Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8D6jxlhmNdo8yP0rPFLGiBykfX0.roa
File: 8D6jxlhmNdo8yP0rPFLGiBykfX0.roa (raw, json)
Hash identifier: 8Mjw71QeNJ4Wx3ViJ3eSE1uMMG0d9iLekuJ2eu9/GWo=
Subject key identifier: F0:3E:A3:C6:58:66:35:DA:3C:C8:FD:2B:3C:52:C6:88:1C:A4:7D:7D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191DA59436E02AF4FBFEBF2C791C67FCEDF
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8D6jxlhmNdo8yP0rPFLGiBykfX0.roa
Signing time: Tue 10 Sep 2024 05:12:48 +0000
ROA not before: Tue 10 Sep 2024 05:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 10 Sep 2024 06:04:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:da:59:43:6e:02:af:4f:bf:eb:f2:c7:91:c6:7f:ce:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 10 05:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f03ea3c6586635da3cc8fd2b3c52c6881ca47d7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:30:14:a4:e9:8a:46:27:b7:2a:67:c8:67:9e:
0d:88:1d:58:e4:a5:4b:2c:5d:dc:c4:e6:7d:4c:63:
af:b0:b4:5e:4a:8c:c1:0a:7a:a8:89:a1:73:5c:dc:
7a:3d:54:0e:5b:9f:9c:25:f7:2d:13:fc:2b:b6:c4:
b0:d8:db:ce:b3:ac:83:76:b5:2c:0d:2d:1c:7b:11:
a8:88:eb:17:39:31:61:fd:57:88:eb:72:1c:59:81:
f2:6c:9c:96:b2:60:af:68:dc:68:9b:d2:09:b2:cc:
a4:42:a1:55:e9:c5:22:7a:4e:1c:d4:a1:8a:e0:f0:
12:2a:0c:eb:4d:5b:c5:6f:80:6f:f3:bc:dd:03:82:
4d:5a:8a:1a:a0:65:18:c7:b7:10:d6:f6:9a:28:c4:
12:90:e7:46:e6:f5:11:73:e3:a6:88:1b:7b:39:92:
39:27:50:58:47:2f:8f:4f:59:b9:6f:c6:3c:3a:c6:
e4:66:c9:f2:ab:21:a1:22:b1:40:c6:c5:8d:cc:a6:
6e:a2:03:12:9a:50:07:f3:d0:8a:53:bf:16:91:af:
f3:29:c0:05:8d:46:b7:56:6d:e2:bd:e0:e1:36:49:
30:0f:e2:21:f4:f5:fa:53:6d:b0:27:f6:eb:fe:3e:
5b:3c:dc:05:f7:90:e7:f1:8a:02:e1:ac:e0:d4:d8:
f5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:3E:A3:C6:58:66:35:DA:3C:C8:FD:2B:3C:52:C6:88:1C:A4:7D:7D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8D6jxlhmNdo8yP0rPFLGiBykfX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
87:8f:4d:12:a2:ad:4f:71:dd:9f:08:8c:2b:f2:a4:d7:9b:90:
2c:d8:1a:23:43:50:d1:f1:2b:f0:e6:8b:ee:76:6a:0d:3f:82:
cb:94:48:73:37:72:20:e7:d9:50:fe:ba:3b:30:ec:00:a0:04:
8d:d6:05:b7:b3:c6:ae:3c:20:a4:62:91:56:26:99:98:dc:fe:
15:88:cb:0e:f6:af:ff:e4:bf:5d:81:91:a0:11:a0:1e:23:f1:
c8:b7:84:28:96:e3:c6:11:10:9d:29:2f:bc:d0:34:ba:f5:7d:
22:05:2b:4b:a4:6e:4a:aa:58:e7:38:71:66:f4:db:43:38:6b:
c6:3e:ba:6e:eb:ff:6c:91:6e:a0:85:21:ba:ec:80:8b:f9:f4:
35:f8:2c:4d:1a:25:44:86:ad:4f:82:8f:88:6e:0d:22:4e:35:
94:72:f5:81:e5:ef:78:12:c8:99:7e:f2:d0:56:b1:4d:dc:ae:
64:0e:ba:6e:fd:00:e2:1c:e7:6b:eb:c6:c7:fc:cd:98:e1:b1:
85:2a:86:a6:91:32:57:e2:ee:01:b6:7a:1a:db:39:90:9e:de:
fe:e5:df:2e:ca:e4:9f:33:45:6b:67:57:26:b9:b6:49:0c:23:
27:88:fe:c9:c8:85:9f:7b:a4:ab:0b:30:a2:f2:0f:f0:06:34:
53:56:c3:87
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHaWUNuAq9Pv+vyx5HGf87fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTEwMDUxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDNlYTNjNjU4NjYzNWRhM2NjOGZkMmIzYzUyYzY4ODFjYTQ3ZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTAUpOmKRie3KmfIZ54NiB1Y5KVL
LF3cxOZ9TGOvsLReSozBCnqoiaFzXNx6PVQOW5+cJfctE/wrtsSw2NvOs6yDdrUs
DS0cexGoiOsXOTFh/VeI63IcWYHybJyWsmCvaNxom9IJssykQqFV6cUiek4c1KGK
4PASKgzrTVvFb4Bv87zdA4JNWooaoGUYx7cQ1vaaKMQSkOdG5vURc+OmiBt7OZI5
J1BYRy+PT1m5b8Y8OsbkZsnyqyGhIrFAxsWNzKZuogMSmlAH89CKU78Wka/zKcAF
jUa3Vm3iveDhNkkwD+Ih9PX6U22wJ/br/j5bPNwF95Dn8YoC4azg1Nj11QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFPA+o8ZYZjXaPMj9KzxSxogcpH19MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvOEQ2anhsaG1OZG84eVAwclBGTEdpQnlrZlgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wDEQAgAQZ8AGT//wAAAZHYLDcb
MA0GCSqGSIb3DQEBCwUAA4IBAQCHj00Soq1Pcd2fCIwr8qTXm5As2BojQ1DR8Svw
5ovudmoNP4LLlEhzN3Ig59lQ/ro7MOwAoASN1gW3s8auPCCkYpFWJpmY3P4ViMsO
9q//5L9dgZGgEaAeI/HIt4QoluPGERCdKS+80DS69X0iBStLpG5KqljnOHFm9NtD
OGvGPrpu6/9skW6ghSG67ICL+fQ1+CxNGiVEhq1Pgo+Ibg0iTjWUcvWB5e94EsiZ
fvLQVrFN3K5kDrpu/QDiHOdr68bH/M2Y4bGFKoamkTJX4u4Btnoa2zmQnt7+5d8u
yuSfM0VrZ1cmubZJDCMniP7JyIWfe6SrCzCi8g/wBjRTVsOH
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:46 2025 by rpki-client