Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8dtUYFsED7kXRy7NEReieiBoUn8.roa
File: 8dtUYFsED7kXRy7NEReieiBoUn8.roa (raw, json)
Hash identifier: Xt8cxNMtgmsS6z/2VZjG+kkudczytigrCg7fpI0apqE=
Subject key identifier: F1:DB:54:60:5B:04:0F:B9:17:47:2E:CD:11:17:A2:7A:20:68:52:7F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01910B46A4256BA7384CBB29845E83ECDC64
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8dtUYFsED7kXRy7NEReieiBoUn8.roa
Signing time: Thu 01 Aug 2024 00:11:04 +0000
ROA not before: Thu 01 Aug 2024 00:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 01 Aug 2024 01:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0b:46:a4:25:6b:a7:38:4c:bb:29:84:5e:83:ec:dc:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 1 00:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1db54605b040fb917472ecd1117a27a2068527f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2f:c8:d9:88:ac:17:dc:1b:59:4f:88:06:a7:
45:b5:27:ff:e3:64:d9:fc:db:59:de:f6:b7:04:67:
0d:e5:11:c9:f5:55:65:b7:ef:6a:1f:5c:f1:4e:18:
09:cf:9f:ad:a0:16:e7:1d:03:41:d4:b6:e0:88:b4:
94:94:53:eb:13:76:d9:9c:d1:79:d7:f3:8d:9c:83:
d0:28:b8:30:dd:34:f5:4e:af:0b:bb:80:6e:30:cf:
da:ab:6e:72:55:35:de:b5:f4:bc:c1:69:61:53:ad:
25:97:cf:ec:d8:11:b4:a7:30:9b:4c:f6:cd:58:fb:
49:09:d1:d6:bd:b0:78:9d:5a:d8:3c:82:b6:fa:82:
87:e7:d0:2c:a2:c5:f3:bf:f4:28:e7:d3:0d:0b:06:
f7:a7:10:12:e3:a7:e8:58:a2:8c:16:b1:3c:46:83:
d8:b7:48:04:34:c6:94:db:fe:e4:fc:eb:bb:de:a4:
9f:86:2e:5e:70:60:65:d6:50:29:06:46:fe:b1:c1:
01:78:72:c3:39:94:25:f3:d8:88:aa:b9:e3:f9:7e:
e3:65:c3:84:0d:d4:88:28:94:37:cb:d1:b5:ac:4e:
af:72:72:47:74:32:96:cb:54:6b:bb:36:ae:e3:24:
b3:84:fc:23:65:94:f0:8f:1b:b3:f8:18:c1:0c:ae:
3d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:DB:54:60:5B:04:0F:B9:17:47:2E:CD:11:17:A2:7A:20:68:52:7F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8dtUYFsED7kXRy7NEReieiBoUn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
67:69:38:5e:b8:70:83:ce:54:cd:84:20:1b:31:a9:22:4d:6e:
b7:5e:75:23:f7:7c:4c:12:5a:d3:52:27:44:27:e0:cd:21:67:
1d:89:97:6c:83:6e:7e:42:25:48:51:1c:6e:5a:cd:46:b2:6f:
d6:d2:77:2d:84:66:f1:df:07:0f:b8:f9:32:77:53:9d:e8:97:
ba:00:d2:ac:ad:0e:d0:0d:f4:c9:40:e5:9e:25:77:a4:66:8d:
e1:89:d8:3a:23:cb:5e:85:54:f0:a3:45:41:af:57:9f:de:99:
86:15:34:1e:31:97:de:00:e6:a8:2f:1a:1e:e4:3b:ac:f5:6e:
09:f7:5e:50:45:7b:2d:59:55:1a:ea:ab:54:f9:b3:b2:6c:d6:
b0:09:42:f5:cf:5d:a9:15:14:76:17:6b:54:05:e0:ea:e7:da:
67:75:8c:c2:fb:3e:30:41:88:31:c4:b8:96:22:86:03:16:21:
70:cb:b6:5f:71:9b:11:75:a2:f5:20:67:e0:86:0d:5e:cf:85:
4b:70:9f:99:01:86:3f:ae:68:d9:4c:87:e2:e5:aa:f0:7c:cb:
de:2d:22:15:bd:bd:19:2b:34:56:a5:1d:8f:ab:d9:fd:7d:27:
a3:f7:50:75:2d:b4:aa:93:8c:59:02:0d:23:36:32:ab:66:36:
1f:25:fd:36
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZELRqQla6c4TLsphF6D7NxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODAxMDAxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWRiNTQ2MDViMDQwZmI5MTc0NzJlY2QxMTE3YTI3YTIwNjg1MjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqi/I2YisF9wbWU+IBqdFtSf/42TZ
/NtZ3va3BGcN5RHJ9VVlt+9qH1zxThgJz5+toBbnHQNB1LbgiLSUlFPrE3bZnNF5
1/ONnIPQKLgw3TT1Tq8Lu4BuMM/aq25yVTXetfS8wWlhU60ll8/s2BG0pzCbTPbN
WPtJCdHWvbB4nVrYPIK2+oKH59AsosXzv/Qo59MNCwb3pxAS46foWKKMFrE8RoPY
t0gENMaU2/7k/Ou73qSfhi5ecGBl1lApBkb+scEBeHLDOZQl89iIqrnj+X7jZcOE
DdSIKJQ3y9G1rE6vcnJHdDKWy1Rruzau4ySzhPwjZZTwjxuz+BjBDK495QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPHbVGBbBA+5F0cuzREXonogaFJ/MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvOGR0VVlGc0VEN2tYUnk3TkVSZWllaUJvVW44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAZ2k4Xrhwg85UzYQgGzGpIk1u
t151I/d8TBJa01InRCfgzSFnHYmXbINufkIlSFEcblrNRrJv1tJ3LYRm8d8HD7j5
MndTneiXugDSrK0O0A30yUDlniV3pGaN4YnYOiPLXoVU8KNFQa9Xn96ZhhU0HjGX
3gDmqC8aHuQ7rPVuCfdeUEV7LVlVGuqrVPmzsmzWsAlC9c9dqRUUdhdrVAXg6ufa
Z3WMwvs+MEGIMcS4liKGAxYhcMu2X3GbEXWi9SBn4IYNXs+FS3CfmQGGP65o2UyH
4uWq8HzL3i0iFb29GSs0VqUdj6vZ/X0no/dQdS20qpOMWQINIzYyq2Y2HyX9Ng==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:28 2025 by rpki-client