Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yvQqgPE5QJmTnZE37L7REkFmJco.roa
File: yvQqgPE5QJmTnZE37L7REkFmJco.roa (raw, json)
Hash identifier: Et6fuwg+Yhua1yNPOTlPcLu79w6hTRiMjTPjoAlArvo=
Subject key identifier: CA:F4:2A:80:F1:39:40:99:93:9D:91:37:EC:BE:D1:12:41:66:25:CA
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191DA8F479789AC027D9BC37A947C66BFC7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yvQqgPE5QJmTnZE37L7REkFmJco.roa
Signing time: Tue 10 Sep 2024 06:11:48 +0000
ROA not before: Tue 10 Sep 2024 06:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 10 Sep 2024 07:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:da:8f:47:97:89:ac:02:7d:9b:c3:7a:94:7c:66:bf:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 10 06:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caf42a80f1394099939d9137ecbed112416625ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:ee:73:31:27:39:8b:63:66:36:c8:f4:91:da:
9d:92:9f:83:6d:85:30:01:f1:f1:70:0a:2c:20:3c:
b7:5f:9a:ce:43:c6:b3:98:1c:b2:2d:4f:83:86:e7:
7f:9c:1e:77:7b:b5:6d:c1:c6:e5:06:b2:21:35:4a:
c2:a5:8c:a9:ec:b9:fd:11:03:a0:d0:86:e4:a0:f9:
48:24:4a:ff:51:b8:1c:4a:b8:89:7f:5e:c1:eb:e8:
9a:21:ea:c7:c3:08:dd:03:c2:53:30:3e:99:a1:36:
11:52:32:ea:13:3b:48:91:ad:80:0f:d6:69:e7:0b:
17:dd:64:c0:97:54:a3:76:45:8b:dc:a0:dc:95:be:
5c:ce:a3:67:ab:d7:2d:18:8e:5e:a2:61:01:b7:fa:
c8:da:14:d8:fd:c9:c0:3c:c6:d5:10:eb:38:6e:6c:
21:14:8f:2f:63:a9:33:de:25:8d:8e:fd:5e:85:7c:
21:74:4d:d5:ed:d9:78:ba:e8:17:c4:77:a0:31:5e:
d3:e1:02:f5:0b:5b:28:c1:da:bf:a3:ea:33:f8:00:
65:d2:2d:3c:4c:95:58:2f:af:9b:fe:86:79:75:11:
1c:98:47:3d:9f:70:86:b5:58:e6:82:9a:6e:e6:48:
59:64:a3:a4:37:5d:7f:6f:9b:47:f8:95:43:bc:fd:
fe:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F4:2A:80:F1:39:40:99:93:9D:91:37:EC:BE:D1:12:41:66:25:CA
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yvQqgPE5QJmTnZE37L7REkFmJco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
78:79:be:25:d8:d4:80:07:02:2f:e4:66:78:5c:f6:b3:91:0a:
55:8a:9a:58:5a:35:be:75:1d:16:04:90:49:7b:b3:a5:f4:ed:
b9:14:14:22:6a:ed:7d:f4:26:80:1b:c2:a8:c4:bd:2b:8d:50:
44:08:04:29:b7:0d:89:b8:bd:f6:15:bc:d1:96:5a:35:8c:11:
6a:49:ff:48:08:1b:e4:c0:5c:ca:a3:3a:51:a0:69:bb:c3:97:
08:a9:90:a2:92:de:af:be:4f:e7:01:82:c3:09:dc:c8:4a:f6:
97:08:0f:f5:28:25:31:fc:29:83:46:75:a5:15:ee:cf:e4:0d:
41:2d:b7:7e:a4:24:f4:a7:28:fc:9c:f4:b1:32:f6:70:b7:4f:
1c:76:5b:c1:87:9c:63:25:b6:c7:b4:a0:bc:fb:db:cd:91:c3:
8c:fc:1e:a2:b1:69:15:46:87:92:cb:3c:1d:2e:4f:03:d9:8d:
b8:70:ed:ae:f2:e5:85:ad:d4:aa:ed:4c:a0:5e:29:4f:78:0f:
02:0d:4a:47:47:b2:b8:61:a2:c6:37:33:0f:84:97:29:08:88:
ec:27:04:c6:15:a6:e4:f8:9e:92:0f:ea:7a:d9:dd:f7:f8:47:
20:e6:01:48:f6:d3:35:45:9f:0a:05:f1:1c:16:d8:f5:bc:b8:
fb:42:1a:ad
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHaj0eXiawCfZvDepR8Zr/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTEwMDYxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWY0MmE4MGYxMzk0MDk5OTM5ZDkxMzdlY2JlZDExMjQxNjYyNWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6e5zMSc5i2NmNsj0kdqdkp+DbYUw
AfHxcAosIDy3X5rOQ8azmByyLU+Dhud/nB53e7VtwcblBrIhNUrCpYyp7Ln9EQOg
0IbkoPlIJEr/UbgcSriJf17B6+iaIerHwwjdA8JTMD6ZoTYRUjLqEztIka2AD9Zp
5wsX3WTAl1SjdkWL3KDclb5czqNnq9ctGI5eomEBt/rI2hTY/cnAPMbVEOs4bmwh
FI8vY6kz3iWNjv1ehXwhdE3V7dl4uugXxHegMV7T4QL1C1sowdq/o+oz+ABl0i08
TJVYL6+b/oZ5dREcmEc9n3CGtVjmgppu5khZZKOkN11/b5tH+JVDvP3+qwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFMr0KoDxOUCZk52RN+y+0RJBZiXKMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveXZRcWdQRTVRSm1UblpFMzdMN1JFa0ZtSmNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wDEQAgAQZ8AGT//wAAAZHYLDcb
MA0GCSqGSIb3DQEBCwUAA4IBAQB4eb4l2NSABwIv5GZ4XPazkQpVippYWjW+dR0W
BJBJe7Ol9O25FBQiau199CaAG8KoxL0rjVBECAQptw2JuL32FbzRllo1jBFqSf9I
CBvkwFzKozpRoGm7w5cIqZCikt6vvk/nAYLDCdzISvaXCA/1KCUx/CmDRnWlFe7P
5A1BLbd+pCT0pyj8nPSxMvZwt08cdlvBh5xjJbbHtKC8+9vNkcOM/B6isWkVRoeS
yzwdLk8D2Y24cO2u8uWFrdSq7UygXilPeA8CDUpHR7K4YaLGNzMPhJcpCIjsJwTG
Fabk+J6SD+p62d33+Ecg5gFI9tM1RZ8KBfEcFtj1vLj7Qhqt
-----END CERTIFICATE-----
Generated at Tue Sep 10 08:57:11 2024 by rpki-client on console-ams.rpki-client.org