Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/98WM6Cxnpt7XdFNonKuPDJhuo2E.roa
File: 98WM6Cxnpt7XdFNonKuPDJhuo2E.roa (raw, json)
Hash identifier: HyYe3249II3yq1VXveAwf21WoaUz4RUWF+mbRhCSkX4=
Subject key identifier: F7:C5:8C:E8:2C:67:A6:DE:D7:74:53:68:9C:AB:8F:0C:98:6E:A3:61
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019124628FE1D167171B0A9B3474A5133959
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/98WM6Cxnpt7XdFNonKuPDJhuo2E.roa
Signing time: Mon 05 Aug 2024 21:12:04 +0000
ROA not before: Mon 05 Aug 2024 21:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 05 Aug 2024 22:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:24:62:8f:e1:d1:67:17:1b:0a:9b:34:74:a5:13:39:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 5 21:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7c58ce82c67a6ded77453689cab8f0c986ea361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0b:d4:8f:45:12:b6:6b:f1:98:50:46:b4:96:
63:3c:60:fb:4a:9e:95:b1:74:9e:3f:60:50:b6:0c:
e7:55:2e:fa:92:92:05:c0:41:66:39:55:e7:84:c0:
02:03:c2:c3:77:24:dd:ec:e2:ac:f4:3e:b4:d7:60:
5c:bc:6d:0f:90:d4:5b:bb:41:a0:7c:04:be:fc:d2:
c8:fa:37:fa:49:cb:88:e0:9a:e6:41:b5:ed:50:86:
34:4d:0d:a5:36:c4:a7:ce:48:17:06:01:b4:7c:41:
ec:e4:68:53:d4:d4:96:9f:9e:c8:40:3d:0a:5b:0c:
ca:05:c1:0a:09:ce:f8:7f:d9:7d:ff:25:f1:3b:4d:
f9:f8:55:ae:ce:51:74:b8:df:46:c9:7d:2e:94:30:
df:33:11:98:f5:91:21:90:96:0d:e9:c4:f4:bc:bc:
b9:15:75:23:46:6e:28:0e:7c:1b:98:90:ff:43:0f:
97:53:c2:f0:70:f0:21:69:66:bc:c1:5d:b0:54:12:
dd:66:4e:5c:fe:93:26:0e:84:af:01:89:e7:c3:44:
f4:84:ba:45:6c:74:9c:4e:53:d7:aa:bf:f7:9f:7d:
d1:d3:04:f4:06:db:24:19:e0:88:c0:0f:db:9f:b7:
24:25:ed:8e:26:fb:a3:64:0b:b3:e8:05:74:61:55:
98:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:C5:8C:E8:2C:67:A6:DE:D7:74:53:68:9C:AB:8F:0C:98:6E:A3:61
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/98WM6Cxnpt7XdFNonKuPDJhuo2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
43:e0:b8:af:fd:23:4e:96:0f:dc:9c:f1:c0:0c:e6:2e:27:51:
fe:b2:41:d5:64:e5:1c:99:67:c1:ae:f4:9c:1c:71:a1:ad:c7:
23:ea:33:10:8e:f5:e1:f3:ed:ea:16:3f:36:53:b9:64:b7:1f:
4d:59:47:3f:87:a9:1b:a1:35:c0:b6:a4:9a:12:47:f6:9f:d6:
83:91:8d:49:73:b1:25:1a:27:e3:66:83:9e:fe:04:49:fe:d9:
ae:50:96:de:a6:6e:4b:4c:e6:2a:9d:e4:a9:d6:8f:33:99:8a:
61:ad:97:3e:8d:d9:c7:fc:f4:7a:13:ca:10:1b:4d:a9:e0:66:
f2:0f:77:7f:af:54:3f:de:58:7f:fd:bb:60:14:36:62:b4:21:
2c:24:d8:70:5c:a2:61:45:c1:09:1d:5e:c2:e0:d4:bd:13:8e:
be:1b:89:ca:41:e5:5d:5f:5d:78:20:0f:3f:68:7b:17:e2:67:
ab:89:09:a7:0f:fa:d9:16:4d:ba:0e:35:10:87:09:d2:54:bd:
8f:61:5d:8b:45:0e:e8:ea:0b:7c:e1:52:80:56:d1:3a:38:bd:
ce:f4:75:91:4c:61:a0:f8:f9:44:85:53:91:c2:29:08:ab:d3:
97:6c:6a:fb:cd:f6:3e:3b:6b:23:23:6a:d0:04:90:6f:b8:75:
77:98:34:d7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEkYo/h0WcXGwqbNHSlEzlZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA1MjExMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2M1OGNlODJjNjdhNmRlZDc3NDUzNjg5Y2FiOGYwYzk4NmVhMzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAvUj0UStmvxmFBGtJZjPGD7Sp6V
sXSeP2BQtgznVS76kpIFwEFmOVXnhMACA8LDdyTd7OKs9D6012BcvG0PkNRbu0Gg
fAS+/NLI+jf6ScuI4JrmQbXtUIY0TQ2lNsSnzkgXBgG0fEHs5GhT1NSWn57IQD0K
WwzKBcEKCc74f9l9/yXxO035+FWuzlF0uN9GyX0ulDDfMxGY9ZEhkJYN6cT0vLy5
FXUjRm4oDnwbmJD/Qw+XU8LwcPAhaWa8wV2wVBLdZk5c/pMmDoSvAYnnw0T0hLpF
bHScTlPXqr/3n33R0wT0BtskGeCIwA/bn7ckJe2OJvujZAuz6AV0YVWY/QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPfFjOgsZ6be13RTaJyrjwyYbqNhMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvOThXTTZDeG5wdDdYZEZOb25LdVBESmh1bzJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAQ+C4r/0jTpYP3JzxwAzmLidR
/rJB1WTlHJlnwa70nBxxoa3HI+ozEI714fPt6hY/NlO5ZLcfTVlHP4epG6E1wLak
mhJH9p/Wg5GNSXOxJRon42aDnv4ESf7ZrlCW3qZuS0zmKp3kqdaPM5mKYa2XPo3Z
x/z0ehPKEBtNqeBm8g93f69UP95Yf/27YBQ2YrQhLCTYcFyiYUXBCR1ewuDUvROO
vhuJykHlXV9deCAPP2h7F+Jnq4kJpw/62RZNug41EIcJ0lS9j2Fdi0UO6OoLfOFS
gFbROji9zvR1kUxhoPj5RIVTkcIpCKvTl2xq+832PjtrIyNq0ASQb7h1d5g01w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:31 2025 by rpki-client