Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4uxA346tggQNny3C7r9oPufkVvU.roa
File: 4uxA346tggQNny3C7r9oPufkVvU.roa (raw, json)
Hash identifier: 1VG2UswmozmQUGQfC/EY1VhFRJG9wW1WcOpBUk4OdA4=
Subject key identifier: E2:EC:40:DF:8E:AD:82:04:0D:9F:2D:C2:EE:BF:68:3E:E7:E4:56:F5
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01914FBE563446963C94F1E7A2BCECE74CEF
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4uxA346tggQNny3C7r9oPufkVvU.roa
Signing time: Wed 14 Aug 2024 07:15:59 +0000
ROA not before: Wed 14 Aug 2024 07:15:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 14 Aug 2024 08:28:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4f:be:56:34:46:96:3c:94:f1:e7:a2:bc:ec:e7:4c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 14 07:15:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2ec40df8ead82040d9f2dc2eebf683ee7e456f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d3:f4:97:e7:7b:46:28:c2:48:b7:2e:47:60:
9d:2e:dc:bf:9c:18:6f:bf:4a:b4:5d:85:ee:3d:82:
ac:f6:f3:0a:65:69:db:43:99:c2:7b:87:9c:3b:da:
c2:87:a7:16:de:ce:87:88:9d:89:0a:e8:d3:c1:47:
b7:c0:ef:c9:93:b1:83:23:46:19:33:c1:3a:eb:7c:
02:ef:64:c9:68:1c:80:e4:82:ad:6b:3d:5f:ce:65:
2d:c5:ad:e2:6a:fb:91:e8:07:85:55:bc:5c:c3:d9:
be:4c:1c:f4:f0:02:5d:31:50:42:b4:54:fd:bb:df:
61:f8:ee:d9:25:d1:a6:de:90:4f:7e:26:e0:72:35:
63:3c:c1:21:75:66:be:3b:51:77:e3:7f:7e:89:a0:
ef:4d:d4:e7:77:2d:21:41:e1:4d:d1:91:b3:a9:11:
a2:da:8b:34:b3:ab:e4:62:44:30:f6:a6:8e:87:54:
09:b7:07:5a:e2:3d:0e:6c:48:01:a0:b7:2b:15:0e:
b0:fa:73:6a:3b:36:ae:d8:db:cd:42:51:60:48:bc:
f6:f0:cf:6a:64:63:c0:bd:84:a0:8f:42:7b:84:31:
a0:26:5b:a5:60:ba:b1:8a:a1:5b:ef:0f:19:1d:9a:
f6:6a:bd:af:24:32:26:b4:15:50:bc:83:94:9a:7a:
b8:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:EC:40:DF:8E:AD:82:04:0D:9F:2D:C2:EE:BF:68:3E:E7:E4:56:F5
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4uxA346tggQNny3C7r9oPufkVvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
5d:c7:93:38:7b:8d:28:1b:c3:a8:45:74:77:6f:f7:54:ac:04:
ff:3a:60:ec:28:aa:c5:ca:5b:df:44:a6:3d:9c:1d:a5:ae:2f:
37:39:f6:3d:b9:0d:78:36:22:18:bd:08:a5:44:e6:36:6f:45:
d7:b5:51:80:4b:d9:77:e0:3a:2f:c4:a2:58:f3:ec:1e:7f:a6:
29:46:de:d9:b6:b7:6b:50:fd:4f:16:15:c0:c2:bc:bb:02:a7:
a6:ea:c7:23:c2:af:c3:13:e9:5d:06:0a:b6:24:4e:4c:6c:17:
00:c0:d2:cd:78:75:f7:e3:18:72:23:fd:e9:50:8d:4a:b7:dc:
c1:c8:d3:d5:76:73:6a:63:63:a3:67:5e:ba:86:66:38:1c:61:
87:5c:ae:66:e6:63:ff:a1:95:b0:a4:14:1f:4b:cf:59:ab:81:
4e:82:e7:a2:be:73:22:5a:a0:5a:bc:0a:7d:e1:9a:9a:9b:95:
e7:f4:8c:5b:06:6e:b5:3a:56:f2:83:c1:6c:ff:67:bf:68:59:
49:7a:71:0b:83:34:36:4f:45:41:1a:7d:fa:02:58:dd:f8:ba:
90:f5:90:9e:0c:d2:cd:37:43:c6:f4:8d:e4:69:6d:05:3c:19:
cd:d1:b5:d9:7c:32:48:31:f3:07:74:9c:03:6d:9d:80:f1:ce:
c4:05:5e:ee
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFPvlY0RpY8lPHnorzs50zvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODE0MDcxNTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmVjNDBkZjhlYWQ4MjA0MGQ5ZjJkYzJlZWJmNjgzZWU3ZTQ1NmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNP0l+d7RijCSLcuR2CdLty/nBhv
v0q0XYXuPYKs9vMKZWnbQ5nCe4ecO9rCh6cW3s6HiJ2JCujTwUe3wO/Jk7GDI0YZ
M8E663wC72TJaByA5IKtaz1fzmUtxa3iavuR6AeFVbxcw9m+TBz08AJdMVBCtFT9
u99h+O7ZJdGm3pBPfibgcjVjPMEhdWa+O1F3439+iaDvTdTndy0hQeFN0ZGzqRGi
2os0s6vkYkQw9qaOh1QJtwda4j0ObEgBoLcrFQ6w+nNqOzau2NvNQlFgSLz28M9q
ZGPAvYSgj0J7hDGgJlulYLqxiqFb7w8ZHZr2ar2vJDImtBVQvIOUmnq4hwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOLsQN+OrYIEDZ8twu6/aD7n5Fb1MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNHV4QTM0NnRnZ1FObnkzQzdyOW9QdWZrVnZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAXceTOHuNKBvDqEV0d2/3VKwE
/zpg7Ciqxcpb30SmPZwdpa4vNzn2PbkNeDYiGL0IpUTmNm9F17VRgEvZd+A6L8Si
WPPsHn+mKUbe2ba3a1D9TxYVwMK8uwKnpurHI8KvwxPpXQYKtiROTGwXAMDSzXh1
9+MYciP96VCNSrfcwcjT1XZzamNjo2deuoZmOBxhh1yuZuZj/6GVsKQUH0vPWauB
ToLnor5zIlqgWrwKfeGampuV5/SMWwZutTpW8oPBbP9nv2hZSXpxC4M0Nk9FQRp9
+gJY3fi6kPWQngzSzTdDxvSN5GltBTwZzdG12XwySDHzB3ScA22dgPHOxAVe7g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:59 2025 by rpki-client