Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/37fXMxXY5v3xOirIV6jZ2HdVHuM.roa
File: 37fXMxXY5v3xOirIV6jZ2HdVHuM.roa (raw, json)
Hash identifier: iUpWSegNkJTmykYgYdF/vHwEfJrmMqoegeKLSRM0LPo=
Subject key identifier: DF:B7:D7:33:15:D8:E6:FD:F1:3A:2A:C8:57:A8:D9:D8:77:55:1E:E3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191079FE3B740368D7C6C347BF47505AB56
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/37fXMxXY5v3xOirIV6jZ2HdVHuM.roa
Signing time: Wed 31 Jul 2024 07:10:04 +0000
ROA not before: Wed 31 Jul 2024 07:10:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 31 Jul 2024 08:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:07:9f:e3:b7:40:36:8d:7c:6c:34:7b:f4:75:05:ab:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 31 07:10:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfb7d73315d8e6fdf13a2ac857a8d9d877551ee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:81:25:08:99:00:6e:f2:96:d7:7b:fb:5b:89:
e2:8a:fc:2a:f6:94:fb:27:42:76:67:4a:5f:2e:6d:
e1:40:c5:e8:b0:cf:f2:5f:e4:75:b3:11:c2:12:d5:
7e:99:d8:48:1d:84:88:3b:5f:48:7a:d1:13:58:2d:
25:7d:f9:a1:f6:b3:d5:81:15:3b:aa:38:93:a2:1a:
1a:de:39:ca:b9:78:55:aa:09:10:b0:e7:0a:17:cf:
b1:49:b3:bd:77:b6:49:87:ef:06:74:6d:2c:78:59:
a9:bd:e7:f9:d7:a5:7c:e2:09:d4:b9:c6:2b:90:9f:
32:67:18:61:76:10:e9:53:f9:99:99:96:b4:66:bc:
5a:22:a7:5a:b2:89:4e:90:ee:99:be:a2:be:c9:2c:
95:85:54:b6:58:bf:9b:ce:97:43:81:6d:c9:a4:ce:
09:bc:c0:0f:b4:15:34:b3:69:49:43:19:b5:50:14:
9a:4b:ef:8c:c9:e3:fd:8b:1c:40:1e:aa:9e:9e:fc:
1b:dd:68:f3:d7:42:a6:1f:66:af:8f:05:20:82:fe:
27:df:09:73:e1:3e:42:69:c6:44:eb:c7:f5:15:86:
63:ee:29:93:39:c8:40:81:60:0b:8f:37:d3:22:e3:
d4:5d:b3:7a:82:f0:2f:78:3c:4d:c6:f3:7d:9c:08:
03:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:B7:D7:33:15:D8:E6:FD:F1:3A:2A:C8:57:A8:D9:D8:77:55:1E:E3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/37fXMxXY5v3xOirIV6jZ2HdVHuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
0d:bc:c0:46:4a:87:40:41:7e:8a:f7:93:7d:42:f7:e2:03:71:
95:76:8c:77:a5:88:c7:a2:12:9b:86:3a:35:c5:98:e5:df:be:
51:b3:0b:e6:25:86:f5:5a:b7:3f:14:f2:45:80:91:af:34:dd:
6e:05:e4:7a:37:e0:df:b4:9c:7a:b1:e0:54:07:42:48:85:d2:
c7:69:32:a1:07:39:c0:3f:94:78:5b:72:1e:31:c6:27:cb:c2:
23:e7:cf:e5:e1:97:7b:40:c0:75:e0:36:de:1d:e6:69:ee:7b:
95:48:34:36:41:98:6f:36:f0:5d:a6:7e:51:ba:4d:9e:fb:5f:
43:83:2a:4a:14:2e:ff:07:3b:88:ff:7f:44:c0:8f:25:d4:3f:
0e:ba:a3:90:04:53:0a:cf:23:84:b3:b5:b1:51:88:e0:59:b6:
5d:e8:3b:a3:6b:04:aa:3b:69:e0:6f:dc:2a:71:e0:51:d1:05:
b4:72:4f:de:b0:03:58:b2:d7:43:97:c5:ab:e6:09:a1:eb:cd:
c2:b3:ce:bf:0d:46:bc:73:8a:86:aa:5f:1d:bf:b3:5d:c5:08:
6d:d4:5f:fc:a4:41:44:a5:01:42:d1:cf:22:af:a9:4c:19:68:
9a:5c:b2:2d:d8:12:1f:88:33:7d:7b:7a:00:08:d0:87:b1:15:
c2:a2:e1:18
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEHn+O3QDaNfGw0e/R1BatWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzMxMDcxMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmI3ZDczMzE1ZDhlNmZkZjEzYTJhYzg1N2E4ZDlkODc3NTUxZWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIElCJkAbvKW13v7W4niivwq9pT7
J0J2Z0pfLm3hQMXosM/yX+R1sxHCEtV+mdhIHYSIO19IetETWC0lffmh9rPVgRU7
qjiTohoa3jnKuXhVqgkQsOcKF8+xSbO9d7ZJh+8GdG0seFmpvef516V84gnUucYr
kJ8yZxhhdhDpU/mZmZa0ZrxaIqdasolOkO6ZvqK+ySyVhVS2WL+bzpdDgW3JpM4J
vMAPtBU0s2lJQxm1UBSaS++MyeP9ixxAHqqenvwb3Wjz10KmH2avjwUggv4n3wlz
4T5CacZE68f1FYZj7imTOchAgWALjzfTIuPUXbN6gvAveDxNxvN9nAgDDwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFN+31zMV2Ob98ToqyFeo2dh3VR7jMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMzdmWE14WFk1djN4T2lySVY2aloySGRWSHVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEADbzARkqHQEF+iveTfUL34gNx
lXaMd6WIx6ISm4Y6NcWY5d++UbML5iWG9Vq3PxTyRYCRrzTdbgXkejfg37ScerHg
VAdCSIXSx2kyoQc5wD+UeFtyHjHGJ8vCI+fP5eGXe0DAdeA23h3mae57lUg0NkGY
bzbwXaZ+UbpNnvtfQ4MqShQu/wc7iP9/RMCPJdQ/DrqjkARTCs8jhLO1sVGI4Fm2
Xeg7o2sEqjtp4G/cKnHgUdEFtHJP3rADWLLXQ5fFq+YJoevNwrPOvw1GvHOKhqpf
Hb+zXcUIbdRf/KRBRKUBQtHPIq+pTBlomlyyLdgSH4gzfXt6AAjQh7EVwqLhGA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:21:00 2025 by rpki-client