Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7HZ_5OON82a-X6bGerScWHmpMQo.roa
File: 7HZ_5OON82a-X6bGerScWHmpMQo.roa (raw, json)
Hash identifier: S6Gy4v8DxZrwl5kMVwqKmov1eqyix7CoY4O7JB+DqhI=
Subject key identifier: EC:76:7F:E4:E3:8D:F3:66:BE:5F:A6:C6:7A:B4:9C:58:79:A9:31:0A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01911E967DFC33A50D4C066A6340BEED9B9B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7HZ_5OON82a-X6bGerScWHmpMQo.roa
Signing time: Sun 04 Aug 2024 18:11:04 +0000
ROA not before: Sun 04 Aug 2024 18:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 04 Aug 2024 19:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1e:96:7d:fc:33:a5:0d:4c:06:6a:63:40:be:ed:9b:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 4 18:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec767fe4e38df366be5fa6c67ab49c5879a9310a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b2:c4:38:44:22:b0:b9:cc:fe:92:18:ba:61:
82:f3:18:0e:ca:4f:da:f5:50:e8:90:ec:c1:5f:53:
91:cc:7f:13:46:94:9f:dc:cc:a5:60:45:89:8e:d3:
65:ca:11:de:20:bc:75:34:bd:21:90:66:ce:75:22:
e8:7a:1c:79:5f:35:b6:31:12:76:d0:b2:38:a2:e9:
61:92:f9:7c:41:76:89:32:3e:63:f4:49:02:b4:be:
15:41:8f:ca:29:03:d2:5a:55:cd:05:66:fd:b6:da:
23:81:c4:a2:97:5e:e6:ba:2e:ad:d5:4a:82:61:a2:
1a:96:a9:10:55:31:19:72:f4:16:07:9d:73:fd:a5:
1b:fd:c8:1e:25:85:e9:29:da:b0:3f:7c:4f:76:5d:
25:26:9b:dd:53:eb:77:92:c9:ec:e3:4c:13:aa:48:
01:9b:12:05:1e:f7:e5:dc:10:f5:0a:86:ab:e9:b0:
95:f5:4f:0a:9a:f9:0e:81:58:2d:22:d7:5f:7f:83:
ad:83:38:d8:04:c6:fc:da:a4:4c:54:fa:62:f0:e9:
cb:cf:a2:21:c5:12:5c:ba:55:40:53:42:a9:e7:45:
92:55:28:67:11:7e:89:56:14:fe:a6:57:07:a3:f8:
cc:54:e9:fa:58:ab:a4:d5:0f:fc:27:d9:c3:5a:b0:
c4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:76:7F:E4:E3:8D:F3:66:BE:5F:A6:C6:7A:B4:9C:58:79:A9:31:0A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7HZ_5OON82a-X6bGerScWHmpMQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
36:24:b0:e4:87:d0:71:81:84:e9:54:27:01:e0:80:6b:85:84:
5a:be:32:e9:22:71:07:c3:61:e9:d7:a8:ad:bd:33:4e:f7:90:
5e:1c:9d:3e:e5:bf:53:ec:c7:f1:13:76:34:99:4a:d1:e2:e8:
28:4e:22:fb:26:03:b8:61:7d:7b:bc:82:d6:3f:4d:f0:92:70:
56:de:c8:7b:74:fd:d3:6d:8c:f0:0c:b2:6d:94:b0:a0:ea:fc:
22:b1:36:7c:48:7a:1a:00:0d:76:60:be:af:6b:fa:e0:91:1c:
77:67:2e:75:5c:70:56:b4:9f:ef:0c:e4:ac:d4:35:4e:a7:8f:
f3:d4:2e:1d:4f:24:a0:13:df:d0:23:9e:24:e7:2b:93:36:79:
ac:0e:c9:e1:f0:07:7c:b3:ea:23:a0:a2:b5:ee:5e:a6:51:fd:
cd:e9:36:35:8a:de:b0:d1:f2:df:b4:00:bc:0f:35:3f:06:26:
ec:18:e1:39:85:b1:83:8c:f6:c5:52:98:50:db:0f:df:6e:4c:
78:f1:23:7a:bf:62:a7:3d:12:ad:53:60:ec:0e:97:f0:0a:46:
f6:68:f3:85:ac:a9:b6:e9:59:f9:63:a1:29:4f:2a:5f:16:ca:
dc:d6:89:2a:78:58:f7:88:74:26:14:2c:a5:7f:c5:d3:1d:18:
de:17:ca:65
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEeln38M6UNTAZqY0C+7ZubMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA0MTgxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzc2N2ZlNGUzOGRmMzY2YmU1ZmE2YzY3YWI0OWM1ODc5YTkzMTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrLEOEQisLnM/pIYumGC8xgOyk/a
9VDokOzBX1ORzH8TRpSf3MylYEWJjtNlyhHeILx1NL0hkGbOdSLoehx5XzW2MRJ2
0LI4oulhkvl8QXaJMj5j9EkCtL4VQY/KKQPSWlXNBWb9ttojgcSil17mui6t1UqC
YaIalqkQVTEZcvQWB51z/aUb/cgeJYXpKdqwP3xPdl0lJpvdU+t3ksns40wTqkgB
mxIFHvfl3BD1Coar6bCV9U8KmvkOgVgtItdff4OtgzjYBMb82qRMVPpi8OnLz6Ih
xRJculVAU0Kp50WSVShnEX6JVhT+plcHo/jMVOn6WKuk1Q/8J9nDWrDEfQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOx2f+TjjfNmvl+mxnq0nFh5qTEKMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvN0haXzVPT044MmEtWDZiR2VyU2NXSG1wTVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEANiSw5IfQcYGE6VQnAeCAa4WE
Wr4y6SJxB8Nh6deorb0zTveQXhydPuW/U+zH8RN2NJlK0eLoKE4i+yYDuGF9e7yC
1j9N8JJwVt7Ie3T9022M8AyybZSwoOr8IrE2fEh6GgANdmC+r2v64JEcd2cudVxw
VrSf7wzkrNQ1TqeP89QuHU8koBPf0COeJOcrkzZ5rA7J4fAHfLPqI6Cite5eplH9
zek2NYresNHy37QAvA81PwYm7BjhOYWxg4z2xVKYUNsP325MePEjer9ipz0SrVNg
7A6X8ApG9mjzhayptulZ+WOhKU8qXxbK3NaJKnhY94h0JhQspX/F0x0Y3hfKZQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:23 2025 by rpki-client