Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zss7CdyMT4XDFsaLTQfE8uKBaL4.roa
File: zss7CdyMT4XDFsaLTQfE8uKBaL4.roa (raw, json)
Hash identifier: Xt1iPlUvjHT7+2ljYFDMoYE+Ruu8nyes3A62j99FMT8=
Subject key identifier: CE:CB:3B:09:DC:8C:4F:85:C3:16:C6:8B:4D:07:C4:F2:E2:81:68:BE
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01910FFE38E150F4BBFC7A6163A58369DD64
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zss7CdyMT4XDFsaLTQfE8uKBaL4.roa
Signing time: Thu 01 Aug 2024 22:10:04 +0000
ROA not before: Thu 01 Aug 2024 22:10:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 01 Aug 2024 23:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0f:fe:38:e1:50:f4:bb:fc:7a:61:63:a5:83:69:dd:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 1 22:10:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cecb3b09dc8c4f85c316c68b4d07c4f2e28168be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:82:62:91:37:b0:21:96:4e:b2:25:a2:8d:63:
8b:13:a7:9e:cf:4c:2c:42:6b:02:a1:33:87:bd:b0:
c3:e9:96:b5:24:ff:8c:3a:f7:20:c7:56:89:da:91:
28:bd:15:c5:94:57:69:2b:0d:c7:8f:55:f8:bd:63:
70:c8:62:91:6c:6e:63:1e:b0:f0:44:c0:d2:cb:68:
cd:08:61:61:d4:82:32:4e:95:d1:29:5c:36:f4:d4:
5e:90:60:38:62:64:16:2a:05:ee:d3:0a:e8:f2:e5:
fb:80:4e:10:23:5f:85:a7:bd:33:7b:9b:b3:6f:ff:
f6:33:9a:18:31:ac:ba:97:7a:61:67:e4:90:2c:02:
39:bd:1a:fb:cb:87:ed:1f:1d:61:27:fe:cd:6b:09:
0d:36:68:3d:1f:87:ab:99:9c:64:83:71:99:d2:23:
9f:7d:22:08:8d:ff:6b:f4:28:d7:6f:dd:da:ef:a2:
48:6b:0e:67:07:d9:46:0e:9e:b4:2b:20:c9:17:d2:
47:52:6d:75:d0:02:20:1d:d7:70:09:83:78:76:55:
ac:48:10:de:11:1d:db:13:01:97:96:48:67:7f:5d:
b3:88:31:64:69:68:68:5c:d3:11:9b:63:a7:44:ea:
c2:1a:a8:88:de:e7:e6:eb:e6:7a:b8:90:4c:b2:c2:
4b:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:CB:3B:09:DC:8C:4F:85:C3:16:C6:8B:4D:07:C4:F2:E2:81:68:BE
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zss7CdyMT4XDFsaLTQfE8uKBaL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
94:1c:07:1f:50:db:a3:61:94:ec:75:01:88:33:db:10:51:e6:
c6:d5:dd:51:6d:f8:26:6d:9e:62:b5:84:d6:fc:bc:d3:27:3f:
b9:76:3e:55:fd:69:43:58:a9:3f:66:c0:b2:8e:e0:61:ea:c6:
1d:82:f2:63:00:00:ee:e4:fe:fb:d0:66:a0:60:86:b9:06:59:
5e:be:b6:f0:11:71:3c:b8:36:68:28:62:c4:e9:cd:bf:7f:23:
74:a2:d4:98:bc:bb:25:33:71:2d:bf:f8:4d:ea:81:7f:e1:ae:
73:0e:d5:17:66:36:76:a1:61:99:b1:1a:e7:78:67:69:d6:2a:
4d:bb:c1:d7:a0:73:b3:fa:37:34:35:3a:4f:a7:e7:8e:4d:64:
58:1f:12:fa:99:f3:ed:5a:6e:a9:5c:98:18:d7:4f:82:1b:ee:
5c:e4:ae:be:12:7a:bb:b3:e1:18:1f:0e:90:a9:b1:2a:d9:f9:
2a:e9:b7:b6:54:ac:d1:52:81:8a:80:27:3f:0c:65:8a:bd:ad:
a4:92:62:9f:51:2e:78:74:0b:d7:bd:0b:74:2d:8b:12:98:00:
91:bf:cc:9f:3c:23:fc:05:fe:ef:d3:da:28:4c:0d:2c:e6:76:
52:4e:bc:c2:f0:a6:10:1c:0f:da:6f:ec:94:e9:d5:6c:3d:31:
7f:d8:33:0f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEP/jjhUPS7/HphY6WDad1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODAxMjIxMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWNiM2IwOWRjOGM0Zjg1YzMxNmM2OGI0ZDA3YzRmMmUyODE2OGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoJikTewIZZOsiWijWOLE6eez0ws
QmsCoTOHvbDD6Za1JP+MOvcgx1aJ2pEovRXFlFdpKw3Hj1X4vWNwyGKRbG5jHrDw
RMDSy2jNCGFh1IIyTpXRKVw29NRekGA4YmQWKgXu0wro8uX7gE4QI1+Fp70ze5uz
b//2M5oYMay6l3phZ+SQLAI5vRr7y4ftHx1hJ/7NawkNNmg9H4ermZxkg3GZ0iOf
fSIIjf9r9CjXb93a76JIaw5nB9lGDp60KyDJF9JHUm110AIgHddwCYN4dlWsSBDe
ER3bEwGXlkhnf12ziDFkaWhoXNMRm2OnROrCGqiI3ufm6+Z6uJBMssJLAQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFM7LOwncjE+FwxbGi00HxPLigWi+MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvenNzN0NkeU1UNFhERnNhTFRRZkU4dUtCYUw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAlBwHH1Dbo2GU7HUBiDPbEFHm
xtXdUW34Jm2eYrWE1vy80yc/uXY+Vf1pQ1ipP2bAso7gYerGHYLyYwAA7uT++9Bm
oGCGuQZZXr628BFxPLg2aChixOnNv38jdKLUmLy7JTNxLb/4TeqBf+Gucw7VF2Y2
dqFhmbEa53hnadYqTbvB16Bzs/o3NDU6T6fnjk1kWB8S+pnz7VpuqVyYGNdPghvu
XOSuvhJ6u7PhGB8OkKmxKtn5Kum3tlSs0VKBioAnPwxlir2tpJJin1EueHQL170L
dC2LEpgAkb/Mnzwj/AX+79PaKEwNLOZ2Uk68wvCmEBwP2m/slOnVbD0xf9gzDw==
-----END CERTIFICATE-----
Generated at Fri Aug 2 01:44:02 2024 by rpki-client on console-ams.rpki-client.org