Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1mnHYjVQg9DDqUVMgHjUbSrmzbI.roa
File: 1mnHYjVQg9DDqUVMgHjUbSrmzbI.roa (raw, json)
Hash identifier: idJHZE3wvH7I071kNlRYIrXlBr+KFCfLv/2+rhAmauE=
Subject key identifier: D6:69:C7:62:35:50:83:D0:C3:A9:45:4C:80:78:D4:6D:2A:E6:CD:B2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191D67C10BFAE66869DA9B14DA23A04D6A8
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1mnHYjVQg9DDqUVMgHjUbSrmzbI.roa
Signing time: Mon 09 Sep 2024 11:12:20 +0000
ROA not before: Mon 09 Sep 2024 11:12:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 09 Sep 2024 13:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:7c:10:bf:ae:66:86:9d:a9:b1:4d:a2:3a:04:d6:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 9 11:12:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d669c762355083d0c3a9454c8078d46d2ae6cdb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0f:0b:a4:6a:92:a2:c9:08:12:05:af:a1:38:
18:e7:5d:d3:24:8a:b9:e6:8d:c7:61:ec:92:07:2b:
1a:1e:89:72:4c:45:0f:95:6d:8c:cc:ba:19:b9:b6:
18:a6:00:04:61:73:a8:c4:ba:01:5a:f5:e8:32:2f:
e7:4b:89:2d:8b:e9:3e:3e:66:75:c7:de:46:ea:aa:
b5:6b:83:c8:36:16:07:ff:57:5d:46:c5:2a:98:ff:
3c:28:23:e5:d4:b0:a6:22:45:84:29:0e:e0:7c:a6:
b0:3f:a8:2b:7c:4d:e5:87:e6:fb:d9:5d:7b:30:b5:
53:73:38:fa:10:22:49:25:8a:73:90:37:6c:03:98:
79:7d:42:f0:58:3c:af:6a:db:1f:a2:91:26:93:fd:
5c:64:e1:c1:0d:82:ea:dd:67:32:bd:55:95:38:63:
26:52:71:4f:f2:57:f4:b9:7a:29:5b:8c:6d:c4:38:
ed:ae:b0:cd:5e:80:04:e5:90:1c:2c:65:fd:90:75:
fe:fd:d6:11:d8:a5:7e:ba:05:54:49:62:d0:a4:1c:
4e:c5:29:09:95:ab:3d:16:81:bb:48:87:3d:98:62:
5b:cc:c8:72:96:50:88:d3:e1:34:79:b0:0c:10:be:
a8:0a:11:26:56:6a:9b:1d:ca:cd:c9:3f:7a:fd:66:
29:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:69:C7:62:35:50:83:D0:C3:A9:45:4C:80:78:D4:6D:2A:E6:CD:B2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1mnHYjVQg9DDqUVMgHjUbSrmzbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
Signature Algorithm: sha256WithRSAEncryption
62:dd:04:ed:dd:15:3c:a2:ff:fb:c4:11:ed:8d:b7:12:3f:3d:
09:61:40:2b:29:32:ef:04:99:8d:34:ef:15:b9:6d:d2:c3:10:
60:29:d2:34:d7:93:45:a1:f5:50:de:61:31:df:74:90:3c:99:
f2:d3:c0:e0:b5:99:8e:3a:cd:0f:69:dc:51:69:af:d0:8f:d1:
e7:21:d0:28:c0:6b:3d:4c:73:55:da:4f:6b:ac:a9:54:f0:41:
43:ad:b7:a5:a6:b3:45:b7:ec:c3:08:16:fb:59:a1:c5:1e:81:
9a:6d:00:d0:d4:33:15:35:74:e3:d2:8b:67:5c:0c:d2:c3:a6:
a9:3e:82:65:03:22:09:80:00:58:1a:88:21:79:49:a8:4c:9f:
e1:86:4b:df:f0:2f:e3:8c:6e:22:29:5d:12:02:d7:06:f3:6c:
1b:60:14:fc:70:af:a4:24:d5:f5:ee:45:46:8a:6e:f7:24:a1:
6c:dd:ea:0e:ab:05:ea:96:eb:87:00:9c:c5:c9:17:e5:98:76:
f3:64:5f:e2:42:dd:fa:c4:9a:93:e5:d5:a6:85:d5:16:61:00:
34:39:5c:3c:59:a1:2e:54:ed:2c:80:78:9e:0f:ea:ce:92:a4:
ac:73:a0:c6:79:41:c2:25:49:d3:bb:a0:1a:2b:0a:99:bf:68:
41:8c:97:cc
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZHWfBC/rmaGnamxTaI6BNaoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA5MTExMjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjY5Yzc2MjM1NTA4M2QwYzNhOTQ1NGM4MDc4ZDQ2ZDJhZTZjZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQ8LpGqSoskIEgWvoTgY513TJIq5
5o3HYeySBysaHolyTEUPlW2MzLoZubYYpgAEYXOoxLoBWvXoMi/nS4kti+k+PmZ1
x95G6qq1a4PINhYH/1ddRsUqmP88KCPl1LCmIkWEKQ7gfKawP6grfE3lh+b72V17
MLVTczj6ECJJJYpzkDdsA5h5fULwWDyvatsfopEmk/1cZOHBDYLq3WcyvVWVOGMm
UnFP8lf0uXopW4xtxDjtrrDNXoAE5ZAcLGX9kHX+/dYR2KV+ugVUSWLQpBxOxSkJ
las9FoG7SIc9mGJbzMhyllCI0+E0ebAMEL6oChEmVmqbHcrNyT96/WYpTQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNZpx2I1UIPQw6lFTIB41G0q5s2yMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMW1uSFlqVlFnOUREcVVWTWdIalViU3JtemJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wwDQYJKoZIhvcNAQELBQADggEB
AGLdBO3dFTyi//vEEe2NtxI/PQlhQCspMu8EmY007xW5bdLDEGAp0jTXk0Wh9VDe
YTHfdJA8mfLTwOC1mY46zQ9p3FFpr9CP0ech0CjAaz1Mc1XaT2usqVTwQUOtt6Wm
s0W37MMIFvtZocUegZptANDUMxU1dOPSi2dcDNLDpqk+gmUDIgmAAFgaiCF5SahM
n+GGS9/wL+OMbiIpXRIC1wbzbBtgFPxwr6Qk1fXuRUaKbvckoWzd6g6rBeqW64cA
nMXJF+WYdvNkX+JC3frEmpPl1aaF1RZhADQ5XDxZoS5U7SyAeJ4P6s6SpKxzoMZ5
QcIlSdO7oBorCpm/aEGMl8w=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:20:46 2025 by rpki-client