:
90:11:f9:f9:5f:da:98:dd:d0:86:57:82:e9:37:f9:
76:dc:b1:35:bb:f3:6d:bb:70:90:8f:ad:8b:21:9f:
37:3f:e6:ea:28:3b:14:bf:2f:c7:dd:2b:57:42:91:
c1:ed:1d:59:f8:ed:1b:31:10:02:76:c7:38:c7:be:
87:84:1f:82:83:e3:e2:12:09:d2:2c:77:ec:ef:cf:
6b:07:f3:30:37:72:02:94:8c:d3:64:42:0a:28:d8:
1b:dc:a8:f2:0d:05:fc:53:91:16:3f:b3:d7:2d:f2:
d2:75:40:87:66:64:50:b0:1b:21:c2:68:d8:0b:66:
3c:83:5d:88:12:fe:2f:20:d0:86:45:67:2d:02:9b:
4c:6a:68:7c:c4:bd:81:04:9a:c6:54:5e:ea:6a:24:
18:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:A4:FF:12:4A:5F:F1:23:3C:4A:95:5F:4C:64:77:3B:81:F7:8D:A9
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/x6T_Ekpf8SM8SpVfTGR3O4H3jak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:3850:27a9/128
Signature Algorithm: sha256WithRSAEncryption
32:54:2f:92:d8:57:f1:ec:47:6c:50:92:20:52:75:50:da:e7:
ad:78:d1:8b:ba:60:51:a6:0d:63:9f:c3:7e:86:f3:d5:16:68:
82:ba:ce:45:20:f5:c3:92:43:48:72:d4:7e:2a:ac:f4:22:fe:
0f:b2:77:d8:02:61:05:22:fe:b3:2c:b3:42:f9:15:1e:a6:d1:
29:cf:c6:53:30:cf:ee:e9:07:f9:34:03:09:3c:d4:71:db:4a:
29:ea:07:80:c1:91:f8:ff:b8:5a:db:9b:51:b2:60:7f:d5:e9:
3d:ff:1b:3c:63:ab:55:8a:b9:78:43:f8:bc:1e:44:3e:ac:45:
8b:24:a6:3c:5e:ae:94:00:2a:a0:c1:34:6b:a6:7b:4e:ff:30:
fc:2c:f8:22:61:22:3c:91:ab:c9:d3:50:9c:db:de:c4:66:15:
20:fe:68:fc:1a:9a:e0:ae:82:d9:7f:89:12:e9:85:f5:d2:4b:
ef:7b:a4:79:86:c6:55:16:dd:21:60:7b:c6:1b:f1:f1:f4:d2:
4b:71:55:75:1f:a8:84:1d:0a:a8:3a:f4:13:c0:ea:c0:79:54:
76:b5:35:cd:dc:bf:f4:75:ad:e3:02:3d:05:7f:59:93:94:46:
18:ae:44:e1:68:fa:5e:f3:19:5b:65:89:72:39:ae:94:c6:fa:
be:5d:5a:eb
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZE4UC67Apju+LU2Ez14lu23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA5MTgwNDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2E0ZmYxMjRhNWZmMTIzM2M0YTk1NWY0YzY0NzczYjgxZjc4ZGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUZmeMUu8BMGNqs8o+uByZrQQfLD
6Q8aAXNIg+tQtaPn0NluFJk7c2w7HywUnFqacfpJ3YvsBNQy7I5uf+RuQItR0jH9
6Rc//+tltZHRLsBZSasVfJZxT+ebZC+vJ7ixpx6/vQk+7lWQEfn5X9qY3dCGV4Lp
N/l23LE1u/Ntu3CQj62LIZ83P+bqKDsUvy/H3StXQpHB7R1Z+O0bMRACdsc4x76H
hB+Cg+PiEgnSLHfs789rB/MwN3IClIzTZEIKKNgb3KjyDQX8U5EWP7PXLfLSdUCH
ZmRQsBshwmjYC2Y8g12IEv4vINCGRWctAptMamh8xL2BBJrGVF7qaiQYrwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMek/xJKX/EjPEqVX0xkdzuB942pMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveDZUX0VrcGY4U004U3BWZlRHUjNPNEgzamFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkThQJ6kwDQYJKoZIhvcNAQELBQADggEB
ADJUL5LYV/HsR2xQkiBSdVDa56140Yu6YFGmDWOfw36G89UWaIK6zkUg9cOSQ0hy
1H4qrPQi/g+yd9gCYQUi/rMss0L5FR6m0SnPxlMwz+7pB/k0Awk81HHbSinqB4DB
kfj/uFrbm1GyYH/V6T3/Gzxjq1WKuXhD+LweRD6sRYskpjxerpQAKqDBNGume07/
MPws+CJhIjyRq8nTUJzb3sRmFSD+aPwamuCugtl/iRLphfXSS+97pHmGxlUW3SFg
e8Yb8fH00ktxVXUfqIQdCqg69BPA6sB5VHa1Nc3cv/R1reMCPQV/WZOURhiuROFo
+l7zGVtliXI5rpTG+r5dWus=
-----END CERTIFICATE-----
Generated at Fri Aug 9 20:50:42 2024 by rpki-client on console-fra.rpki-client.org