Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xSTb0gxfeNUv9cAH5oHGedQwqg4.roa
File: xSTb0gxfeNUv9cAH5oHGedQwqg4.roa (raw, json)
Hash identifier: PC2XOkJeZdqotZTqmJFUDfOpPfcUU1yCTRTFCxGHFn8=
Subject key identifier: C5:24:DB:D2:0C:5F:78:D5:2F:F5:C0:07:E6:81:C6:79:D4:30:AA:0E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191C0D00123DD8B7C9CC179178BBAC404BC
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xSTb0gxfeNUv9cAH5oHGedQwqg4.roa
Signing time: Thu 05 Sep 2024 06:12:22 +0000
ROA not before: Thu 05 Sep 2024 06:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 05 Sep 2024 07:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c0:d0:01:23:dd:8b:7c:9c:c1:79:17:8b:ba:c4:04:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 5 06:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c524dbd20c5f78d52ff5c007e681c679d430aa0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ba:b1:76:1c:9e:1c:a2:0c:02:2d:1c:f0:ce:
e3:67:1b:bd:8d:22:d3:c0:c7:31:3d:d3:4e:da:f7:
50:8e:24:5d:0c:d6:f1:99:dd:40:af:1d:12:9c:44:
40:de:19:dd:74:ac:0e:7f:c3:d0:c9:c1:af:ca:b5:
89:df:e5:fa:06:d1:93:e2:b4:c8:b2:1b:ab:ca:87:
4b:b4:03:ca:3d:78:0b:3e:cd:26:cb:de:50:6c:7a:
7c:4f:52:4d:3a:cd:71:f9:d7:69:72:ff:ee:3d:1c:
e9:80:7e:1c:a0:27:f4:ca:3f:34:2c:88:38:8c:da:
a0:01:a8:48:dd:d9:04:ca:52:ba:b7:bb:44:00:57:
ea:e1:34:dd:20:70:ed:87:3b:37:a3:68:82:4e:2f:
15:21:9a:b8:0c:f8:18:df:2c:ec:43:db:8c:6c:52:
2d:c2:c3:7c:02:bd:07:50:1d:19:dc:02:16:7e:50:
79:cf:a3:81:bf:05:79:98:66:2d:39:02:f1:0e:6a:
94:42:e0:d2:e8:b4:06:49:d0:b6:50:16:1e:08:5e:
d1:e0:a9:e3:10:34:71:b8:03:05:8a:f3:26:fc:56:
3b:57:d4:92:e5:1a:85:b7:1b:96:f6:99:24:dc:c0:
d1:41:19:fd:f5:75:54:cd:5c:52:3b:40:53:a5:66:
5b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:24:DB:D2:0C:5F:78:D5:2F:F5:C0:07:E6:81:C6:79:D4:30:AA:0E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xSTb0gxfeNUv9cAH5oHGedQwqg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
41:9c:3d:73:e0:be:de:9c:77:8e:aa:e8:1a:98:d5:00:5a:96:
41:1e:3c:25:55:30:21:7d:dd:89:4d:38:c1:e0:11:66:45:e6:
48:8b:31:3a:5d:5f:b4:2b:86:13:42:85:56:51:95:83:0c:8a:
4c:81:4c:60:17:c3:40:96:f0:9d:66:4a:1a:56:aa:cc:44:3b:
2f:42:55:b3:08:fb:fd:f1:de:d6:a6:91:30:71:21:82:be:f6:
0d:22:76:20:3f:29:54:78:7f:bc:af:31:01:87:58:cc:5d:76:
3c:8c:1c:bf:a2:35:a7:e9:ec:2c:ed:03:23:bf:f5:e1:f4:cb:
ef:90:e0:d4:26:40:1f:7a:22:d8:c2:98:a0:1d:eb:80:97:5f:
09:ad:2f:97:aa:f9:41:80:79:e2:b6:10:7a:c2:d6:26:e4:65:
1c:43:5d:c2:08:a7:a3:8c:97:d6:14:b9:ef:b4:ea:26:1f:30:
ad:77:f1:f8:af:35:c4:0a:ef:6d:ce:7b:f2:e2:5c:f5:a3:15:
21:3b:a0:e9:46:08:a1:be:7b:0b:c7:b1:24:50:c8:c9:44:23:
ff:77:73:76:0b:9e:6f:4b:a5:ab:e6:e9:42:17:35:56:cd:89:
78:bf:65:2f:3b:17:53:b3:89:71:be:0b:3b:53:96:2a:02:a7:
e2:10:09:6e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZHA0AEj3Yt8nMF5F4u6xAS8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA1MDYxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTI0ZGJkMjBjNWY3OGQ1MmZmNWMwMDdlNjgxYzY3OWQ0MzBhYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLqxdhyeHKIMAi0c8M7jZxu9jSLT
wMcxPdNO2vdQjiRdDNbxmd1Arx0SnERA3hnddKwOf8PQycGvyrWJ3+X6BtGT4rTI
shuryodLtAPKPXgLPs0my95QbHp8T1JNOs1x+ddpcv/uPRzpgH4coCf0yj80LIg4
jNqgAahI3dkEylK6t7tEAFfq4TTdIHDthzs3o2iCTi8VIZq4DPgY3yzsQ9uMbFIt
wsN8Ar0HUB0Z3AIWflB5z6OBvwV5mGYtOQLxDmqUQuDS6LQGSdC2UBYeCF7R4Knj
EDRxuAMFivMm/FY7V9SS5RqFtxuW9pkk3MDRQRn99XVUzVxSO0BTpWZbmQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMUk29IMX3jVL/XAB+aBxnnUMKoOMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveFNUYjBneGZlTlV2OWNBSDVvSEdlZFF3cWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAQZw9c+C+3px3jqroGpjVAFqW
QR48JVUwIX3diU04weARZkXmSIsxOl1ftCuGE0KFVlGVgwyKTIFMYBfDQJbwnWZK
GlaqzEQ7L0JVswj7/fHe1qaRMHEhgr72DSJ2ID8pVHh/vK8xAYdYzF12PIwcv6I1
p+nsLO0DI7/14fTL75Dg1CZAH3oi2MKYoB3rgJdfCa0vl6r5QYB54rYQesLWJuRl
HENdwgino4yX1hS577TqJh8wrXfx+K81xArvbc578uJc9aMVITug6UYIob57C8ex
JFDIyUQj/3dzdgueb0ulq+bpQhc1Vs2JeL9lLzsXU7OJcb4LO1OWKgKn4hAJbg==
-----END CERTIFICATE-----
Generated at Thu Sep 5 10:01:33 2024 by rpki-client on console-ams.rpki-client.org