Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2UQSGv4c3vgyi_4cE5N-Ohw4H0w.roa
File: 2UQSGv4c3vgyi_4cE5N-Ohw4H0w.roa (raw, json)
Hash identifier: 0wBlu9FWjZivDISQ11JUS6v0bLUF0x3rQvjPv8Qr0GI=
Subject key identifier: D9:44:12:1A:FE:1C:DE:F8:32:8B:FE:1C:13:93:7E:3A:1C:38:1F:4C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191BE3AFDAD77A87952246D84B71E6C7C72
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2UQSGv4c3vgyi_4cE5N-Ohw4H0w.roa
Signing time: Wed 04 Sep 2024 18:10:22 +0000
ROA not before: Wed 04 Sep 2024 18:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 04 Sep 2024 19:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:be:3a:fd:ad:77:a8:79:52:24:6d:84:b7:1e:6c:7c:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 4 18:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d944121afe1cdef8328bfe1c13937e3a1c381f4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b1:c7:74:e5:bb:f6:2c:27:a9:c7:e2:35:26:
0a:06:6b:68:61:ad:40:89:9e:fb:af:30:ba:0e:7c:
8d:69:dc:a1:5d:01:00:5e:0b:d0:57:eb:c3:fb:5d:
f7:92:a1:d9:d4:78:96:81:f4:0f:24:d5:46:11:07:
e0:2a:97:31:d6:70:a3:95:68:b4:80:03:cf:77:3e:
99:a3:88:5a:b6:1b:5e:8a:3d:92:e8:a2:a3:98:38:
f9:05:3c:55:67:db:32:50:1a:5b:b2:7e:42:e0:24:
1b:87:ef:95:86:9b:8c:b2:1e:de:39:a4:d3:9c:8e:
af:f7:01:14:b3:7a:8a:b3:e2:c1:77:b0:b4:4e:5a:
d8:7b:3a:d4:38:cc:54:c0:f2:dd:97:19:28:f4:43:
e8:95:b0:ea:25:81:14:a9:67:2a:7f:34:25:26:c5:
57:a4:cb:d5:72:57:92:94:28:1a:5f:d3:38:55:58:
4a:5b:ba:f5:f0:78:4f:b2:1e:7f:e2:9e:bb:81:c2:
c0:5e:45:71:c4:a8:79:44:ea:80:e9:d1:b4:5a:eb:
0f:cc:ca:ae:90:20:11:27:5f:9e:33:0a:11:d7:ab:
a6:2d:8c:4d:75:b1:0c:83:63:e8:01:fc:c2:f8:fc:
f4:30:bd:b5:4d:e4:8a:b0:ed:5b:9e:e4:05:7f:3b:
71:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:44:12:1A:FE:1C:DE:F8:32:8B:FE:1C:13:93:7E:3A:1C:38:1F:4C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2UQSGv4c3vgyi_4cE5N-Ohw4H0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
62:52:b3:af:e8:c7:38:ee:84:9f:19:a0:15:2e:fc:e6:cf:0f:
91:9a:40:0a:e2:28:40:ee:46:10:22:0b:cc:9e:b1:16:ef:30:
9b:66:34:6c:ec:0d:75:13:89:44:19:66:53:bb:51:99:b5:54:
1e:1f:cc:b5:f0:4c:60:6d:b1:78:ba:c3:e7:ff:07:3b:45:78:
2f:2b:f1:a5:5e:43:4f:7a:74:c1:9e:3f:f1:8b:2d:1d:04:e2:
bb:a5:ed:72:af:13:78:5f:a6:3d:cc:aa:cb:14:5b:c9:a6:10:
52:a4:1c:9d:2d:47:be:ce:36:9d:58:9f:a9:cc:e9:b6:2c:f1:
26:ca:98:f6:4e:4e:2b:01:7b:e1:10:7a:2a:5e:53:35:c7:04:
b4:c5:84:5a:a9:99:a3:6e:94:df:32:b4:ac:59:27:8a:a6:54:
95:fa:88:d6:d8:d5:09:bd:20:62:8d:b0:20:df:0c:8d:42:af:
0a:9f:00:3d:7a:f4:9b:5f:3d:62:ff:d0:18:9c:87:da:44:a8:
9a:c4:e2:4c:41:96:45:ae:48:26:0c:a1:31:c8:7d:a9:44:5a:
85:5a:59:73:56:b0:cf:c3:25:b7:6a:f2:7c:7d:17:f4:a9:9a:
80:33:dc:d1:0f:1a:b4:66:61:b9:6d:40:30:03:59:0e:06:b8:
d0:e6:6a:21
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZG+Ov2td6h5UiRthLcebHxyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA0MTgxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTQ0MTIxYWZlMWNkZWY4MzI4YmZlMWMxMzkzN2UzYTFjMzgxZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7HHdOW79iwnqcfiNSYKBmtoYa1A
iZ77rzC6DnyNadyhXQEAXgvQV+vD+133kqHZ1HiWgfQPJNVGEQfgKpcx1nCjlWi0
gAPPdz6Zo4hathteij2S6KKjmDj5BTxVZ9syUBpbsn5C4CQbh++VhpuMsh7eOaTT
nI6v9wEUs3qKs+LBd7C0TlrYezrUOMxUwPLdlxko9EPolbDqJYEUqWcqfzQlJsVX
pMvVcleSlCgaX9M4VVhKW7r18HhPsh5/4p67gcLAXkVxxKh5ROqA6dG0WusPzMqu
kCARJ1+eMwoR16umLYxNdbEMg2PoAfzC+Pz0ML21TeSKsO1bnuQFfztxKwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNlEEhr+HN74Mov+HBOTfjocOB9MMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMlVRU0d2NGMzdmd5aV80Y0U1Ti1PaHc0SDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAYlKzr+jHOO6EnxmgFS785s8P
kZpACuIoQO5GECILzJ6xFu8wm2Y0bOwNdROJRBlmU7tRmbVUHh/MtfBMYG2xeLrD
5/8HO0V4LyvxpV5DT3p0wZ4/8YstHQTiu6Xtcq8TeF+mPcyqyxRbyaYQUqQcnS1H
vs42nVifqczptizxJsqY9k5OKwF74RB6Kl5TNccEtMWEWqmZo26U3zK0rFkniqZU
lfqI1tjVCb0gYo2wIN8MjUKvCp8APXr0m189Yv/QGJyH2kSomsTiTEGWRa5IJgyh
Mch9qURahVpZc1awz8Mlt2ryfH0X9KmagDPc0Q8atGZhuW1AMANZDga40OZqIQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:44 2025 by rpki-client