Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yX-sg0FpybEE7XhegrLgbow9H2w.roa
File: yX-sg0FpybEE7XhegrLgbow9H2w.roa (raw, json)
Hash identifier: SLB6uXS7ZbVgTUQjLxvOfD/eu3P2gCHDorzZ1XF/W/I=
Subject key identifier: C9:7F:AC:83:41:69:C9:B1:04:ED:78:5E:82:B2:E0:6E:8C:3D:1F:6C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019122ACF04CA0026F256EB4B9F31FFC5BFC
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yX-sg0FpybEE7XhegrLgbow9H2w.roa
Signing time: Mon 05 Aug 2024 13:14:04 +0000
ROA not before: Mon 05 Aug 2024 13:14:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 05 Aug 2024 14:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:22:ac:f0:4c:a0:02:6f:25:6e:b4:b9:f3:1f:fc:5b:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 5 13:14:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c97fac834169c9b104ed785e82b2e06e8c3d1f6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e1:ed:2e:52:25:d6:5d:15:4d:53:97:3f:98:
83:75:1a:ed:3e:08:a0:7b:97:26:dc:4e:9c:e1:42:
d2:50:68:b9:f4:d8:48:3b:4e:11:49:64:a4:09:c5:
e2:da:7c:34:0f:23:fe:d2:bc:b8:45:b1:c6:cc:c5:
93:42:41:e8:b1:94:32:44:90:da:4c:a5:1b:52:64:
9d:26:d6:f9:0c:a3:58:62:f7:f7:96:87:1b:a9:41:
b1:df:9e:4c:24:48:62:df:3b:73:a5:fa:2e:1e:8c:
ec:59:6c:20:71:1d:ef:9c:c3:44:0b:81:77:1f:18:
d9:41:38:cf:08:cf:d1:e8:f2:34:bf:24:2f:b7:96:
ec:e2:37:40:6c:1f:f9:5b:f8:9b:83:25:c8:20:ad:
35:d0:14:8a:93:bd:f0:bf:ba:a5:cf:bb:c6:1e:00:
d9:23:7c:02:6a:6a:ad:ad:eb:62:a2:76:ad:a3:34:
56:aa:81:be:cd:ec:f7:46:91:0a:66:a2:7f:b4:4a:
7b:84:0c:99:8f:6b:0f:11:30:92:de:d9:4e:5e:96:
e1:4f:3c:e2:51:0c:28:6a:d5:bd:26:65:40:a1:4c:
b8:58:f6:0a:a6:3f:5b:68:f1:8d:21:87:48:e0:09:
ef:4d:26:54:86:a5:55:56:7c:88:e3:39:3e:18:e5:
0c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:7F:AC:83:41:69:C9:B1:04:ED:78:5E:82:B2:E0:6E:8C:3D:1F:6C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yX-sg0FpybEE7XhegrLgbow9H2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
86:f5:f6:d8:8c:87:55:92:b4:f1:34:13:ff:1c:be:58:fc:58:
02:01:8c:c5:ea:e7:22:c7:93:1f:23:09:b7:1b:51:ac:70:b3:
2e:b1:80:6e:91:3d:2a:57:30:c8:20:8d:6d:e9:39:8c:c4:c2:
cf:13:c8:84:bb:5a:48:a4:7c:e9:f1:ff:d1:25:70:20:e8:e6:
2f:29:74:37:b1:c3:9a:fe:ee:c3:f9:cd:d6:07:33:7a:81:19:
3a:05:4c:6c:b7:ac:7b:27:20:f3:12:fa:f5:d7:47:d3:39:60:
d1:a8:b8:83:ee:e5:07:61:7e:5a:81:39:85:3c:af:e5:1b:5d:
bf:96:f5:d6:5c:f4:9d:61:55:12:9b:d4:e9:a7:be:c3:cc:d4:
d7:36:40:f7:0f:12:e2:ee:30:59:37:2d:b0:e7:1d:8c:60:5b:
81:84:a7:b2:bf:c0:0e:f4:3c:6b:9d:f8:52:e8:30:aa:89:33:
1d:3e:29:24:95:e9:f3:50:72:1f:c0:a7:9a:75:65:dd:c4:82:
8f:d3:2d:d3:48:3a:0e:be:72:1d:2c:6e:84:cc:7c:23:8e:f3:
3a:3a:6f:51:62:e2:f4:f2:fb:6b:86:b7:3c:1d:de:a5:10:a6:
73:f1:58:2e:29:96:25:1c:29:23:e3:0c:08:22:db:66:35:9c:
e5:ff:b6:51
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEirPBMoAJvJW60ufMf/Fv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA1MTMxNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTdmYWM4MzQxNjljOWIxMDRlZDc4NWU4MmIyZTA2ZThjM2QxZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuHtLlIl1l0VTVOXP5iDdRrtPgig
e5cm3E6c4ULSUGi59NhIO04RSWSkCcXi2nw0DyP+0ry4RbHGzMWTQkHosZQyRJDa
TKUbUmSdJtb5DKNYYvf3locbqUGx355MJEhi3ztzpfouHozsWWwgcR3vnMNEC4F3
HxjZQTjPCM/R6PI0vyQvt5bs4jdAbB/5W/ibgyXIIK010BSKk73wv7qlz7vGHgDZ
I3wCamqtretionatozRWqoG+zez3RpEKZqJ/tEp7hAyZj2sPETCS3tlOXpbhTzzi
UQwoatW9JmVAoUy4WPYKpj9baPGNIYdI4AnvTSZUhqVVVnyI4zk+GOUMVwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMl/rINBacmxBO14XoKy4G6MPR9sMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveVgtc2cwRnB5YkVFN1hoZWdyTGdib3c5SDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAhvX22IyHVZK08TQT/xy+WPxY
AgGMxernIseTHyMJtxtRrHCzLrGAbpE9KlcwyCCNbek5jMTCzxPIhLtaSKR86fH/
0SVwIOjmLyl0N7HDmv7uw/nN1gczeoEZOgVMbLeseycg8xL69ddH0zlg0ai4g+7l
B2F+WoE5hTyv5Rtdv5b11lz0nWFVEpvU6ae+w8zU1zZA9w8S4u4wWTctsOcdjGBb
gYSnsr/ADvQ8a534UugwqokzHT4pJJXp81ByH8CnmnVl3cSCj9Mt00g6Dr5yHSxu
hMx8I47zOjpvUWLi9PL7a4a3PB3epRCmc/FYLimWJRwpI+MMCCLbZjWc5f+2UQ==
-----END CERTIFICATE-----
Generated at Mon Aug 5 18:29:35 2024 by rpki-client on console-ams.rpki-client.org