Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/6orlZZRkDfGFxs_PRFy1Ebk6eZA.roa
File: 6orlZZRkDfGFxs_PRFy1Ebk6eZA.roa (raw, json)
Hash identifier: rN82uLx0t3h6DO8yrpP227QxPI0GnaVFpHlM4qLE85Y=
Subject key identifier: EA:8A:E5:65:94:64:0D:F1:85:C6:CF:CF:44:5C:B5:11:B9:3A:79:90
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01918603D0AACE5A3FD81B021E8889360646
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/6orlZZRkDfGFxs_PRFy1Ebk6eZA.roa
Signing time: Sat 24 Aug 2024 20:11:22 +0000
ROA not before: Sat 24 Aug 2024 20:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 24 Aug 2024 21:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:86:03:d0:aa:ce:5a:3f:d8:1b:02:1e:88:89:36:06:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 24 20:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea8ae56594640df185c6cfcf445cb511b93a7990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d0:5a:1b:0d:c5:40:c4:bf:11:54:dd:ae:c9:
5a:37:2c:ac:f1:e8:f4:ee:cc:d6:52:47:70:60:84:
c3:e3:49:04:a5:85:07:ec:0e:cb:13:9a:8d:5b:6d:
e7:48:6a:3c:01:f2:91:2d:08:9b:77:a0:89:dd:ed:
3c:a8:ae:10:93:1e:45:0a:75:13:51:1f:c4:1e:4c:
b0:84:fd:29:e7:a5:c0:cd:82:fe:19:89:6a:ee:4d:
62:3c:1c:e7:d4:5e:a0:0c:67:3a:65:91:57:e3:4e:
1f:c1:f4:c4:0d:71:ba:3b:8f:9d:05:76:99:33:44:
23:45:03:56:b6:6d:80:f6:fd:c7:39:5f:b0:c1:65:
a4:bd:a3:99:16:f3:b8:21:20:85:16:47:ec:84:dc:
b3:5f:bf:9b:7e:00:a4:5f:8e:b4:ff:e0:72:b9:9c:
c4:fa:70:e5:36:f3:fd:d2:32:43:d6:4d:63:aa:0a:
cd:4c:8a:0a:97:bf:51:3d:2a:da:ee:e3:56:8b:94:
b0:7b:b4:af:1c:aa:e7:b4:a7:74:25:d4:57:d0:cc:
de:f0:d9:90:b7:b8:00:7c:88:26:19:c5:9e:64:cb:
f1:c5:c0:8c:df:ac:a5:a9:ea:74:45:9e:61:6e:b9:
93:84:37:0d:34:e6:81:e6:2c:3c:b7:7a:99:75:21:
72:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:8A:E5:65:94:64:0D:F1:85:C6:CF:CF:44:5C:B5:11:B9:3A:79:90
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/6orlZZRkDfGFxs_PRFy1Ebk6eZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
74:cc:78:3b:13:b0:05:05:f5:dd:3f:25:89:68:e6:84:36:b0:
48:23:2b:e8:fd:da:8d:24:51:f9:d0:af:82:48:14:69:1c:b1:
6e:d6:b4:a2:7a:97:41:06:35:80:a5:8e:cb:5b:fa:11:61:ba:
dd:59:74:e3:b2:24:90:e3:c1:a2:c0:51:f4:d1:23:ee:4a:54:
2e:3d:22:81:ac:6c:33:63:8d:7e:e8:56:6b:4b:76:7c:37:b2:
2b:a9:9d:27:88:65:59:26:74:8e:14:38:f8:62:e9:54:e7:01:
61:64:b6:5b:2f:8c:b6:07:05:54:a9:8c:d4:38:7f:90:01:28:
10:5a:29:cd:41:1f:41:40:1d:d0:4e:a7:69:10:8a:1f:73:ec:
09:5e:af:2c:7d:4a:0e:23:bd:f6:05:b9:10:d5:ca:95:9a:23:
81:94:dc:60:ae:60:dd:54:44:d9:e1:ac:a0:9d:6b:68:23:79:
fd:5d:9d:d1:73:66:e1:3a:6d:93:69:30:e5:1b:04:e5:44:48:
33:a3:61:f9:8d:55:8a:95:c5:ae:e3:50:e4:b3:cd:c7:56:dd:
ab:72:2c:8f:30:7d:2e:04:16:8c:f2:ec:26:38:2f:7b:96:1b:
8f:ad:d7:50:91:dc:df:ef:8c:60:e9:2e:e7:e8:52:75:dc:be:
07:49:69:47
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGGA9Cqzlo/2BsCHoiJNgZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI0MjAxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYThhZTU2NTk0NjQwZGYxODVjNmNmY2Y0NDVjYjUxMWI5M2E3OTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tBaGw3FQMS/EVTdrslaNyys8ej0
7szWUkdwYITD40kEpYUH7A7LE5qNW23nSGo8AfKRLQibd6CJ3e08qK4Qkx5FCnUT
UR/EHkywhP0p56XAzYL+GYlq7k1iPBzn1F6gDGc6ZZFX404fwfTEDXG6O4+dBXaZ
M0QjRQNWtm2A9v3HOV+wwWWkvaOZFvO4ISCFFkfshNyzX7+bfgCkX460/+ByuZzE
+nDlNvP90jJD1k1jqgrNTIoKl79RPSra7uNWi5Swe7SvHKrntKd0JdRX0Mze8NmQ
t7gAfIgmGcWeZMvxxcCM36ylqep0RZ5hbrmThDcNNOaB5iw8t3qZdSFyfQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOqK5WWUZA3xhcbPz0RctRG5OnmQMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNm9ybFpaUmtEZkdGeHNfUFJGeTFFYms2ZVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAdMx4OxOwBQX13T8liWjmhDaw
SCMr6P3ajSRR+dCvgkgUaRyxbta0onqXQQY1gKWOy1v6EWG63Vl047IkkOPBosBR
9NEj7kpULj0igaxsM2ONfuhWa0t2fDeyK6mdJ4hlWSZ0jhQ4+GLpVOcBYWS2Wy+M
tgcFVKmM1Dh/kAEoEFopzUEfQUAd0E6naRCKH3PsCV6vLH1KDiO99gW5ENXKlZoj
gZTcYK5g3VRE2eGsoJ1raCN5/V2d0XNm4Tptk2kw5RsE5URIM6Nh+Y1VipXFruNQ
5LPNx1bdq3IsjzB9LgQWjPLsJjgve5Ybj63XUJHc3++MYOku5+hSddy+B0lpRw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:28 2025 by rpki-client