Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/AL0A62W8lA8nCECHD-ewtIra8kg.roa
File: AL0A62W8lA8nCECHD-ewtIra8kg.roa (raw, json)
Hash identifier: dRD5MBH6AcZZ08u5MTF3lqS2NIk5+zkL2xyYSIr3tX8=
Subject key identifier: 00:BD:00:EB:65:BC:94:0F:27:08:40:87:0F:E7:B0:B4:8A:DA:F2:48
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01916378DBC36A76DA31CAB16BC7EAA46BC3
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/AL0A62W8lA8nCECHD-ewtIra8kg.roa
Signing time: Sun 18 Aug 2024 03:12:30 +0000
ROA not before: Sun 18 Aug 2024 03:12:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 18 Aug 2024 04:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:63:78:db:c3:6a:76:da:31:ca:b1:6b:c7:ea:a4:6b:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 18 03:12:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00bd00eb65bc940f270840870fe7b0b48adaf248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:70:f6:5f:25:2e:f5:d9:c7:5d:23:0f:52:30:
68:bd:f5:f1:63:45:4e:77:e8:d9:c7:bd:f7:e3:d2:
67:3e:68:f9:7d:8c:44:e2:93:5f:9b:07:d8:46:4d:
23:c9:51:e9:6d:23:89:69:df:3d:93:19:2c:0d:da:
d7:21:e4:f0:6e:bc:ee:26:ab:a1:0c:4c:04:b9:aa:
26:10:c9:a2:8a:ea:b4:89:ca:35:05:db:47:01:ae:
4d:e0:4f:dc:e5:9e:93:19:63:61:20:e3:66:24:5a:
f5:27:fb:c0:38:60:14:07:e2:7a:cd:18:c7:3d:a0:
e1:74:27:8f:cb:cf:73:fd:e8:b6:ef:b3:ae:f1:3b:
d7:00:d1:1d:3d:81:84:06:b8:f4:c3:11:73:4f:93:
a1:9b:7d:00:7a:a3:0b:e1:f7:4e:95:80:0a:86:16:
82:0b:57:92:89:89:a3:70:18:c6:b6:ed:11:f0:40:
7c:23:69:6e:ff:bd:a0:99:0d:7b:fd:02:6b:0a:72:
82:4a:90:a7:50:40:44:55:2d:3e:f8:81:42:2b:36:
f4:c1:62:98:d0:76:7f:a7:c0:1f:3d:14:e0:81:a4:
b4:37:55:96:ac:ca:94:0a:d9:3f:19:87:2e:b8:20:
2b:47:4d:8a:09:f0:f7:49:4d:10:8a:de:d9:0d:da:
a6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:BD:00:EB:65:BC:94:0F:27:08:40:87:0F:E7:B0:B4:8A:DA:F2:48
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/AL0A62W8lA8nCECHD-ewtIra8kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
7b:ec:51:d1:b8:33:2e:ba:3e:e8:eb:89:bf:4e:08:78:71:ad:
c3:62:38:51:90:1c:65:88:57:9f:fe:b9:3a:56:e2:09:a7:15:
a0:74:15:62:d9:1c:8f:6c:2a:3b:78:83:94:0c:dc:52:b4:ee:
3b:ed:df:c3:f8:e9:08:82:0e:e0:5c:9c:9a:dd:93:26:88:e4:
3b:d0:8e:30:78:5f:3e:4a:66:f2:40:f0:90:24:00:d5:bc:38:
6e:c8:e2:3e:c5:1a:a3:3b:a0:9e:40:87:c6:c7:08:7c:d4:50:
73:b3:9d:39:98:e2:86:64:0b:0e:a0:9f:bc:db:04:61:0f:19:
51:74:4f:b9:23:76:ae:da:a5:ee:8d:f4:b2:8b:fc:d9:d1:3a:
30:76:cd:a9:15:ea:de:3c:c3:b2:56:42:c4:22:9a:19:a5:34:
50:7f:0b:70:d9:28:5e:98:31:2c:d6:a7:9c:1f:7a:17:95:a7:
32:60:14:45:cb:2e:47:31:dd:69:ad:31:95:9f:a4:cb:0f:0f:
25:ef:2b:d1:90:4c:42:83:b1:14:e0:4b:71:38:41:b9:03:8a:
a5:85:39:81:7b:f3:f2:58:5e:6c:e9:36:28:32:03:d7:19:25:
89:d9:45:44:5a:76:5e:2a:4c:7a:0d:bc:c8:14:62:3c:29:da:
77:e1:6e:29
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFjeNvDanbaMcqxa8fqpGvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODE4MDMxMjMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGJkMDBlYjY1YmM5NDBmMjcwODQwODcwZmU3YjBiNDhhZGFmMjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHD2XyUu9dnHXSMPUjBovfXxY0VO
d+jZx73349JnPmj5fYxE4pNfmwfYRk0jyVHpbSOJad89kxksDdrXIeTwbrzuJquh
DEwEuaomEMmiiuq0ico1BdtHAa5N4E/c5Z6TGWNhIONmJFr1J/vAOGAUB+J6zRjH
PaDhdCePy89z/ei277Ou8TvXANEdPYGEBrj0wxFzT5Ohm30AeqML4fdOlYAKhhaC
C1eSiYmjcBjGtu0R8EB8I2lu/72gmQ17/QJrCnKCSpCnUEBEVS0++IFCKzb0wWKY
0HZ/p8AfPRTggaS0N1WWrMqUCtk/GYcuuCArR02KCfD3SU0Qit7ZDdqmAwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAC9AOtlvJQPJwhAhw/nsLSK2vJIMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQUwwQTYyVzhsQThuQ0VDSEQtZXd0SXJhOGtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAe+xR0bgzLro+6OuJv04IeHGt
w2I4UZAcZYhXn/65OlbiCacVoHQVYtkcj2wqO3iDlAzcUrTuO+3fw/jpCIIO4Fyc
mt2TJojkO9COMHhfPkpm8kDwkCQA1bw4bsjiPsUaozugnkCHxscIfNRQc7OdOZji
hmQLDqCfvNsEYQ8ZUXRPuSN2rtql7o30sov82dE6MHbNqRXq3jzDslZCxCKaGaU0
UH8LcNkoXpgxLNannB96F5WnMmAURcsuRzHdaa0xlZ+kyw8PJe8r0ZBMQoOxFOBL
cThBuQOKpYU5gXvz8lhebOk2KDID1xklidlFRFp2XipMeg28yBRiPCnad+FuKQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:09 2025 by rpki-client