Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CbAUK8D3n3TGUtPgA1Bz37aUYWY.roa
File: CbAUK8D3n3TGUtPgA1Bz37aUYWY.roa (raw, json)
Hash identifier: gO2/sA7MW2DN1+LdXBIQQve5+2enYddlAHAmOC7a3uc=
Subject key identifier: 09:B0:14:2B:C0:F7:9F:74:C6:52:D3:E0:03:50:73:DF:B6:94:61:66
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191BF857F9EC85585513BA0ECCBA11C6553
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CbAUK8D3n3TGUtPgA1Bz37aUYWY.roa
Signing time: Thu 05 Sep 2024 00:11:22 +0000
ROA not before: Thu 05 Sep 2024 00:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 05 Sep 2024 01:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bf:85:7f:9e:c8:55:85:51:3b:a0:ec:cb:a1:1c:65:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 5 00:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09b0142bc0f79f74c652d3e0035073dfb6946166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5c:0b:ab:13:d9:24:ae:13:48:7d:95:76:da:
b8:e5:26:9f:6f:d0:bd:22:5a:d4:dd:a2:f3:6b:e3:
2c:61:68:12:09:37:b9:08:f2:51:81:e1:bd:7f:11:
6d:61:15:65:dc:21:bd:53:82:78:f2:ba:00:e9:92:
26:f1:8f:f4:cf:12:2e:3e:fe:9b:07:7c:3e:eb:ab:
51:ef:91:6b:df:c5:7e:a3:98:42:f6:51:0d:0b:50:
bf:02:d5:ea:af:69:27:5c:4a:ae:bc:58:bd:2d:b5:
85:ea:92:da:88:04:89:fe:a5:38:11:be:09:9c:c3:
90:d2:69:8a:2e:39:8f:b0:08:fa:40:77:68:5b:97:
4a:c1:70:42:2f:e3:0b:86:90:d0:ff:09:b3:d9:80:
2b:4e:08:49:da:82:f7:e8:de:4a:2c:50:18:67:63:
fc:c5:63:8f:17:57:c1:48:fa:49:7b:36:36:b5:c4:
07:c7:d4:78:62:c4:e0:f5:0b:df:9d:de:5b:da:45:
f7:ae:5e:46:78:ee:9e:ec:5a:ed:1a:b9:fe:93:cf:
7b:b1:51:ea:67:c5:84:09:55:fe:d4:db:3c:4c:99:
d0:36:27:b6:ca:97:1c:68:5d:dd:c6:92:b9:13:d7:
46:91:92:92:d0:e1:93:e3:3c:d6:ba:f9:4a:49:22:
0d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B0:14:2B:C0:F7:9F:74:C6:52:D3:E0:03:50:73:DF:B6:94:61:66
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CbAUK8D3n3TGUtPgA1Bz37aUYWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
64:94:ef:01:b7:8f:f2:42:fd:6b:3b:bd:99:f7:29:b4:5b:57:
20:20:98:15:51:09:7b:12:aa:aa:82:df:00:85:80:50:dd:06:
bd:96:00:d2:b3:4f:82:f2:e2:ad:c7:b1:21:79:e1:55:f3:ec:
39:ae:ab:b2:29:fe:b2:79:90:80:5c:90:71:9f:e8:dd:fb:e2:
a2:1a:f9:97:5b:48:fa:16:8d:c8:a4:bf:ad:c6:47:ad:1b:b8:
c8:4f:03:f9:05:f4:c0:c8:ae:88:73:43:24:f0:2d:67:a0:ce:
7f:43:39:45:70:ac:d9:76:b4:69:4d:db:d0:c8:bc:64:a7:5a:
30:33:4a:3f:04:21:97:ac:e3:18:a1:6d:53:37:bb:e4:ab:d6:
e3:47:4c:88:7a:41:3b:c1:fe:8f:80:9e:f8:a6:6c:9e:54:9c:
d8:04:0b:a9:65:4a:5a:7b:d9:7f:60:b3:37:7e:a4:dd:16:9a:
7d:3c:7d:d1:df:3d:30:dd:70:bf:27:92:90:2b:fa:c5:8b:b4:
7f:e5:a6:5e:53:23:76:63:70:83:f3:e9:6c:8d:8e:9e:22:2a:
fc:fc:e9:6a:d4:5e:df:5c:49:08:d1:3a:2f:aa:9c:c5:9e:75:
ba:9e:5f:de:4b:e6:2d:3e:93:1d:c1:94:a3:7c:38:31:0b:83:
4a:bd:30:fb
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZG/hX+eyFWFUTug7MuhHGVTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA1MDAxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWIwMTQyYmMwZjc5Zjc0YzY1MmQzZTAwMzUwNzNkZmI2OTQ2MTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVwLqxPZJK4TSH2Vdtq45Safb9C9
IlrU3aLza+MsYWgSCTe5CPJRgeG9fxFtYRVl3CG9U4J48roA6ZIm8Y/0zxIuPv6b
B3w+66tR75Fr38V+o5hC9lENC1C/AtXqr2knXEquvFi9LbWF6pLaiASJ/qU4Eb4J
nMOQ0mmKLjmPsAj6QHdoW5dKwXBCL+MLhpDQ/wmz2YArTghJ2oL36N5KLFAYZ2P8
xWOPF1fBSPpJezY2tcQHx9R4YsTg9Qvfnd5b2kX3rl5GeO6e7FrtGrn+k897sVHq
Z8WECVX+1Ns8TJnQNie2ypccaF3dxpK5E9dGkZKS0OGT4zzWuvlKSSINvQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAmwFCvA9590xlLT4ANQc9+2lGFmMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQ2JBVUs4RDNuM1RHVXRQZ0ExQnozN2FVWVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAZJTvAbeP8kL9azu9mfcptFtX
ICCYFVEJexKqqoLfAIWAUN0GvZYA0rNPgvLircexIXnhVfPsOa6rsin+snmQgFyQ
cZ/o3fviohr5l1tI+haNyKS/rcZHrRu4yE8D+QX0wMiuiHNDJPAtZ6DOf0M5RXCs
2Xa0aU3b0Mi8ZKdaMDNKPwQhl6zjGKFtUze75KvW40dMiHpBO8H+j4Ce+KZsnlSc
2AQLqWVKWnvZf2CzN36k3RaafTx90d89MN1wvyeSkCv6xYu0f+WmXlMjdmNwg/Pp
bI2OniIq/PzpatRe31xJCNE6L6qcxZ51up5f3kvmLT6THcGUo3w4MQuDSr0w+w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:36 2025 by rpki-client