Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zYH5yDGMJRD9qSauIDckf3IbdNI.roa
File: zYH5yDGMJRD9qSauIDckf3IbdNI.roa (raw, json)
Hash identifier: GpAqFVqQ+P3zw6xnfDdlWXnMZ38dmN1kI3h1SZ+XJdM=
Subject key identifier: CD:81:F9:C8:31:8C:25:10:FD:A9:26:AE:20:37:24:7F:72:1B:74:D2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01912ACC1A64AD1757BF6821E33CF4F2393C
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zYH5yDGMJRD9qSauIDckf3IbdNI.roa
Signing time: Wed 07 Aug 2024 03:05:04 +0000
ROA not before: Wed 07 Aug 2024 03:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:2acb:badd/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 07 Aug 2024 03:12:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2a:cc:1a:64:ad:17:57:bf:68:21:e3:3c:f4:f2:39:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 7 03:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd81f9c8318c2510fda926ae2037247f721b74d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3d:56:de:03:44:b0:92:04:f1:d2:4a:5a:dc:
47:90:c8:d8:58:0d:3a:6d:1b:7d:79:6c:e3:10:10:
f7:15:5e:1d:db:16:a3:3d:81:b9:82:f3:95:4d:13:
ee:50:f7:72:3a:8c:12:34:41:fb:b5:c7:3a:02:3c:
5d:03:81:67:13:6a:75:88:48:64:72:3f:f3:35:90:
95:cf:6b:6c:60:a5:25:80:be:b1:00:bb:52:5c:04:
22:10:f8:d2:5e:68:3e:65:40:ae:c9:0a:60:29:4f:
86:47:31:1f:98:6d:b7:51:82:f7:c0:25:41:b8:c7:
3a:29:46:d7:9f:ae:f2:ea:a3:66:d1:4d:0a:42:4e:
a5:d4:e8:f4:89:99:b2:8e:72:6e:c7:4f:23:27:5b:
7d:06:4a:a0:3f:a4:f7:cf:00:92:a5:18:9b:15:3f:
8a:e7:8e:cc:15:6f:55:b1:d5:a9:8a:80:38:23:a0:
2e:ef:ea:05:1c:75:ac:4c:70:01:01:b2:43:81:2b:
13:48:bc:83:a7:d1:1f:43:17:ae:28:d8:01:94:df:
72:58:71:44:2b:9e:45:f1:ef:51:c9:58:88:2e:82:
10:10:a1:c8:f3:27:0a:02:6e:fc:19:06:c8:d1:dd:
aa:2f:38:00:bf:43:a1:e0:03:cf:a6:7b:df:f3:32:
ea:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:81:F9:C8:31:8C:25:10:FD:A9:26:AE:20:37:24:7F:72:1B:74:D2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zYH5yDGMJRD9qSauIDckf3IbdNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:2acb:badd/128
Signature Algorithm: sha256WithRSAEncryption
07:e5:7c:0a:56:b3:c4:94:50:82:d4:55:36:4f:d3:2f:f9:dd:
b6:90:57:b5:6f:74:89:50:e0:62:13:e7:65:03:04:da:c1:cf:
c1:ce:9f:78:90:fb:22:67:12:ac:03:68:80:a7:e7:29:ed:70:
e1:aa:e3:9c:9a:6f:7b:21:9f:09:0a:23:9c:2f:3b:64:26:01:
c0:fc:c6:a2:34:48:76:9f:88:04:60:43:38:de:4a:23:7f:6f:
d2:a8:11:02:2f:c8:d1:da:13:c7:67:ad:f7:c4:70:c2:f0:fc:
52:c2:16:15:c4:28:90:01:4f:40:c8:8a:1d:ff:38:54:f6:8a:
ee:45:b2:ae:b8:f3:ae:d6:5f:a1:6b:30:d4:ee:c4:92:a0:d9:
e2:a3:56:3e:7c:94:f6:dd:9e:9f:45:0c:8c:ca:e5:2c:ca:9c:
2d:a4:a3:b3:51:63:28:d5:49:e5:11:b3:a5:f7:39:93:6b:d4:
9c:39:9b:97:d3:44:5b:e1:35:a8:a3:06:c6:15:9f:6d:2e:a2:
98:18:1a:09:ce:c2:e9:9c:b9:e0:4d:12:52:67:21:27:58:ea:
15:06:14:0f:cc:a7:b2:54:78:c7:8b:2f:5d:6d:9c:f5:4a:dd:
34:97:95:ed:51:41:f0:d1:bc:fd:f2:0a:6a:aa:1c:67:ca:49:
7b:04:15:40
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZEqzBpkrRdXv2gh4zz08jk8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA3MDMwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDgxZjljODMxOGMyNTEwZmRhOTI2YWUyMDM3MjQ3ZjcyMWI3NGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyT1W3gNEsJIE8dJKWtxHkMjYWA06
bRt9eWzjEBD3FV4d2xajPYG5gvOVTRPuUPdyOowSNEH7tcc6AjxdA4FnE2p1iEhk
cj/zNZCVz2tsYKUlgL6xALtSXAQiEPjSXmg+ZUCuyQpgKU+GRzEfmG23UYL3wCVB
uMc6KUbXn67y6qNm0U0KQk6l1Oj0iZmyjnJux08jJ1t9BkqgP6T3zwCSpRibFT+K
547MFW9VsdWpioA4I6Au7+oFHHWsTHABAbJDgSsTSLyDp9EfQxeuKNgBlN9yWHFE
K55F8e9RyViILoIQEKHI8ycKAm78GQbI0d2qLzgAv0Oh4APPpnvf8zLqmwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFM2B+cgxjCUQ/akmriA3JH9yG3TSMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvellINXlER01KUkQ5cVNhdUlEY2tmM0liZE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkSrLut0wDQYJKoZIhvcNAQELBQADggEB
AAflfApWs8SUUILUVTZP0y/53baQV7VvdIlQ4GIT52UDBNrBz8HOn3iQ+yJnEqwD
aICn5yntcOGq45yab3shnwkKI5wvO2QmAcD8xqI0SHafiARgQzjeSiN/b9KoEQIv
yNHaE8dnrffEcMLw/FLCFhXEKJABT0DIih3/OFT2iu5Fsq64867WX6FrMNTuxJKg
2eKjVj58lPbdnp9FDIzK5SzKnC2ko7NRYyjVSeURs6X3OZNr1Jw5m5fTRFvhNaij
BsYVn20uopgYGgnOwumcueBNElJnISdY6hUGFA/Mp7JUeMeLL11tnPVK3TSXle1R
QfDRvP3yCmqqHGfKSXsEFUA=
-----END CERTIFICATE-----
Generated at Wed Aug 7 05:40:10 2024 by rpki-client on console-fra.rpki-client.org