Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2wMjVX5VVwndG6o3bipYq2G5NLM.roa
File: 2wMjVX5VVwndG6o3bipYq2G5NLM.roa (raw, json)
Hash identifier: oIz99CH3MzTvERGNjGcyUMyAzOfCtUz4KUWgzsgLnV0=
Subject key identifier: DB:03:23:55:7E:55:57:09:DD:1B:AA:37:6E:2A:58:AB:61:B9:34:B3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191B6EF50D1B33BBA0EF0B34002A933018A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2wMjVX5VVwndG6o3bipYq2G5NLM.roa
Signing time: Tue 03 Sep 2024 08:10:22 +0000
ROA not before: Tue 03 Sep 2024 08:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 03 Sep 2024 09:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b6:ef:50:d1:b3:3b:ba:0e:f0:b3:40:02:a9:33:01:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 3 08:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db0323557e555709dd1baa376e2a58ab61b934b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6a:88:3a:22:13:0d:8b:1c:ec:e5:45:06:2f:
da:3d:64:ce:d7:17:ed:1e:1b:e1:fd:65:7b:a9:d9:
3b:df:45:9f:93:c4:e2:5c:45:c6:0c:70:b2:34:4e:
0f:95:e4:00:17:a2:5a:44:df:42:5b:c8:88:23:5c:
01:d6:98:07:22:55:cb:b1:d2:d3:bc:43:b3:0d:fb:
f4:5f:40:ee:a8:bf:0f:30:c4:b7:42:c2:6a:09:a1:
01:ec:79:db:e0:08:a0:17:ac:47:00:f3:f4:83:04:
db:94:1e:b0:a3:b2:49:30:6a:9b:09:d9:35:54:1f:
29:21:d3:67:42:ac:8b:5a:c4:86:b8:70:07:35:d2:
5d:0b:f6:25:16:b8:d3:62:06:85:3c:90:c1:cc:4a:
b6:b5:a8:03:7c:75:31:37:21:69:07:84:3d:82:8d:
03:84:d0:03:00:c4:98:e9:e6:10:59:bf:f3:53:bf:
45:c9:4b:0c:8a:91:71:90:50:d4:80:48:3c:b8:e8:
11:76:9a:6d:14:d0:e7:b3:da:46:c3:75:d7:5d:65:
33:79:5c:94:86:8c:7b:b1:fb:8b:6a:f2:49:43:ca:
5a:79:57:47:5b:6c:23:36:56:1f:89:b8:a3:09:82:
3b:61:a5:0a:8d:a6:18:bd:70:ac:bb:6e:6a:bf:36:
66:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:03:23:55:7E:55:57:09:DD:1B:AA:37:6E:2A:58:AB:61:B9:34:B3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2wMjVX5VVwndG6o3bipYq2G5NLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
52:2e:3a:4e:a3:5f:d3:bd:c6:b3:65:50:95:39:2a:6c:a9:d5:
3b:db:63:8a:6a:2d:cb:cc:c4:09:56:cc:c4:83:74:1c:81:8e:
7b:54:ab:6a:e0:a8:fb:29:91:59:b2:0a:b0:69:32:bf:81:15:
62:ea:9b:0e:aa:cb:98:4a:44:ac:8d:63:3b:3d:0d:da:8e:f7:
7b:08:6a:1b:37:7a:f1:28:46:5d:ea:0d:e0:c6:41:3d:80:3c:
05:47:85:6c:21:22:a7:c9:b2:2d:7c:dd:e4:e0:da:a0:06:31:
8e:17:57:ec:04:7f:a9:6a:60:6b:51:e2:f4:e4:75:6a:4a:1a:
ca:7e:70:4e:c1:77:6f:63:b3:ea:fb:8a:a1:bd:61:2a:45:8e:
28:c9:85:d7:24:f4:a8:dd:62:13:fa:bd:7c:dc:7f:23:dc:d9:
71:48:3b:30:cf:d1:a9:45:a2:99:03:70:e8:06:31:bf:46:a9:
53:80:7c:7a:ed:5f:be:4b:3b:e9:07:cb:48:a4:17:db:78:85:
62:c0:5d:50:08:b5:f5:3f:81:88:68:0d:4c:dd:a2:d1:7d:2f:
bc:8a:34:f8:76:86:67:e0:3d:05:20:c3:57:46:bd:4d:40:be:
75:5e:1a:61:a2:64:24:8c:88:01:1e:51:88:b6:5e:08:6e:78:
53:0d:de:25
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZG271DRszu6DvCzQAKpMwGKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAzMDgxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjAzMjM1NTdlNTU1NzA5ZGQxYmFhMzc2ZTJhNThhYjYxYjkzNGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2qIOiITDYsc7OVFBi/aPWTO1xft
Hhvh/WV7qdk730Wfk8TiXEXGDHCyNE4PleQAF6JaRN9CW8iII1wB1pgHIlXLsdLT
vEOzDfv0X0DuqL8PMMS3QsJqCaEB7Hnb4AigF6xHAPP0gwTblB6wo7JJMGqbCdk1
VB8pIdNnQqyLWsSGuHAHNdJdC/YlFrjTYgaFPJDBzEq2tagDfHUxNyFpB4Q9go0D
hNADAMSY6eYQWb/zU79FyUsMipFxkFDUgEg8uOgRdpptFNDns9pGw3XXXWUzeVyU
hox7sfuLavJJQ8paeVdHW2wjNlYfibijCYI7YaUKjaYYvXCsu25qvzZmHwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNsDI1V+VVcJ3RuqN24qWKthuTSzMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMndNalZYNVZWd25kRzZvM2JpcFlxMkc1TkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAUi46TqNf073Gs2VQlTkqbKnV
O9tjimoty8zECVbMxIN0HIGOe1SrauCo+ymRWbIKsGkyv4EVYuqbDqrLmEpErI1j
Oz0N2o73ewhqGzd68ShGXeoN4MZBPYA8BUeFbCEip8myLXzd5ODaoAYxjhdX7AR/
qWpga1Hi9OR1akoayn5wTsF3b2Oz6vuKob1hKkWOKMmF1yT0qN1iE/q9fNx/I9zZ
cUg7MM/RqUWimQNw6AYxv0apU4B8eu1fvks76QfLSKQX23iFYsBdUAi19T+BiGgN
TN2i0X0vvIo0+HaGZ+A9BSDDV0a9TUC+dV4aYaJkJIyIAR5RiLZeCG54Uw3eJQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:34 2025 by rpki-client