Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yuapSsrkE00JvO9lVjx2_ZjHClU.roa
File: yuapSsrkE00JvO9lVjx2_ZjHClU.roa (raw, json)
Hash identifier: dAH5c8npSDtoUe0pgLgwEhGOgwfhM4ezmMGEF2THAto=
Subject key identifier: CA:E6:A9:4A:CA:E4:13:4D:09:BC:EF:65:56:3C:76:FD:98:C7:0A:55
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191961CD3430D19166B47AE35F8EB99A5F0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yuapSsrkE00JvO9lVjx2_ZjHClU.roa
Signing time: Tue 27 Aug 2024 23:12:37 +0000
ROA not before: Tue 27 Aug 2024 23:12:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 28 Aug 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:96:1c:d3:43:0d:19:16:6b:47:ae:35:f8:eb:99:a5:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 27 23:12:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cae6a94acae4134d09bcef65563c76fd98c70a55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:61:92:58:c8:18:b2:59:29:3d:8a:30:07:f6:
de:50:42:6e:db:5b:1e:73:b0:4f:da:79:b9:97:47:
e9:50:da:09:67:67:e3:fe:f2:df:6e:a6:f4:a8:5c:
a3:47:af:96:ce:23:77:39:81:df:bd:fc:4b:e9:b3:
6c:ef:74:fb:e0:de:6d:ee:b3:65:33:71:cb:ce:6f:
06:80:df:e2:b0:31:c5:85:57:6c:a9:8c:26:d8:22:
4c:f6:c6:d1:46:6f:fe:2b:83:e1:05:4f:ff:89:3c:
af:3b:9e:2e:1e:fa:72:c7:db:14:08:33:3c:1c:70:
b4:60:d5:89:7d:25:2f:f4:a7:e7:7c:9e:8e:7a:31:
dd:7d:fd:f2:a8:80:a1:eb:1a:f5:54:61:21:5b:ab:
8c:2a:10:48:2c:2f:a2:43:97:46:e5:75:5e:f2:04:
b1:9e:0e:fb:0f:15:1a:a4:94:73:6d:37:47:c6:3c:
a1:dd:f8:70:cc:bb:2f:8c:7e:18:c8:17:23:b0:c7:
24:d7:1f:ec:3e:21:36:cc:76:29:30:61:30:e9:e9:
1e:ac:dc:b8:a1:c5:5f:ba:94:f8:31:03:fe:39:66:
13:ce:4b:49:8a:8e:79:c6:6e:27:0d:9c:f7:19:3e:
68:ea:2b:82:41:ce:2d:56:83:21:96:15:92:02:35:
e0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:E6:A9:4A:CA:E4:13:4D:09:BC:EF:65:56:3C:76:FD:98:C7:0A:55
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yuapSsrkE00JvO9lVjx2_ZjHClU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
8d:6b:4f:2e:81:65:1f:bd:83:74:f1:c5:5a:42:9b:51:dd:a6:
d6:06:67:f5:b0:ad:ca:c9:fc:03:b5:50:59:42:fc:62:03:a3:
bf:46:c1:3e:c8:f7:61:78:bf:ed:40:7e:93:2a:73:93:5c:17:
bb:7c:fc:ee:08:e5:d5:a5:ae:ab:51:c1:53:f4:61:b3:e0:d4:
49:de:d8:74:86:87:e7:f9:39:52:5a:df:29:fa:5e:67:7b:67:
6a:49:97:3c:54:f4:f8:30:4e:10:f2:49:aa:20:29:e7:4a:01:
d9:da:f6:e4:52:3e:a1:80:d4:bc:6b:a1:33:45:e1:cc:14:df:
e4:23:87:30:53:54:66:2d:1e:2d:87:e3:88:db:b5:24:20:e9:
67:f2:9e:8d:9d:52:ce:65:86:be:74:49:2e:22:02:76:0b:b9:
38:80:bc:34:d3:91:70:4a:ad:28:25:12:0e:80:37:d1:41:14:
bc:4b:c3:2f:2a:14:1b:65:1d:e1:86:bf:9a:a3:ac:76:6a:81:
4c:dc:83:f6:4d:71:c8:95:eb:b5:c6:15:45:e3:0c:d3:73:1a:
aa:c1:ea:91:34:2a:72:96:9e:ab:7a:27:67:20:99:86:33:e0:
90:2c:f6:43:87:2e:02:25:42:3c:48:2f:f6:67:2d:5d:ae:2c:
da:95:e0:b6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGWHNNDDRkWa0euNfjrmaXwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI3MjMxMjM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWU2YTk0YWNhZTQxMzRkMDliY2VmNjU1NjNjNzZmZDk4YzcwYTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mGSWMgYslkpPYowB/beUEJu21se
c7BP2nm5l0fpUNoJZ2fj/vLfbqb0qFyjR6+WziN3OYHfvfxL6bNs73T74N5t7rNl
M3HLzm8GgN/isDHFhVdsqYwm2CJM9sbRRm/+K4PhBU//iTyvO54uHvpyx9sUCDM8
HHC0YNWJfSUv9KfnfJ6OejHdff3yqICh6xr1VGEhW6uMKhBILC+iQ5dG5XVe8gSx
ng77DxUapJRzbTdHxjyh3fhwzLsvjH4YyBcjsMck1x/sPiE2zHYpMGEw6ekerNy4
ocVfupT4MQP+OWYTzktJio55xm4nDZz3GT5o6iuCQc4tVoMhlhWSAjXgZwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMrmqUrK5BNNCbzvZVY8dv2YxwpVMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveXVhcFNzcmtFMDBKdk85bFZqeDJfWmpIQ2xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAjWtPLoFlH72DdPHFWkKbUd2m
1gZn9bCtysn8A7VQWUL8YgOjv0bBPsj3YXi/7UB+kypzk1wXu3z87gjl1aWuq1HB
U/Rhs+DUSd7YdIaH5/k5UlrfKfpeZ3tnakmXPFT0+DBOEPJJqiAp50oB2dr25FI+
oYDUvGuhM0XhzBTf5COHMFNUZi0eLYfjiNu1JCDpZ/KejZ1SzmWGvnRJLiICdgu5
OIC8NNORcEqtKCUSDoA30UEUvEvDLyoUG2Ud4Ya/mqOsdmqBTNyD9k1xyJXrtcYV
ReMM03MaqsHqkTQqcpaeq3onZyCZhjPgkCz2Q4cuAiVCPEgv9mctXa4s2pXgtg==
-----END CERTIFICATE-----
Generated at Wed Aug 28 03:06:04 2024 by rpki-client on console-fra.rpki-client.org