Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/25WmZIVGto0sdaJ4PAQ4UTTv1lc.roa
File: 25WmZIVGto0sdaJ4PAQ4UTTv1lc.roa (raw, json)
Hash identifier: PQvIcibABGreO8NiVP35DyTTJFZWSePrMc69xnfXU9o=
Subject key identifier: DB:95:A6:64:85:46:B6:8D:2C:75:A2:78:3C:04:38:51:34:EF:D6:57
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191A93584EA4D92B57AD344B57218892085
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/25WmZIVGto0sdaJ4PAQ4UTTv1lc.roa
Signing time: Sat 31 Aug 2024 16:12:22 +0000
ROA not before: Sat 31 Aug 2024 16:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 31 Aug 2024 17:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a9:35:84:ea:4d:92:b5:7a:d3:44:b5:72:18:89:20:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 31 16:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db95a6648546b68d2c75a2783c04385134efd657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:21:f7:a0:41:f1:a0:5e:8e:71:6a:fe:39:9d:
ac:5f:24:77:f3:9e:4f:c6:68:3f:d2:48:bf:fc:48:
67:6a:ba:a8:2a:1c:98:12:d2:79:ec:af:04:6c:b3:
46:8a:22:ff:39:32:e1:e9:e3:66:ea:b2:f0:4b:f8:
e8:fe:44:56:71:23:bd:50:7a:79:4f:c9:f8:e2:dd:
d1:46:dd:0b:66:bc:94:43:c3:9b:f3:ec:5c:5f:67:
e0:8e:a1:58:7e:96:95:fd:f2:d0:d1:50:9f:44:ec:
56:66:47:86:3e:b7:79:1f:d2:fe:67:47:62:e8:5f:
64:45:b4:86:48:56:b4:7c:80:28:1f:e7:b7:7d:0c:
7c:3e:fc:53:9e:40:08:8f:17:59:bc:4a:b6:96:ed:
ed:e2:89:05:49:f0:70:75:b1:4a:73:3e:13:9e:40:
6d:68:aa:7f:b3:cc:f0:97:fe:d4:6b:c5:08:4e:f8:
5f:70:56:e9:a3:41:97:66:c0:90:db:ed:e0:5f:61:
94:96:15:25:f5:5e:b1:c3:71:99:05:3f:84:2b:2f:
18:16:53:eb:d5:f1:13:35:40:5e:02:88:5b:a4:54:
78:f0:08:a4:33:04:09:8f:f9:66:48:b4:e1:fe:72:
64:64:6e:af:fd:4a:08:ec:60:11:d2:1a:e3:fd:33:
2b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:95:A6:64:85:46:B6:8D:2C:75:A2:78:3C:04:38:51:34:EF:D6:57
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/25WmZIVGto0sdaJ4PAQ4UTTv1lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
25:84:47:6f:82:70:06:90:ce:fb:7b:b0:05:5d:e6:bb:96:6c:
71:05:33:0e:7c:3f:ab:81:90:40:14:9c:28:ff:66:c0:ab:f2:
d1:04:ee:22:24:69:8d:b8:2d:8e:0f:64:7b:3e:db:e6:3e:72:
25:cb:b2:30:ca:ee:b5:de:9d:7e:57:b7:c4:f0:3e:b7:d0:f5:
58:ef:7d:88:77:1d:18:e9:c8:7f:b3:4e:e5:f0:a8:cf:6f:a2:
bf:38:61:c7:0d:1d:8e:83:79:d3:b1:af:ab:33:40:c3:14:ec:
14:3e:db:a2:dd:2b:8a:23:6d:c3:ee:2b:3c:d3:89:47:67:ee:
65:71:e3:2f:22:35:9a:95:c2:e1:02:17:80:58:a4:fd:43:f6:
e9:3f:65:ce:a5:b9:17:55:66:e0:b3:f9:5c:fa:6c:e1:4f:86:
42:f3:50:d1:47:a7:a4:d7:1e:bc:94:f2:04:1d:88:2c:de:96:
19:02:de:75:00:ce:d8:d9:f2:42:cd:ff:e3:45:cd:27:d8:19:
1e:b5:f5:84:c6:33:6a:a2:5c:6a:03:39:d5:f0:58:39:30:e9:
37:2b:fd:a7:ee:50:78:6c:b9:09:c3:44:4e:c6:4b:96:17:b3:
51:26:5c:14:4e:ad:1a:ef:4d:dd:6c:64:be:68:c0:73:94:76:
8b:73:04:21
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGpNYTqTZK1etNEtXIYiSCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODMxMTYxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjk1YTY2NDg1NDZiNjhkMmM3NWEyNzgzYzA0Mzg1MTM0ZWZkNjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiH3oEHxoF6OcWr+OZ2sXyR3855P
xmg/0ki//EhnarqoKhyYEtJ57K8EbLNGiiL/OTLh6eNm6rLwS/jo/kRWcSO9UHp5
T8n44t3RRt0LZryUQ8Ob8+xcX2fgjqFYfpaV/fLQ0VCfROxWZkeGPrd5H9L+Z0di
6F9kRbSGSFa0fIAoH+e3fQx8PvxTnkAIjxdZvEq2lu3t4okFSfBwdbFKcz4TnkBt
aKp/s8zwl/7Ua8UITvhfcFbpo0GXZsCQ2+3gX2GUlhUl9V6xw3GZBT+EKy8YFlPr
1fETNUBeAohbpFR48AikMwQJj/lmSLTh/nJkZG6v/UoI7GAR0hrj/TMrLQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNuVpmSFRraNLHWieDwEOFE079ZXMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMjVXbVpJVkd0bzBzZGFKNFBBUTRVVFR2MWxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAJYRHb4JwBpDO+3uwBV3mu5Zs
cQUzDnw/q4GQQBScKP9mwKvy0QTuIiRpjbgtjg9kez7b5j5yJcuyMMrutd6dfle3
xPA+t9D1WO99iHcdGOnIf7NO5fCoz2+ivzhhxw0djoN507GvqzNAwxTsFD7bot0r
iiNtw+4rPNOJR2fuZXHjLyI1mpXC4QIXgFik/UP26T9lzqW5F1Vm4LP5XPps4U+G
QvNQ0UenpNcevJTyBB2ILN6WGQLedQDO2NnyQs3/40XNJ9gZHrX1hMYzaqJcagM5
1fBYOTDpNyv9p+5QeGy5CcNETsZLlhezUSZcFE6tGu9N3WxkvmjAc5R2i3MEIQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:34 2025 by rpki-client