Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/5Ocr27QfOk4PXiTRsznVYV9ofr8.roa
File: 5Ocr27QfOk4PXiTRsznVYV9ofr8.roa (raw, json)
Hash identifier: WBjmmNEyWQxmRcHN/qFVrs3GhWpS927RMrwd2AErz0A=
Subject key identifier: E4:E7:2B:DB:B4:1F:3A:4E:0F:5E:24:D1:B3:39:D5:61:5F:68:7E:BF
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019175B418C2A2F1E2E1F3C1045E4AE0EE96
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/5Ocr27QfOk4PXiTRsznVYV9ofr8.roa
Signing time: Wed 21 Aug 2024 16:10:22 +0000
ROA not before: Wed 21 Aug 2024 16:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 21 Aug 2024 17:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:75:b4:18:c2:a2:f1:e2:e1:f3:c1:04:5e:4a:e0:ee:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 21 16:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4e72bdbb41f3a4e0f5e24d1b339d5615f687ebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:77:fa:c9:2e:3a:5c:09:16:ee:9a:68:56:db:
46:89:1b:98:cb:4d:b2:26:b1:d4:91:77:7d:5e:62:
df:2d:c2:9d:2b:0e:29:70:84:b8:47:c7:92:06:7f:
8a:c9:ee:75:36:be:69:25:e4:82:33:ab:ba:a3:3b:
b4:ca:bf:87:b7:c1:17:58:76:18:8f:20:c3:6c:8c:
ce:f2:b7:67:72:5d:0d:f1:d5:29:df:84:70:44:0e:
8a:2f:d7:f5:d0:2d:af:00:a0:5a:16:57:af:53:5b:
ac:ed:7d:82:41:56:00:ad:79:b9:ef:f3:c8:7f:32:
d6:62:d6:2b:d0:a3:1a:21:da:05:37:ed:c3:ff:6e:
a4:c0:c9:43:48:01:57:9a:ed:10:29:52:46:aa:03:
69:69:e0:a4:5e:57:be:ae:8f:4c:ae:5f:cc:6d:81:
2d:39:b5:91:2a:b1:5e:6b:23:5d:ff:be:93:8d:b4:
88:08:85:06:a6:4a:7e:ac:ac:4a:24:de:0e:37:96:
04:e9:39:d0:85:cd:26:67:14:b9:bf:df:eb:57:59:
07:c2:1a:9a:d4:0f:dc:69:f0:bf:cd:4c:b3:0c:43:
fb:a7:84:39:7d:a1:52:bb:37:05:50:8f:1f:38:26:
d7:0a:54:f0:3d:c8:cb:8d:08:ca:70:c5:a4:6d:bf:
bf:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E7:2B:DB:B4:1F:3A:4E:0F:5E:24:D1:B3:39:D5:61:5F:68:7E:BF
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/5Ocr27QfOk4PXiTRsznVYV9ofr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
09:b6:e2:34:1e:85:0d:a8:40:6b:81:47:49:5c:eb:09:68:39:
52:0d:5c:63:e0:1d:f5:bf:11:3d:97:ec:a4:f9:c5:f1:86:e6:
da:a4:54:e4:81:05:2b:a2:73:fa:3e:86:38:24:72:30:fe:46:
2c:ea:48:c9:fb:14:6e:09:22:a0:e5:6e:29:88:3a:66:10:e5:
79:e3:c5:45:f5:3f:3d:de:fb:c4:81:58:a4:dd:ee:69:08:b7:
d3:c6:60:9d:1d:09:34:9c:65:6f:06:02:1f:0f:e0:1e:26:7a:
de:7a:9b:44:eb:70:5c:28:5d:ba:c1:23:70:40:1f:36:b7:55:
70:13:ef:f1:db:19:2d:44:2a:8f:19:9e:4b:92:15:db:ca:4f:
2d:c8:e4:ed:50:3c:80:80:6f:84:17:c1:b7:5f:b2:19:50:d1:
ed:61:f0:d9:6a:5d:61:42:e7:1c:a9:0c:15:4b:e0:f0:41:0b:
d9:d5:31:79:f0:4d:ac:69:4c:c1:cc:f6:b0:b1:18:44:44:91:
45:b0:cf:20:77:e9:cb:a6:ae:a0:dd:28:9f:1f:1c:0d:08:5f:
eb:16:3e:45:26:4b:dd:a4:9c:03:40:ce:96:19:01:83:c0:06:
80:f0:2c:0a:59:87:eb:e7:4b:6c:56:43:c0:58:a0:9f:a2:84:
83:65:39:fa
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZF1tBjCovHi4fPBBF5K4O6WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODIxMTYxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGU3MmJkYmI0MWYzYTRlMGY1ZTI0ZDFiMzM5ZDU2MTVmNjg3ZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXf6yS46XAkW7ppoVttGiRuYy02y
JrHUkXd9XmLfLcKdKw4pcIS4R8eSBn+Kye51Nr5pJeSCM6u6ozu0yr+Ht8EXWHYY
jyDDbIzO8rdncl0N8dUp34RwRA6KL9f10C2vAKBaFlevU1us7X2CQVYArXm57/PI
fzLWYtYr0KMaIdoFN+3D/26kwMlDSAFXmu0QKVJGqgNpaeCkXle+ro9Mrl/MbYEt
ObWRKrFeayNd/76TjbSICIUGpkp+rKxKJN4ON5YE6TnQhc0mZxS5v9/rV1kHwhqa
1A/cafC/zUyzDEP7p4Q5faFSuzcFUI8fOCbXClTwPcjLjQjKcMWkbb+/EwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOTnK9u0HzpOD14k0bM51WFfaH6/MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNU9jcjI3UWZPazRQWGlUUnN6blZZVjlvZnI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEACbbiNB6FDahAa4FHSVzrCWg5
Ug1cY+Ad9b8RPZfspPnF8Ybm2qRU5IEFK6Jz+j6GOCRyMP5GLOpIyfsUbgkioOVu
KYg6ZhDleePFRfU/Pd77xIFYpN3uaQi308ZgnR0JNJxlbwYCHw/gHiZ63nqbROtw
XChdusEjcEAfNrdVcBPv8dsZLUQqjxmeS5IV28pPLcjk7VA8gIBvhBfBt1+yGVDR
7WHw2WpdYULnHKkMFUvg8EEL2dUxefBNrGlMwcz2sLEYRESRRbDPIHfpy6auoN0o
nx8cDQhf6xY+RSZL3aScA0DOlhkBg8AGgPAsClmH6+dLbFZDwFign6KEg2U5+g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:49 2025 by rpki-client