Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xio3j6Q_Z3kx_gdey6IkGuqNBM4.roa
File: xio3j6Q_Z3kx_gdey6IkGuqNBM4.roa (raw, json)
Hash identifier: iLAeYbxu/MRcBxbAGE+rOVa4jCvOIOXVZBHlfPQ0ZN8=
Subject key identifier: C6:2A:37:8F:A4:3F:67:79:31:FE:07:5E:CB:A2:24:1A:EA:8D:04:CE
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191BEE1C47EFC250934EE24D6F68E7AACDF
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xio3j6Q_Z3kx_gdey6IkGuqNBM4.roa
Signing time: Wed 04 Sep 2024 21:12:32 +0000
ROA not before: Wed 04 Sep 2024 21:12:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 04 Sep 2024 22:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:be:e1:c4:7e:fc:25:09:34:ee:24:d6:f6:8e:7a:ac:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 4 21:12:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c62a378fa43f677931fe075ecba2241aea8d04ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:21:01:12:4b:dc:36:95:2a:ed:75:22:f2:2e:
07:9a:6c:d9:28:f5:39:e8:a9:6b:0a:a1:21:1c:c6:
41:7f:5a:c2:9b:93:cf:f0:ac:2f:2a:db:71:8b:ac:
3d:c0:54:e4:5f:63:5e:db:1e:29:35:7e:32:ea:a0:
e9:b9:42:ec:62:d4:13:db:74:6a:7d:d6:ac:63:bf:
00:01:c5:b3:8d:b4:1e:bd:29:bf:8a:10:90:6e:42:
1f:ed:7d:db:ea:ef:69:17:c9:16:11:f2:60:ed:05:
ad:eb:be:6d:3c:5e:02:df:75:a7:99:00:ca:f2:55:
46:8a:a7:48:2c:9f:1f:cc:42:0c:fb:c4:d4:8e:72:
55:ea:12:4a:fe:0e:f5:0d:ae:a6:a2:a9:05:0a:44:
d9:cb:09:18:02:7f:69:a4:75:26:a6:a8:1a:c6:07:
9a:57:b8:10:c5:b0:52:2d:09:c0:fe:18:91:77:ff:
c6:93:11:7f:93:e9:c9:9d:3b:ea:a7:c4:ff:5b:11:
a5:57:40:5a:11:f1:2a:a8:36:96:b2:30:40:67:ca:
86:33:1e:32:bd:07:89:29:85:24:ab:17:d5:a3:16:
1f:f9:ad:5b:78:25:b0:18:e8:ab:2b:91:b6:8c:aa:
57:c9:33:52:d1:25:82:7f:94:52:38:b8:85:b1:92:
e8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:2A:37:8F:A4:3F:67:79:31:FE:07:5E:CB:A2:24:1A:EA:8D:04:CE
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xio3j6Q_Z3kx_gdey6IkGuqNBM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
37:46:ef:ee:7a:39:0c:08:cd:be:25:4c:fd:e6:77:dd:2e:af:
e3:f4:e7:0e:e8:7f:d3:66:eb:d6:29:c0:d5:96:e4:6f:38:22:
77:d9:31:5f:83:b2:52:48:be:57:18:a1:60:66:f1:0e:5c:ab:
8f:d7:3a:4a:fb:af:24:61:45:9a:20:c2:47:97:7f:96:04:9b:
13:f1:d6:8b:6b:9b:15:af:2e:b5:0d:7a:54:82:d4:ea:0c:8e:
b6:7a:ec:fb:da:db:03:bc:7e:82:5b:b8:3b:00:45:7a:c5:59:
f3:e3:fd:f0:cf:d7:89:a6:2e:9d:c0:92:68:3e:30:49:ad:a6:
54:63:20:e3:34:ac:ce:17:41:81:f7:73:f1:d1:12:09:10:1f:
a6:3f:4e:51:b5:c6:a8:1f:14:86:a0:e8:ba:19:2c:f0:bf:09:
d1:2a:f8:ce:a7:66:13:ab:96:f2:22:94:b6:e2:ab:74:e7:a7:
98:c5:b4:a3:62:b6:41:d6:31:f2:b9:65:e4:97:5e:9f:b9:40:
c5:28:c4:e9:db:bb:a5:55:2b:f6:df:7b:cb:ce:f4:9e:14:cc:
60:8a:ca:61:58:83:ed:52:70:27:db:5f:1c:0a:a3:91:d7:40:
9d:83:6d:5d:e1:c3:5d:42:79:07:77:e4:81:ee:79:33:77:5a:
b9:e4:74:84
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZG+4cR+/CUJNO4k1vaOeqzfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA0MjExMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjJhMzc4ZmE0M2Y2Nzc5MzFmZTA3NWVjYmEyMjQxYWVhOGQwNGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiEBEkvcNpUq7XUi8i4HmmzZKPU5
6KlrCqEhHMZBf1rCm5PP8KwvKttxi6w9wFTkX2Ne2x4pNX4y6qDpuULsYtQT23Rq
fdasY78AAcWzjbQevSm/ihCQbkIf7X3b6u9pF8kWEfJg7QWt675tPF4C33WnmQDK
8lVGiqdILJ8fzEIM+8TUjnJV6hJK/g71Da6moqkFCkTZywkYAn9ppHUmpqgaxgea
V7gQxbBSLQnA/hiRd//GkxF/k+nJnTvqp8T/WxGlV0BaEfEqqDaWsjBAZ8qGMx4y
vQeJKYUkqxfVoxYf+a1beCWwGOirK5G2jKpXyTNS0SWCf5RSOLiFsZLoPwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMYqN4+kP2d5Mf4HXsuiJBrqjQTOMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveGlvM2o2UV9aM2t4X2dkZXk2SWtHdXFOQk00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAN0bv7no5DAjNviVM/eZ33S6v
4/TnDuh/02br1inA1Zbkbzgid9kxX4OyUki+VxihYGbxDlyrj9c6SvuvJGFFmiDC
R5d/lgSbE/HWi2ubFa8utQ16VILU6gyOtnrs+9rbA7x+glu4OwBFesVZ8+P98M/X
iaYuncCSaD4wSa2mVGMg4zSszhdBgfdz8dESCRAfpj9OUbXGqB8UhqDouhks8L8J
0Sr4zqdmE6uW8iKUtuKrdOenmMW0o2K2QdYx8rll5Jden7lAxSjE6du7pVUr9t97
y870nhTMYIrKYViD7VJwJ9tfHAqjkddAnYNtXeHDXUJ5B3fkge55M3daueR0hA==
Generated at Thu Sep 5 00:01:43 2024 by rpki-client on console-fra.rpki-client.org