Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yTaXkk1US38SD-UsPnW_NKz6RtQ.roa
File: yTaXkk1US38SD-UsPnW_NKz6RtQ.roa (raw, json)
Hash identifier: YeJnndAsRmECNQTthHeiD2qU37/GbLNg8L+HVRjNZBY=
Subject key identifier: C9:36:97:92:4D:54:4B:7F:12:0F:E5:2C:3E:75:BF:34:AC:FA:46:D4
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01911224745CE3CD591A13700F9770C75865
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yTaXkk1US38SD-UsPnW_NKz6RtQ.roa
Signing time: Fri 02 Aug 2024 08:11:04 +0000
ROA not before: Fri 02 Aug 2024 08:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 02 Aug 2024 09:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:24:74:5c:e3:cd:59:1a:13:70:0f:97:70:c7:58:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 2 08:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c93697924d544b7f120fe52c3e75bf34acfa46d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:21:cb:6d:a2:7a:51:71:2a:fa:86:f4:e0:ec:
93:dc:43:0e:cf:81:23:74:d5:ec:d9:12:c6:d4:1a:
1d:87:eb:36:3d:37:4f:f3:80:9b:86:f5:9b:78:30:
90:6c:e8:56:64:b5:c3:70:92:ea:fc:92:2a:52:2c:
c1:ba:71:8d:59:e4:88:53:86:97:a5:2c:16:28:b3:
25:31:3d:9d:a2:3e:c3:77:cf:55:bd:ba:b6:89:bc:
54:c5:76:ae:ac:d5:e1:2c:f5:74:4e:3d:cf:2e:ee:
e6:53:d3:a9:a3:fa:cf:9c:6e:02:f0:01:c4:8c:92:
6f:a2:23:03:04:a5:87:f1:66:36:5b:0c:c5:76:28:
ed:cd:a9:c7:d0:d4:5f:2a:a1:90:d0:30:77:ba:e3:
4f:e2:34:0c:7e:06:dc:3d:90:c7:ea:c2:75:d7:0b:
b3:3e:dd:33:73:11:da:8b:a1:4b:90:1d:6f:53:6a:
4f:79:59:fe:ad:bd:07:b6:b2:a3:bf:7c:6e:ac:4a:
c1:b6:6b:b7:48:b0:02:06:5d:06:02:ef:39:2b:9f:
25:58:48:e0:98:e6:f6:01:59:47:2a:fc:c4:5c:cf:
4c:4a:78:6e:9f:01:1e:2f:37:1d:03:ab:ad:49:c2:
55:b1:e5:95:44:fa:42:89:28:60:68:99:1d:e1:63:
68:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:36:97:92:4D:54:4B:7F:12:0F:E5:2C:3E:75:BF:34:AC:FA:46:D4
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yTaXkk1US38SD-UsPnW_NKz6RtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
5e:c8:bb:fe:da:96:f6:40:2a:8d:8b:fa:61:f5:39:8f:8a:b0:
75:52:24:16:fd:8f:e0:fb:ee:0d:40:ec:9b:f8:58:33:fc:ae:
1a:fc:5b:f4:f7:1d:54:21:1c:e9:03:22:24:85:c7:1b:34:c4:
4c:8e:c7:32:07:49:45:03:95:52:47:95:f0:26:58:81:2a:5f:
cc:3b:93:be:e8:ce:98:46:f3:0c:1d:c2:7c:57:72:71:53:f4:
a9:bb:76:e5:56:38:af:af:48:62:2e:6b:59:4b:bc:c7:3b:03:
6d:f0:a5:c1:9c:36:e8:0d:85:f1:03:b7:39:bb:96:66:b0:f2:
78:19:af:37:7b:1f:87:de:0f:2a:d2:a2:e2:0e:ca:30:76:64:
ca:2a:1c:f7:46:fc:f9:54:07:0b:e4:89:68:22:da:67:d5:0b:
69:a2:b8:c9:f1:6b:5f:52:e7:ab:1b:9f:d3:bc:80:84:66:4d:
63:90:e0:61:34:0f:70:46:b6:78:83:f0:cf:f9:1c:34:9a:35:
17:0e:2a:57:e4:a3:04:cb:8e:04:f7:c8:e8:d7:61:36:05:5b:
5c:66:8c:e5:dc:32:f1:15:00:ad:2e:7f:7c:8c:61:cb:81:8e:
a2:fa:b5:ed:6d:b4:b0:0d:2a:a0:0f:35:17:79:a2:62:c7:00:
4d:90:a4:db
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZESJHRc481ZGhNwD5dwx1hlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODAyMDgxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTM2OTc5MjRkNTQ0YjdmMTIwZmU1MmMzZTc1YmYzNGFjZmE0NmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyHLbaJ6UXEq+ob04OyT3EMOz4Ej
dNXs2RLG1Bodh+s2PTdP84CbhvWbeDCQbOhWZLXDcJLq/JIqUizBunGNWeSIU4aX
pSwWKLMlMT2doj7Dd89Vvbq2ibxUxXaurNXhLPV0Tj3PLu7mU9Opo/rPnG4C8AHE
jJJvoiMDBKWH8WY2WwzFdijtzanH0NRfKqGQ0DB3uuNP4jQMfgbcPZDH6sJ11wuz
Pt0zcxHai6FLkB1vU2pPeVn+rb0HtrKjv3xurErBtmu3SLACBl0GAu85K58lWEjg
mOb2AVlHKvzEXM9MSnhunwEeLzcdA6utScJVseWVRPpCiShgaJkd4WNoNwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMk2l5JNVEt/Eg/lLD51vzSs+kbUMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveVRhWGtrMVVTMzhTRC1Vc1BuV19OS3o2UnRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAXsi7/tqW9kAqjYv6YfU5j4qw
dVIkFv2P4PvuDUDsm/hYM/yuGvxb9PcdVCEc6QMiJIXHGzTETI7HMgdJRQOVUkeV
8CZYgSpfzDuTvujOmEbzDB3CfFdycVP0qbt25VY4r69IYi5rWUu8xzsDbfClwZw2
6A2F8QO3ObuWZrDyeBmvN3sfh94PKtKi4g7KMHZkyioc90b8+VQHC+SJaCLaZ9UL
aaK4yfFrX1Lnqxuf07yAhGZNY5DgYTQPcEa2eIPwz/kcNJo1Fw4qV+SjBMuOBPfI
6NdhNgVbXGaM5dwy8RUArS5/fIxhy4GOovq17W20sA0qoA81F3miYscATZCk2w==
-----END CERTIFICATE-----
Generated at Fri Aug 2 12:06:49 2024 by rpki-client on console-fra.rpki-client.org