Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9AC_so-l8-LcjZ5aIQ8hcrdGDYM.roa
File: 9AC_so-l8-LcjZ5aIQ8hcrdGDYM.roa (raw, json)
Hash identifier: wStdQ3+E+BVD3/fFf3zeKC17eAW3ozUDzkdg6pW723Q=
Subject key identifier: F4:00:BF:B2:8F:A5:F3:E2:DC:8D:9E:5A:21:0F:21:72:B7:46:0D:83
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191DD2360351DE4C2EB23AC9C70E3CA9AFC
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9AC_so-l8-LcjZ5aIQ8hcrdGDYM.roa
Signing time: Tue 10 Sep 2024 18:12:48 +0000
ROA not before: Tue 10 Sep 2024 18:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 10 Sep 2024 19:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:dd:23:60:35:1d:e4:c2:eb:23:ac:9c:70:e3:ca:9a:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 10 18:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f400bfb28fa5f3e2dc8d9e5a210f2172b7460d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6d:f2:f0:4f:a9:aa:68:d4:eb:88:12:3a:c5:
d3:c9:d2:d0:b0:f0:18:f5:6c:d5:31:0d:7f:62:b3:
56:88:96:72:02:c3:ac:84:ce:24:30:cd:76:f1:56:
65:44:dd:0a:7c:52:bf:33:a0:7a:37:41:fb:e8:82:
9d:c2:1a:46:55:31:99:9b:07:a1:80:a0:da:98:b7:
9d:15:af:b3:37:be:9f:59:3d:89:e2:88:c8:41:7c:
8b:e6:c0:6f:2d:7a:65:69:64:c6:c7:c8:52:47:b7:
3a:ca:d4:d6:c1:6a:f8:2e:cb:c8:ca:eb:9d:9e:58:
51:15:ac:75:62:12:ce:0d:b4:4b:16:ea:ee:c5:03:
45:4a:6f:76:4e:05:0e:7b:95:50:91:36:31:d7:b1:
da:38:1f:82:f9:ae:23:89:e9:92:cf:50:b7:0f:38:
5b:19:d2:0f:ed:90:06:6e:25:41:e3:1e:de:66:de:
ab:a5:78:f6:ae:c7:46:ea:4d:38:da:b8:df:54:98:
f8:6d:b5:6e:6e:0c:4d:ae:ca:01:ac:07:4a:e0:21:
5d:a6:9e:80:1d:2f:86:ca:4a:1b:17:c4:e0:b4:05:
f7:f8:c5:85:f5:93:d4:3d:d2:46:01:d3:11:b5:4f:
c2:c5:52:97:69:40:fa:23:24:9e:26:6d:92:68:2a:
29:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:00:BF:B2:8F:A5:F3:E2:DC:8D:9E:5A:21:0F:21:72:B7:46:0D:83
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9AC_so-l8-LcjZ5aIQ8hcrdGDYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
16:93:e4:ae:1c:b1:0f:50:b7:1f:43:69:b7:35:29:6f:e9:a4:
b2:1d:3e:5c:c8:fd:fb:64:ce:2c:db:42:ea:14:7f:b4:18:99:
32:f3:78:6c:64:28:ae:16:95:a5:15:6d:93:69:ff:8b:aa:d0:
7a:80:29:69:4d:f1:3d:54:21:c9:d6:9b:d6:3a:c9:55:50:ea:
f4:23:a6:54:81:f2:d1:5d:a3:2a:b7:2c:99:ce:d6:ca:4f:89:
7d:7f:60:4f:fb:cd:07:cc:87:78:ac:e6:ba:f0:bc:e8:b1:1f:
23:b5:61:00:d2:66:9a:07:2e:0c:45:9f:21:71:66:0c:fe:5a:
0b:bb:1b:7e:c5:cd:6f:fe:21:de:f4:bd:87:8d:5b:a4:23:64:
f0:7e:3f:e4:de:2d:02:e4:c8:03:b3:de:47:97:9e:f0:8a:94:
a6:40:3d:9c:67:f5:47:83:4b:17:2a:d0:25:77:69:b2:6e:7b:
11:36:0d:84:21:83:49:40:ad:96:e5:71:1d:0f:81:eb:1c:d1:
2d:86:16:9b:ed:38:6f:74:2b:5f:2a:cc:2e:e3:b0:53:5a:5d:
4e:f6:7b:16:61:8c:91:51:61:62:78:95:01:a1:b2:67:8f:79:
3b:fc:af:6b:dd:28:e3:dc:4d:7a:e1:d9:f8:30:95:96:fa:86:
aa:fb:f7:16
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHdI2A1HeTC6yOsnHDjypr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTEwMTgxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDAwYmZiMjhmYTVmM2UyZGM4ZDllNWEyMTBmMjE3MmI3NDYwZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo23y8E+pqmjU64gSOsXTydLQsPAY
9WzVMQ1/YrNWiJZyAsOshM4kMM128VZlRN0KfFK/M6B6N0H76IKdwhpGVTGZmweh
gKDamLedFa+zN76fWT2J4ojIQXyL5sBvLXplaWTGx8hSR7c6ytTWwWr4LsvIyuud
nlhRFax1YhLODbRLFuruxQNFSm92TgUOe5VQkTYx17HaOB+C+a4jiemSz1C3Dzhb
GdIP7ZAGbiVB4x7eZt6rpXj2rsdG6k042rjfVJj4bbVubgxNrsoBrAdK4CFdpp6A
HS+GykobF8TgtAX3+MWF9ZPUPdJGAdMRtU/CxVKXaUD6IySeJm2SaCopVwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFPQAv7KPpfPi3I2eWiEPIXK3Rg2DMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvOUFDX3NvLWw4LUxjalo1YUlROGhjcmRHRFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wDEQAgAQZ8AGT//wAAAZHYLDcb
MA0GCSqGSIb3DQEBCwUAA4IBAQAWk+SuHLEPULcfQ2m3NSlv6aSyHT5cyP37ZM4s
20LqFH+0GJky83hsZCiuFpWlFW2Taf+LqtB6gClpTfE9VCHJ1pvWOslVUOr0I6ZU
gfLRXaMqtyyZztbKT4l9f2BP+80HzId4rOa68LzosR8jtWEA0maaBy4MRZ8hcWYM
/loLuxt+xc1v/iHe9L2HjVukI2Twfj/k3i0C5MgDs95Hl57wipSmQD2cZ/VHg0sX
KtAld2mybnsRNg2EIYNJQK2W5XEdD4HrHNEthhab7ThvdCtfKswu47BTWl1O9nsW
YYyRUWFieJUBobJnj3k7/K9r3Sjj3E164dn4MJWW+oaq+/cW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:47 2025 by rpki-client