Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1sobDRTdO4S2uFeT7mTbEVtuAYo.roa
File: 1sobDRTdO4S2uFeT7mTbEVtuAYo.roa (raw, json)
Hash identifier: KCIO/OOk3hi6VMKFs03izc1uVDT1/QLQHgj3/Vcc7wI=
Subject key identifier: D6:CA:1B:0D:14:DD:3B:84:B6:B8:57:93:EE:64:DB:11:5B:6E:01:8A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01911781BF08CB3F1529D6C5B5E77B6C0286
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1sobDRTdO4S2uFeT7mTbEVtuAYo.roa
Signing time: Sat 03 Aug 2024 09:11:04 +0000
ROA not before: Sat 03 Aug 2024 09:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 03 Aug 2024 10:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:17:81:bf:08:cb:3f:15:29:d6:c5:b5:e7:7b:6c:02:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 3 09:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6ca1b0d14dd3b84b6b85793ee64db115b6e018a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c5:7f:82:a3:36:c8:33:f4:71:6c:ee:aa:1a:
3f:c1:11:d1:2f:8a:7c:d3:47:20:fe:f7:d6:b3:a3:
28:39:c6:8b:50:db:78:c0:bf:c7:45:ba:5b:da:d2:
86:24:1b:2d:6e:47:99:4d:53:33:1b:c6:d6:da:1b:
2d:f3:3c:7c:e4:d1:0e:ae:b6:f2:51:c1:6a:10:91:
6d:12:ef:cf:38:55:54:ae:98:43:fb:6d:ca:57:d2:
95:37:2e:26:6a:c9:1f:99:0e:a0:14:f7:9f:d5:77:
5b:a9:d7:4b:30:09:1e:d7:8a:00:57:7f:52:1d:02:
c4:24:0d:18:f3:e0:3d:4e:08:22:eb:d4:f2:7e:9a:
56:fb:c4:ac:ba:8b:1a:66:57:61:79:42:c0:be:f9:
e2:a3:43:79:39:25:0a:45:d2:3c:77:f1:a1:8f:f6:
85:b0:5d:f0:e3:51:77:aa:c6:01:7c:63:ef:dd:28:
48:cb:45:5f:63:e7:b5:bb:7b:83:9e:a0:67:00:47:
f5:e5:df:38:97:2f:80:f0:01:29:b4:d2:b0:51:cb:
b9:97:a0:02:a7:16:c6:82:b5:4b:e2:3e:58:69:6e:
62:08:98:f3:f5:16:dc:fb:34:6b:47:0a:b8:48:c3:
92:52:37:01:d3:eb:a8:76:0d:a6:d2:2a:67:9e:67:
c3:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:CA:1B:0D:14:DD:3B:84:B6:B8:57:93:EE:64:DB:11:5B:6E:01:8A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1sobDRTdO4S2uFeT7mTbEVtuAYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
1f:23:04:68:8e:40:85:90:f6:83:3e:9a:61:c8:55:71:de:49:
5f:2e:51:0d:47:ec:4a:19:e2:d0:a6:1c:92:6d:0f:bb:df:91:
78:32:8a:8a:1d:3b:ed:ee:2f:8f:18:29:8e:fa:ec:b4:22:b7:
23:92:fd:3d:3d:82:81:94:d1:b8:46:fe:02:97:9e:16:31:45:
e1:bf:d8:64:11:26:03:25:45:0d:59:d0:19:a2:cd:68:39:c4:
d3:f2:14:dc:f3:30:ca:ea:fb:62:c0:36:34:4f:04:6e:30:47:
87:76:a7:21:d3:89:cd:97:fa:d2:58:6e:c0:03:63:0e:9b:73:
74:a9:3e:64:9b:c6:4d:a1:4d:3e:c8:71:b9:37:e0:4e:19:a1:
c8:68:61:67:13:ee:01:8b:b0:92:72:4c:cc:66:1a:3a:84:bc:
96:54:fe:51:2c:fb:ed:e3:dc:8c:e1:36:1b:79:22:88:6d:49:
c7:21:e3:e5:0a:0f:b2:75:d8:89:8f:06:f5:b7:99:15:ac:e8:
2d:8d:9d:fc:cd:f1:b6:e1:17:71:03:b2:52:39:1c:03:40:a0:
07:12:4c:40:04:ee:55:e5:9b:5c:39:c5:2e:1f:b1:ff:2f:94:
be:38:6f:37:f9:42:a2:80:14:15:6a:04:36:fd:ff:52:91:68:
74:ee:15:a3
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEXgb8Iyz8VKdbFted7bAKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODAzMDkxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmNhMWIwZDE0ZGQzYjg0YjZiODU3OTNlZTY0ZGIxMTViNmUwMThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8V/gqM2yDP0cWzuqho/wRHRL4p8
00cg/vfWs6MoOcaLUNt4wL/HRbpb2tKGJBstbkeZTVMzG8bW2hst8zx85NEOrrby
UcFqEJFtEu/POFVUrphD+23KV9KVNy4maskfmQ6gFPef1XdbqddLMAke14oAV39S
HQLEJA0Y8+A9Tggi69TyfppW+8SsuosaZldheULAvvnio0N5OSUKRdI8d/Ghj/aF
sF3w41F3qsYBfGPv3ShIy0VfY+e1u3uDnqBnAEf15d84ly+A8AEptNKwUcu5l6AC
pxbGgrVL4j5YaW5iCJjz9Rbc+zRrRwq4SMOSUjcB0+uodg2m0ipnnmfDyQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNbKGw0U3TuEtrhXk+5k2xFbbgGKMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMXNvYkRSVGRPNFMydUZlVDdtVGJFVnR1QVlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAHyMEaI5AhZD2gz6aYchVcd5J
Xy5RDUfsShni0KYckm0Pu9+ReDKKih077e4vjxgpjvrstCK3I5L9PT2CgZTRuEb+
ApeeFjFF4b/YZBEmAyVFDVnQGaLNaDnE0/IU3PMwyur7YsA2NE8EbjBHh3anIdOJ
zZf60lhuwANjDptzdKk+ZJvGTaFNPshxuTfgThmhyGhhZxPuAYuwknJMzGYaOoS8
llT+USz77ePcjOE2G3kiiG1JxyHj5QoPsnXYiY8G9beZFazoLY2d/M3xtuEXcQOy
UjkcA0CgBxJMQATuVeWbXDnFLh+x/y+UvjhvN/lCooAUFWoENv3/UpFodO4Vow==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:01 2025 by rpki-client