Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-8I2PHEjDHvMjirnyZVgqlGOQxM.roa
File: 1-8I2PHEjDHvMjirnyZVgqlGOQxM.roa (raw, json)
Hash identifier: 8w78ZUiKDDyFcux2bGDFxEQlesLecalql6Yib2GRz9Q=
Subject key identifier: FB:C2:36:3C:71:23:0C:7B:CC:8E:2A:E7:C9:95:60:AA:51:8E:43:13
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0192DC3E351E933F73673DF21444472C2181
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-8I2PHEjDHvMjirnyZVgqlGOQxM.roa
Signing time: Wed 30 Oct 2024 07:05:17 +0000
ROA not before: Wed 30 Oct 2024 07:05:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:192:dc3d:bcd0/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 30 Oct 2024 07:10:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dc:3e:35:1e:93:3f:73:67:3d:f2:14:44:47:2c:21:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Oct 30 07:05:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbc2363c71230c7bcc8e2ae7c99560aa518e4313
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ab:d3:ac:5b:f0:f1:53:d5:27:6c:26:66:9d:
0d:84:d7:98:53:11:fe:89:66:9f:c9:25:00:fd:6e:
b0:db:4a:50:f0:47:f7:a1:28:08:51:f8:22:8b:dd:
b4:8e:f8:19:83:bf:60:bc:d4:fa:ed:53:74:93:f4:
8f:a8:a9:e1:a0:9c:fe:6f:5f:20:ae:72:c8:7e:65:
7a:77:ae:02:37:3b:d6:23:3d:c0:9a:00:0c:52:b3:
33:95:f3:00:17:99:4e:9f:c8:fd:5c:d7:80:8c:5b:
5d:87:49:bb:35:1b:90:a3:a4:a9:0c:ed:ae:42:44:
c7:d3:02:fa:4c:8d:30:6e:79:26:6c:0d:92:6e:62:
8d:35:cb:d2:8b:30:09:f3:a6:a0:a0:4d:4e:3f:e1:
05:a9:39:a6:e7:5d:2a:f9:df:01:a1:72:3c:89:4f:
ba:34:d1:aa:81:35:d3:a3:2c:05:42:57:8d:bb:aa:
57:77:5a:a2:36:7e:e1:25:03:b3:a8:f2:85:17:71:
11:3a:c7:66:1a:80:d0:6d:27:39:90:61:f2:2e:c0:
c0:9f:49:0d:3a:e1:07:32:7e:5a:39:ac:82:1b:fd:
66:5c:3f:ff:62:3e:83:aa:1d:32:c1:14:7f:e2:14:
e9:88:d1:bb:3a:53:7f:ef:0b:fe:8c:40:fc:41:26:
b0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C2:36:3C:71:23:0C:7B:CC:8E:2A:E7:C9:95:60:AA:51:8E:43:13
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-8I2PHEjDHvMjirnyZVgqlGOQxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:192:dc3d:bcd0/128
Signature Algorithm: sha256WithRSAEncryption
15:d2:58:36:4a:9b:44:2a:93:2b:9d:96:66:95:75:3c:05:49:
03:ff:6f:b6:36:4d:e2:c3:df:85:16:6f:16:28:a7:34:ed:55:
c8:38:d3:89:b8:b4:ea:2e:9a:f2:da:76:e5:33:7d:4c:99:44:
fb:87:d6:cc:85:b1:6d:ba:07:19:94:5d:54:75:bf:8f:e8:92:
95:51:65:f1:6c:d8:95:ed:4a:3f:b2:dd:74:e8:40:d5:4e:df:
f9:ca:13:dc:2e:0e:2e:07:58:42:33:7e:b8:a2:00:9e:c1:bb:
89:5a:a0:cf:be:1c:04:ca:03:fd:a6:b2:78:dd:f4:00:0d:73:
4e:d5:fa:aa:50:cc:25:bb:ed:ef:e7:79:50:aa:39:33:98:cb:
95:2a:c5:5b:e5:aa:f3:14:db:4b:96:2e:c3:ac:71:98:eb:0b:
ff:48:d2:5c:59:58:76:46:f4:58:34:a6:71:c4:92:22:88:83:
4d:44:9e:74:2e:64:cb:82:6f:9e:69:28:4b:6e:a9:fc:d5:d0:
c2:f1:2d:10:a9:af:07:ff:08:b5:d2:af:f7:57:c9:9e:71:e3:
e1:e0:1b:b6:5f:ed:97:91:2c:f3:44:68:fe:00:29:3a:f3:42:
3b:ac:55:94:e7:a5:50:ae:71:a5:5e:f0:77:ae:c5:6a:6b:2f:
6a:5f:bf:4c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZLcPjUekz9zZz3yFERHLCGBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMDMwMDcwNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmMyMzYzYzcxMjMwYzdiY2M4ZTJhZTdjOTk1NjBhYTUxOGU0MzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KvTrFvw8VPVJ2wmZp0NhNeYUxH+
iWafySUA/W6w20pQ8Ef3oSgIUfgii920jvgZg79gvNT67VN0k/SPqKnhoJz+b18g
rnLIfmV6d64CNzvWIz3AmgAMUrMzlfMAF5lOn8j9XNeAjFtdh0m7NRuQo6SpDO2u
QkTH0wL6TI0wbnkmbA2SbmKNNcvSizAJ86agoE1OP+EFqTmm510q+d8BoXI8iU+6
NNGqgTXToywFQleNu6pXd1qiNn7hJQOzqPKFF3EROsdmGoDQbSc5kGHyLsDAn0kN
OuEHMn5aOayCG/1mXD//Yj6Dqh0ywRR/4hTpiNG7OlN/7wv+jED8QSawgQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPvCNjxxIwx7zI4q58mVYKpRjkMTMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMS04STJQSEVqREh2TWppcm55WlZncWxHT1F4TS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvMDk4MzdjLTk4ZjMtNGM5Zi1hZWJmLTg4MTQ4OGZmZGJi
MC8xL1VtSUVGZEpKQ2w3RDlwSmJuM2tFRG80aTNiOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAsBggrBgEFBQcBBwEB/wQdMBswGQQCAAIwEwMRACABBnwA
ZP//AAABktw9vNAwDQYJKoZIhvcNAQELBQADggEBABXSWDZKm0QqkyudlmaVdTwF
SQP/b7Y2TeLD34UWbxYopzTtVcg404m4tOoumvLaduUzfUyZRPuH1syFsW26BxmU
XVR1v4/okpVRZfFs2JXtSj+y3XToQNVO3/nKE9wuDi4HWEIzfriiAJ7Bu4laoM++
HATKA/2msnjd9AANc07V+qpQzCW77e/neVCqOTOYy5UqxVvlqvMU20uWLsOscZjr
C/9I0lxZWHZG9Fg0pnHEkiKIg01EnnQuZMuCb55pKEtuqfzV0MLxLRCprwf/CLXS
r/dXyZ5x4+HgG7Zf7ZeRLPNEaP4AKTrzQjusVZTnpVCucaVe8HeuxWprL2pfv0w=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:22 2025 by rpki-client