Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7qSID3puwP_2ak9iiyn264lweK4.roa
File: 7qSID3puwP_2ak9iiyn264lweK4.roa (raw, json)
Hash identifier: 2HDBpir/peg0MChp+coiVdC7Iy0ao/rxfxMuhsZZjQY=
Subject key identifier: EE:A4:88:0F:7A:6E:C0:FF:F6:6A:4F:62:8B:29:F6:EB:89:70:78:AE
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191A1E8ED89CB991E9E3EE9769F88A33B15
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7qSID3puwP_2ak9iiyn264lweK4.roa
Signing time: Fri 30 Aug 2024 06:11:22 +0000
ROA not before: Fri 30 Aug 2024 06:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 30 Aug 2024 07:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a1:e8:ed:89:cb:99:1e:9e:3e:e9:76:9f:88:a3:3b:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 30 06:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eea4880f7a6ec0fff66a4f628b29f6eb897078ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:1a:2c:77:6a:ea:fc:75:6e:22:29:b0:c3:d2:
2f:73:24:08:dd:ab:a8:e1:51:e7:1c:11:cf:c8:86:
b9:d9:d9:3d:6c:b5:6f:e2:ed:8b:78:45:e3:fa:16:
46:03:68:50:04:e1:65:f5:ca:49:01:78:7e:7b:96:
a7:bb:df:8b:de:7c:34:a9:e7:75:bb:01:fd:3c:43:
ea:ee:31:d8:02:09:7a:84:1f:57:7f:7a:5c:05:9b:
55:d3:f0:a3:8d:c0:ce:2a:89:f4:96:70:95:38:43:
43:fe:4b:44:b5:2d:47:50:d4:2b:3a:29:df:96:96:
2e:8e:bd:9c:f5:66:8c:03:f3:1a:c7:d0:af:bd:49:
68:7c:9b:ef:77:dc:b1:6a:0d:ab:32:2d:fc:e0:ba:
35:04:5f:12:7d:14:ef:81:ab:ea:42:15:ee:55:08:
23:40:34:97:ef:d8:c0:d4:d5:e8:d2:7b:33:0a:8e:
0a:a1:88:86:c8:0c:47:a7:c5:8f:09:81:84:47:1d:
57:8c:9c:9c:c2:80:04:7b:72:29:8b:c1:09:e1:9a:
25:06:10:50:72:ba:40:a8:84:4e:64:42:be:14:80:
b2:e6:ba:f4:98:54:13:d1:d5:31:c6:f2:15:f5:d2:
9b:a4:b6:99:7e:e3:96:c7:6e:70:fc:7e:1b:c0:d9:
8e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:A4:88:0F:7A:6E:C0:FF:F6:6A:4F:62:8B:29:F6:EB:89:70:78:AE
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/7qSID3puwP_2ak9iiyn264lweK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
8b:f8:8c:b1:f6:f7:32:64:e5:9a:71:f1:2d:59:33:6d:77:f3:
d2:d4:37:cd:98:a6:40:46:4b:d7:27:66:f2:38:b6:fe:f7:ea:
0b:d8:a9:99:3f:27:9a:f4:70:84:3f:70:81:f3:78:3b:36:62:
18:89:c0:8f:b6:f1:17:e1:4c:c0:de:63:21:43:ae:9e:81:22:
d2:4f:fd:07:6d:cf:c7:bc:fc:e2:2a:0b:6f:15:c9:12:77:fe:
40:44:64:95:2c:66:13:2b:73:88:44:b3:28:4c:bc:f7:88:b1:
6e:b6:02:8e:55:0f:e3:8a:89:88:d2:24:84:69:8c:54:cb:97:
33:78:c0:d5:bb:d8:5b:47:d3:66:41:5c:88:ff:c0:cc:37:e9:
37:cb:79:64:eb:4b:ed:de:03:9b:bc:69:f0:e0:ad:ed:e2:26:
fa:36:c1:0c:66:9d:7a:5f:59:67:71:13:0a:38:47:90:b9:86:
b9:7f:b9:0d:1c:0a:93:2e:a3:3f:c0:a5:df:e8:2e:f4:26:58:
33:5b:d7:1d:cd:e9:7a:18:1a:34:d3:90:81:85:c7:24:8e:e4:
7d:e7:91:ff:02:40:b2:23:db:25:d6:1d:f4:28:87:ea:8d:93:
89:61:30:cc:b1:d0:1b:88:f2:47:f7:e4:db:2c:35:13:d2:9a:
5c:e6:f4:cd
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGh6O2Jy5kenj7pdp+IozsVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODMwMDYxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWE0ODgwZjdhNmVjMGZmZjY2YTRmNjI4YjI5ZjZlYjg5NzA3OGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBosd2rq/HVuIimww9IvcyQI3auo
4VHnHBHPyIa52dk9bLVv4u2LeEXj+hZGA2hQBOFl9cpJAXh+e5anu9+L3nw0qed1
uwH9PEPq7jHYAgl6hB9Xf3pcBZtV0/CjjcDOKon0lnCVOEND/ktEtS1HUNQrOinf
lpYujr2c9WaMA/Max9CvvUlofJvvd9yxag2rMi384Lo1BF8SfRTvgavqQhXuVQgj
QDSX79jA1NXo0nszCo4KoYiGyAxHp8WPCYGERx1XjJycwoAEe3Ipi8EJ4ZolBhBQ
crpAqIROZEK+FICy5rr0mFQT0dUxxvIV9dKbpLaZfuOWx25w/H4bwNmOEQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFO6kiA96bsD/9mpPYosp9uuJcHiuMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvN3FTSUQzcHV3UF8yYWs5aWl5bjI2NGx3ZUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAi/iMsfb3MmTlmnHxLVkzbXfz
0tQ3zZimQEZL1ydm8ji2/vfqC9ipmT8nmvRwhD9wgfN4OzZiGInAj7bxF+FMwN5j
IUOunoEi0k/9B23Px7z84ioLbxXJEnf+QERklSxmEytziESzKEy894ixbrYCjlUP
44qJiNIkhGmMVMuXM3jA1bvYW0fTZkFciP/AzDfpN8t5ZOtL7d4Dm7xp8OCt7eIm
+jbBDGadel9ZZ3ETCjhHkLmGuX+5DRwKky6jP8Cl3+gu9CZYM1vXHc3pehgaNNOQ
gYXHJI7kfeeR/wJAsiPbJdYd9CiH6o2TiWEwzLHQG4jyR/fk2yw1E9KaXOb0zQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:46 2025 by rpki-client