Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0_r-H19QOnDIPZLDNaDjzF13Xdg.roa
File: 0_r-H19QOnDIPZLDNaDjzF13Xdg.roa (raw, json)
Hash identifier: Hzv/i3aRqE8LgW8tmHdP7Kz+PIMqrhWZB+Es/FDnOcY=
Subject key identifier: D3:FA:FE:1F:5F:50:3A:70:C8:3D:92:C3:35:A0:E3:CC:5D:77:5D:D8
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191994D4178BCC86B80BA1E9D91B186BC91
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0_r-H19QOnDIPZLDNaDjzF13Xdg.roa
Signing time: Wed 28 Aug 2024 14:04:22 +0000
ROA not before: Wed 28 Aug 2024 14:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:994d:36c2/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 28 Aug 2024 14:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:99:4d:41:78:bc:c8:6b:80:ba:1e:9d:91:b1:86:bc:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 28 14:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3fafe1f5f503a70c83d92c335a0e3cc5d775dd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8f:14:cc:5a:58:7b:46:f5:62:24:ba:78:ce:
ed:9e:2e:ac:27:c8:87:a9:64:d6:0b:ef:4f:eb:64:
26:da:7a:72:89:4a:29:07:53:92:04:44:c5:6c:4c:
b1:15:75:6d:bd:87:52:51:8d:83:ee:99:04:41:b8:
40:56:1f:89:bc:21:2e:27:38:90:14:4d:45:1b:f1:
dd:9a:4f:ec:4e:0e:3f:c3:19:60:e9:7b:39:b8:44:
3b:b6:65:05:63:57:26:f3:78:30:59:fb:0e:82:af:
51:4e:80:3d:32:81:dd:85:cb:66:0c:cf:44:8f:72:
13:30:6a:85:da:3f:5a:28:4d:3c:88:bd:60:ac:d3:
41:75:31:db:bb:7c:0d:db:1c:22:65:23:b4:a3:5f:
78:0d:ed:21:88:8e:ef:71:39:d2:73:e4:95:28:63:
aa:5a:3f:10:69:60:e5:8d:a0:0b:90:53:6d:90:4b:
72:7a:c5:80:59:99:15:71:9d:57:3b:0d:6d:e1:83:
58:0e:79:29:58:e7:8c:57:19:e0:e0:7d:1f:50:2c:
22:04:eb:84:40:73:e5:88:f6:1f:79:c6:b0:6b:64:
0c:b4:48:9e:0d:1f:a6:10:de:5a:76:6e:d8:5b:7f:
15:79:ea:9b:3b:81:1e:5e:8b:67:00:7a:7d:5f:25:
ec:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:FA:FE:1F:5F:50:3A:70:C8:3D:92:C3:35:A0:E3:CC:5D:77:5D:D8
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0_r-H19QOnDIPZLDNaDjzF13Xdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:994d:36c2/128
Signature Algorithm: sha256WithRSAEncryption
43:f9:71:ae:c9:cf:ea:2f:0a:30:cc:d5:87:c0:68:db:9b:8e:
58:dd:df:2c:0a:b7:d7:74:ee:a5:9c:1d:3f:dc:00:e5:e3:ee:
b5:a8:da:0a:cb:3e:0d:e7:8c:03:8c:90:c1:40:bc:c6:08:1a:
c0:fe:00:02:3a:62:dd:70:19:fd:a6:9a:b9:07:26:d6:39:92:
25:39:a5:fe:a2:b6:bd:27:a9:34:f8:c2:bf:40:48:e1:0f:fb:
45:a9:5b:9f:a7:78:23:16:85:97:8e:21:73:6c:8e:bb:1a:47:
1a:cf:06:6c:1e:86:95:fe:4d:19:b9:90:89:e0:ac:52:91:1c:
8a:05:9b:7c:f3:aa:de:74:53:df:6a:1e:21:12:53:3d:75:55:
e4:92:62:e8:d1:bc:90:e7:21:ae:47:5c:6f:06:c6:7e:07:83:
f1:6e:fb:1d:27:91:95:3a:d7:0f:00:7d:f1:b0:8b:d8:41:7b:
ae:dc:33:3e:99:51:bf:9a:e8:43:6d:54:f4:4c:ae:ff:f8:e7:
c9:da:4d:8f:44:ce:3c:4d:23:54:fc:dc:e0:89:91:33:83:91:
d6:12:4e:40:6e:36:b2:d0:aa:85:06:26:e5:65:5e:62:cd:e6:
b2:73:01:1e:38:77:a5:f8:6f:b7:39:7b:28:2b:40:57:c3:64:
a7:17:fa:36
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZGZTUF4vMhrgLoenZGxhryRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI4MTQwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2ZhZmUxZjVmNTAzYTcwYzgzZDkyYzMzNWEwZTNjYzVkNzc1ZGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyo8UzFpYe0b1YiS6eM7tni6sJ8iH
qWTWC+9P62Qm2npyiUopB1OSBETFbEyxFXVtvYdSUY2D7pkEQbhAVh+JvCEuJziQ
FE1FG/Hdmk/sTg4/wxlg6Xs5uEQ7tmUFY1cm83gwWfsOgq9RToA9MoHdhctmDM9E
j3ITMGqF2j9aKE08iL1grNNBdTHbu3wN2xwiZSO0o194De0hiI7vcTnSc+SVKGOq
Wj8QaWDljaALkFNtkEtyesWAWZkVcZ1XOw1t4YNYDnkpWOeMVxng4H0fUCwiBOuE
QHPliPYfecawa2QMtEieDR+mEN5adm7YW38VeeqbO4EeXotnAHp9XyXsqwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNP6/h9fUDpwyD2SwzWg48xdd13YMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMF9yLUgxOVFPbkRJUFpMRE5hRGp6RjEzWGRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkZlNNsIwDQYJKoZIhvcNAQELBQADggEB
AEP5ca7Jz+ovCjDM1YfAaNubjljd3ywKt9d07qWcHT/cAOXj7rWo2grLPg3njAOM
kMFAvMYIGsD+AAI6Yt1wGf2mmrkHJtY5kiU5pf6itr0nqTT4wr9ASOEP+0WpW5+n
eCMWhZeOIXNsjrsaRxrPBmwehpX+TRm5kIngrFKRHIoFm3zzqt50U99qHiESUz11
VeSSYujRvJDnIa5HXG8Gxn4Hg/Fu+x0nkZU61w8AffGwi9hBe67cMz6ZUb+a6ENt
VPRMrv/458naTY9EzjxNI1T83OCJkTODkdYSTkBuNrLQqoUGJuVlXmLN5rJzAR44
d6X4b7c5eygrQFfDZKcX+jY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:06 2025 by rpki-client