Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4sXn2jiUJSv_ntpCPFcHt6N_XVA.roa
File: 4sXn2jiUJSv_ntpCPFcHt6N_XVA.roa (raw, json)
Hash identifier: PhgR8eXaGd52hdd7zwRXpee+7vCF8hwp5zI+NqmiWzI=
Subject key identifier: E2:C5:E7:DA:38:94:25:2B:FF:9E:DA:42:3C:57:07:B7:A3:7F:5D:50
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01917C240C0EF093ABDDC71CAF3F81F16A20
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4sXn2jiUJSv_ntpCPFcHt6N_XVA.roa
Signing time: Thu 22 Aug 2024 22:10:22 +0000
ROA not before: Thu 22 Aug 2024 22:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 22 Aug 2024 23:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7c:24:0c:0e:f0:93:ab:dd:c7:1c:af:3f:81:f1:6a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 22 22:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2c5e7da3894252bff9eda423c5707b7a37f5d50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ef:98:8b:08:20:97:91:4f:26:3b:fd:4f:d3:
b1:98:7e:90:d2:a2:c3:19:16:a5:a7:dc:15:c2:ad:
73:54:35:f5:03:a2:de:88:ea:f5:05:44:78:1e:21:
20:72:6e:ba:93:60:01:74:3e:a4:43:1c:45:d7:a5:
4d:77:89:28:a3:7c:3d:b9:de:61:a7:29:7a:3c:01:
ae:28:63:7a:be:d7:77:1a:24:ea:4f:59:2d:b8:dc:
f8:ba:9a:61:4e:7a:b8:9c:1c:f5:d0:c8:6d:57:e5:
b2:b7:e3:75:91:4d:2e:08:a3:c6:50:5f:b4:2f:17:
d3:ac:ff:12:88:c5:03:22:0b:7c:11:6b:c5:8e:5d:
61:87:e8:16:96:48:a2:7d:a2:42:b5:8a:a6:a0:b7:
fa:a8:88:31:c4:74:23:b0:d2:3d:ee:42:d4:da:ca:
e1:f0:2e:4f:19:ac:2e:de:d2:26:e2:2b:49:05:ba:
4a:a8:04:c1:f4:56:31:3e:5d:38:5e:95:d0:0a:39:
07:7e:76:c6:d6:d1:4a:b8:2e:86:35:4f:61:93:d4:
7d:08:40:f4:93:a1:ea:c8:86:c0:ac:14:0d:77:ba:
68:c2:3d:3b:13:2c:af:ca:b2:2b:7b:96:f2:c7:78:
d4:cb:e3:27:30:09:9f:ad:31:b7:22:f3:2d:1f:05:
52:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C5:E7:DA:38:94:25:2B:FF:9E:DA:42:3C:57:07:B7:A3:7F:5D:50
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4sXn2jiUJSv_ntpCPFcHt6N_XVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
4a:09:3d:de:3a:78:f4:0f:fc:37:98:d5:ab:6e:e1:b5:4d:80:
dd:c8:3e:ae:3c:b3:48:26:e6:ef:b0:f4:1f:04:44:82:e0:63:
a0:2b:b1:3c:3f:77:fb:7e:e3:44:19:f8:cc:5b:ad:3b:ad:ca:
a9:08:7a:99:46:8e:6f:60:9f:74:44:4d:56:8e:4e:ca:cd:25:
02:6e:b1:64:57:46:c3:7c:bb:7e:2f:5f:c3:14:2f:e5:4d:ce:
e8:bd:9d:76:20:b3:d3:e2:f7:fd:2e:2b:c4:2d:71:e9:b9:ac:
32:d5:c5:59:fb:0d:d5:cd:23:3e:80:39:c1:26:05:1a:43:7e:
52:af:61:e8:83:f8:e5:f3:72:0e:45:73:f9:02:e0:c3:86:92:
3e:9a:8c:57:04:6a:68:3e:78:bf:30:d1:1e:74:b9:8a:4a:69:
cd:2c:71:bb:9c:9f:9b:01:4c:38:c6:12:77:36:81:16:80:b0:
bc:ba:31:8d:b0:ff:94:d9:5f:4c:97:d2:f6:af:a4:8b:03:58:
87:9b:46:96:2f:93:bc:f5:c6:06:38:ed:3e:d0:0b:58:52:cf:
61:85:32:2a:bb:e4:b2:e0:b2:c3:2b:60:06:7b:5e:97:43:e0:
43:07:00:5b:0f:69:8c:1c:6d:ae:25:96:a0:ba:96:1a:74:c5:
8e:f7:04:57
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZF8JAwO8JOr3cccrz+B8WogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODIyMjIxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmM1ZTdkYTM4OTQyNTJiZmY5ZWRhNDIzYzU3MDdiN2EzN2Y1ZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn++Yiwggl5FPJjv9T9OxmH6Q0qLD
GRalp9wVwq1zVDX1A6LeiOr1BUR4HiEgcm66k2ABdD6kQxxF16VNd4koo3w9ud5h
pyl6PAGuKGN6vtd3GiTqT1ktuNz4upphTnq4nBz10MhtV+Wyt+N1kU0uCKPGUF+0
LxfTrP8SiMUDIgt8EWvFjl1hh+gWlkiifaJCtYqmoLf6qIgxxHQjsNI97kLU2srh
8C5PGawu3tIm4itJBbpKqATB9FYxPl04XpXQCjkHfnbG1tFKuC6GNU9hk9R9CED0
k6HqyIbArBQNd7powj07EyyvyrIre5byx3jUy+MnMAmfrTG3IvMtHwVSNwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOLF59o4lCUr/57aQjxXB7ejf11QMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNHNYbjJqaVVKU3ZfbnRwQ1BGY0h0Nk5fWFZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEASgk93jp49A/8N5jVq27htU2A
3cg+rjyzSCbm77D0HwREguBjoCuxPD93+37jRBn4zFutO63KqQh6mUaOb2CfdERN
Vo5Oys0lAm6xZFdGw3y7fi9fwxQv5U3O6L2ddiCz0+L3/S4rxC1x6bmsMtXFWfsN
1c0jPoA5wSYFGkN+Uq9h6IP45fNyDkVz+QLgw4aSPpqMVwRqaD54vzDRHnS5ikpp
zSxxu5yfmwFMOMYSdzaBFoCwvLoxjbD/lNlfTJfS9q+kiwNYh5tGli+TvPXGBjjt
PtALWFLPYYUyKrvksuCywytgBntel0PgQwcAWw9pjBxtriWWoLqWGnTFjvcEVw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:36 2025 by rpki-client