Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-j5i5HYT8_yGRBQnDzPFJIhTknE.roa
File: 1-j5i5HYT8_yGRBQnDzPFJIhTknE.roa (raw, json)
Hash identifier: 72ItqUy0BO1qBCCANABxftymbXgPsFcqJdh+gr2R1Wg=
Subject key identifier: FA:3E:62:E4:76:13:F3:FC:86:44:14:27:0F:33:C5:24:88:53:92:71
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191DA233F2A683C15CBCD6AFCB247310248
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-j5i5HYT8_yGRBQnDzPFJIhTknE.roa
Signing time: Tue 10 Sep 2024 04:13:48 +0000
ROA not before: Tue 10 Sep 2024 04:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 10 Sep 2024 05:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:da:23:3f:2a:68:3c:15:cb:cd:6a:fc:b2:47:31:02:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 10 04:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa3e62e47613f3fc864414270f33c52488539271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ff:86:c3:f5:38:65:df:bd:a2:87:7d:c5:0d:
a5:93:e5:b9:18:04:02:9d:d7:6a:97:eb:68:9f:34:
04:41:f2:bc:82:5e:1f:64:b4:00:c0:b2:4b:0a:b1:
f7:bd:3f:91:2f:35:ad:fe:f2:38:ee:7d:47:ee:a2:
20:9c:46:54:a8:11:0d:04:ee:d4:36:f1:da:14:34:
ae:24:76:9e:af:98:0b:92:8b:9b:ee:4c:64:f5:3f:
a5:36:27:06:5e:c2:a4:75:dd:da:76:98:8b:0a:9f:
58:91:27:62:c7:df:ce:53:59:04:cf:7e:85:a3:73:
fb:7c:6a:ef:d6:33:d1:83:d3:34:a6:cb:39:60:e5:
e7:70:a7:e5:8c:ae:69:08:16:69:20:0a:9b:99:27:
d8:e4:bc:a0:7e:a7:8b:6c:f5:e7:86:cf:cf:a3:34:
2a:4a:ad:f8:4b:d5:d8:03:e9:ac:b4:2d:8d:e6:f1:
43:80:73:31:65:9f:ea:ed:ad:e2:78:06:d5:1e:80:
11:0c:91:48:64:c6:31:4c:5f:8d:64:95:a4:fb:74:
40:50:95:fb:6c:c0:df:8f:00:ba:16:d4:7e:b8:2f:
0b:4b:fe:31:53:09:ae:a5:2e:e5:16:13:74:30:30:
78:a7:e1:f7:f0:0c:dd:08:3a:1a:e3:7d:b7:ed:4b:
2a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:3E:62:E4:76:13:F3:FC:86:44:14:27:0F:33:C5:24:88:53:92:71
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-j5i5HYT8_yGRBQnDzPFJIhTknE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
3a:c4:d3:11:8b:66:90:b2:ee:1b:94:59:12:cb:5c:39:1e:70:
3c:84:74:8d:32:9e:3b:ca:5e:c8:1f:18:a7:c9:49:2f:10:13:
d1:e6:5f:d5:ea:c1:94:79:a7:25:07:bb:ad:b7:8d:0b:d1:eb:
70:41:df:26:6e:17:83:1e:2d:26:a7:7d:19:7a:a2:0b:85:e0:
d9:3a:2f:ef:cb:de:08:14:ea:80:35:82:60:58:71:38:1d:e9:
e1:dc:b9:30:c0:69:d5:1e:ef:bd:78:0e:22:b5:f5:ec:0b:7f:
48:26:90:41:77:53:52:96:65:a0:a8:97:c6:ba:c2:89:74:45:
57:2e:cf:43:27:6f:dc:ad:c5:26:57:6a:3d:fe:70:d1:b4:b8:
9c:25:ee:12:5d:a3:6c:e6:ec:4f:20:f3:e6:78:3b:db:f3:9f:
f2:4a:c5:8d:f8:33:8b:8d:7b:8e:ce:02:3d:78:e6:79:e6:33:
93:29:9f:01:69:52:19:76:67:22:09:29:4e:46:a4:78:82:1c:
36:20:2e:69:00:f9:d4:af:10:86:01:7f:08:64:a2:69:8b:71:
97:43:50:45:45:f6:d4:e1:33:92:89:71:c0:b1:1f:21:2d:51:
b6:9d:be:1e:a6:df:10:07:3b:a2:1e:90:e3:11:57:08:22:35:
97:38:3b:e4
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZHaIz8qaDwVy81q/LJHMQJIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTEwMDQxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTNlNjJlNDc2MTNmM2ZjODY0NDE0MjcwZjMzYzUyNDg4NTM5MjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvP+Gw/U4Zd+9ood9xQ2lk+W5GAQC
nddql+tonzQEQfK8gl4fZLQAwLJLCrH3vT+RLzWt/vI47n1H7qIgnEZUqBENBO7U
NvHaFDSuJHaer5gLkoub7kxk9T+lNicGXsKkdd3adpiLCp9YkSdix9/OU1kEz36F
o3P7fGrv1jPRg9M0pss5YOXncKfljK5pCBZpIAqbmSfY5LygfqeLbPXnhs/PozQq
Sq34S9XYA+mstC2N5vFDgHMxZZ/q7a3ieAbVHoARDJFIZMYxTF+NZJWk+3RAUJX7
bMDfjwC6FtR+uC8LS/4xUwmupS7lFhN0MDB4p+H38AzdCDoa43237UsqWQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFPo+YuR2E/P8hkQUJw8zxSSIU5JxMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMS1qNWk1SFlUOF95R1JCUW5EelBGSkloVGtuRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvMDk4MzdjLTk4ZjMtNGM5Zi1hZWJmLTg4MTQ4OGZmZGJi
MC8xL1VtSUVGZEpKQ2w3RDlwSmJuM2tFRG80aTNiOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBSBggrBgEFBQcBBwEB/wRDMEEwPwQCAAIwOQMRACABBnwA
ZP//AAABkP3y8wIDEQAgAQZ8AGT//wAAAZHWBtecAxEAIAEGfABk//8AAAGR2Cw3
GzANBgkqhkiG9w0BAQsFAAOCAQEAOsTTEYtmkLLuG5RZEstcOR5wPIR0jTKeO8pe
yB8Yp8lJLxAT0eZf1erBlHmnJQe7rbeNC9HrcEHfJm4Xgx4tJqd9GXqiC4Xg2Tov
78veCBTqgDWCYFhxOB3p4dy5MMBp1R7vvXgOIrX17At/SCaQQXdTUpZloKiXxrrC
iXRFVy7PQydv3K3FJldqPf5w0bS4nCXuEl2jbObsTyDz5ng72/Of8krFjfgzi417
js4CPXjmeeYzkymfAWlSGXZnIgkpTkakeIIcNiAuaQD51K8QhgF/CGSiaYtxl0NQ
RUX21OEzkolxwLEfIS1Rtp2+HqbfEAc7oh6Q4xFXCCI1lzg75A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:09 2025 by rpki-client