Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0Y2qhT5_rMWrAvpMSXBEzV7qGds.roa
File: 0Y2qhT5_rMWrAvpMSXBEzV7qGds.roa (raw, json)
Hash identifier: IF+wYP/SoqrWHKQEv+2JjbztLftlwHBxZcBGLrelv7c=
Subject key identifier: D1:8D:AA:85:3E:7F:AC:C5:AB:02:FA:4C:49:70:44:CD:5E:EA:19:DB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01919877EF9628408836B7D74184F64906A7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0Y2qhT5_rMWrAvpMSXBEzV7qGds.roa
Signing time: Wed 28 Aug 2024 10:11:22 +0000
ROA not before: Wed 28 Aug 2024 10:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 28 Aug 2024 11:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:98:77:ef:96:28:40:88:36:b7:d7:41:84:f6:49:06:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 28 10:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d18daa853e7facc5ab02fa4c497044cd5eea19db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:37:d6:71:7f:f5:fd:bf:36:01:78:61:11:1f:
ad:fa:c3:0a:43:86:bd:87:54:c3:08:b2:2a:a4:4a:
c1:94:6d:16:2e:f8:a3:46:b6:77:12:c6:03:e2:17:
69:7c:b2:e6:d8:90:1c:05:62:7b:1a:a0:0e:78:17:
05:4e:b1:7a:58:0b:72:6b:8f:6e:ae:7b:36:9b:92:
a7:75:b9:1f:5e:6a:60:36:58:43:77:6b:13:f7:f0:
74:29:c5:0f:f1:c3:3a:41:70:f7:0f:e2:45:b5:87:
52:dd:01:77:a7:c7:25:03:2f:52:2c:7a:bf:eb:bb:
db:4e:da:da:a4:1a:88:43:a9:15:97:b2:53:bf:2f:
81:cd:eb:8e:27:b2:db:85:f6:ed:1c:26:ce:c2:be:
55:ad:8f:a1:f3:72:f0:26:1f:93:45:0a:10:12:b0:
13:64:03:0f:68:45:ec:f4:ab:20:c3:38:cf:fa:02:
19:d7:f9:ea:6a:a3:55:6e:cf:7e:08:8f:db:4b:45:
ae:f7:7f:7e:2d:1e:39:e6:68:d8:60:10:4b:cf:46:
cb:13:43:59:d5:ba:25:76:d6:d8:52:b4:c3:7e:a7:
f9:c6:e5:ca:8e:f6:85:f9:47:90:97:5b:1a:76:ac:
32:81:5c:fe:1d:79:d5:e0:13:d8:78:a8:2f:49:1a:
54:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:8D:AA:85:3E:7F:AC:C5:AB:02:FA:4C:49:70:44:CD:5E:EA:19:DB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0Y2qhT5_rMWrAvpMSXBEzV7qGds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
85:14:7d:ce:22:aa:f4:89:6f:de:65:84:3f:f4:ea:8d:a5:13:
aa:1f:19:21:19:80:09:6d:d2:76:be:42:6b:d8:53:75:a5:65:
cd:88:3e:6d:55:a2:2e:6b:1f:39:af:40:39:e1:19:29:c7:69:
98:99:24:3e:e7:07:c0:3e:4f:ca:e3:6a:45:84:37:29:34:5c:
b0:c9:2f:05:00:d5:b6:3a:ca:83:f3:5d:88:4e:da:81:92:9e:
91:86:de:55:6d:1a:57:3c:06:f8:00:b1:ab:55:86:d5:9b:6c:
37:81:42:b3:b0:67:fc:5a:90:47:96:92:d9:bb:8e:43:f8:ec:
02:06:cc:af:65:f4:b8:91:c2:90:55:f3:83:76:92:3f:9e:43:
de:03:1c:1f:f2:ae:a4:8e:43:73:3a:9a:24:b7:c2:3e:01:3c:
d9:1e:ea:0a:d8:5a:1b:a9:0e:57:e1:fa:33:21:da:fd:a5:7d:
b3:d8:22:ed:19:47:ed:59:53:dd:e4:41:d4:41:18:d3:b6:37:
b6:cc:9c:6f:f2:43:7d:2c:0c:c9:db:53:82:9f:62:a5:09:fc:
9a:1b:7b:f6:7b:38:f8:7f:46:35:5a:4e:85:19:3f:ef:67:be:
92:a1:f7:3f:58:97:34:19:02:8c:fd:98:03:bc:fd:4b:9e:f3:
b3:78:45:3c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGYd++WKECINrfXQYT2SQanMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI4MTAxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMThkYWE4NTNlN2ZhY2M1YWIwMmZhNGM0OTcwNDRjZDVlZWExOWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTfWcX/1/b82AXhhER+t+sMKQ4a9
h1TDCLIqpErBlG0WLvijRrZ3EsYD4hdpfLLm2JAcBWJ7GqAOeBcFTrF6WAtya49u
rns2m5KndbkfXmpgNlhDd2sT9/B0KcUP8cM6QXD3D+JFtYdS3QF3p8clAy9SLHq/
67vbTtrapBqIQ6kVl7JTvy+BzeuOJ7LbhfbtHCbOwr5VrY+h83LwJh+TRQoQErAT
ZAMPaEXs9KsgwzjP+gIZ1/nqaqNVbs9+CI/bS0Wu939+LR455mjYYBBLz0bLE0NZ
1boldtbYUrTDfqf5xuXKjvaF+UeQl1sadqwygVz+HXnV4BPYeKgvSRpUZQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNGNqoU+f6zFqwL6TElwRM1e6hnbMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMFkycWhUNV9yTVdyQXZwTVNYQkV6VjdxR2RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAhRR9ziKq9Ilv3mWEP/TqjaUT
qh8ZIRmACW3Sdr5Ca9hTdaVlzYg+bVWiLmsfOa9AOeEZKcdpmJkkPucHwD5PyuNq
RYQ3KTRcsMkvBQDVtjrKg/NdiE7agZKekYbeVW0aVzwG+ACxq1WG1ZtsN4FCs7Bn
/FqQR5aS2buOQ/jsAgbMr2X0uJHCkFXzg3aSP55D3gMcH/KupI5DczqaJLfCPgE8
2R7qCthaG6kOV+H6MyHa/aV9s9gi7RlH7VlT3eRB1EEY07Y3tsycb/JDfSwMydtT
gp9ipQn8mht79ns4+H9GNVpOhRk/72e+kqH3P1iXNBkCjP2YA7z9S57zs3hFPA==
-----END CERTIFICATE-----
Generated at Thu Aug 29 02:44:39 2024 by rpki-client on console.sobornost.net