Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Cpek40NuhAE_MwZ1ih0IDF_N_RU.roa
File: Cpek40NuhAE_MwZ1ih0IDF_N_RU.roa (raw, json)
Hash identifier: VQ6Gmww60zcMGZ+q9eegSwuQI4UkSPG1i33ZyXK2bwE=
Subject key identifier: 0A:97:A4:E3:43:6E:84:01:3F:33:06:75:8A:1D:08:0C:5F:CD:FD:15
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01931BC1DE7C0FA3C89E3F5A513FE00A67AB
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Cpek40NuhAE_MwZ1ih0IDF_N_RU.roa
Signing time: Mon 11 Nov 2024 15:05:10 +0000
ROA not before: Mon 11 Nov 2024 15:05:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:193:1bc1:afe/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 11 Nov 2024 15:12:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1b:c1:de:7c:0f:a3:c8:9e:3f:5a:51:3f:e0:0a:67:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Nov 11 15:05:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a97a4e3436e84013f3306758a1d080c5fcdfd15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0a:2c:78:bf:4a:c9:15:40:f0:8c:87:9a:c3:
73:59:9f:41:2d:e0:70:9a:ec:08:44:ff:dc:d6:16:
bb:c9:5d:61:d3:bb:83:f6:ac:fc:8a:4a:bb:9d:d5:
2e:da:74:d3:c6:a8:73:93:17:c7:98:36:cc:40:af:
d1:2e:9d:3c:20:d0:67:e1:e8:01:3f:06:58:a4:36:
6c:95:b1:9b:83:36:27:5d:36:80:53:9a:1c:0f:d8:
bb:72:1b:cf:13:d0:00:e2:2e:28:0d:fe:54:a8:76:
8e:58:15:ca:72:aa:81:98:3f:81:53:75:e7:54:d7:
91:58:8c:f5:46:a8:8d:b6:5a:0d:33:be:84:4e:74:
af:d5:58:36:9f:cb:ed:1e:f7:dc:4d:de:86:40:68:
76:7d:ff:d5:b4:f8:fe:97:d5:df:01:67:d1:15:b9:
57:4e:9b:e1:72:73:d8:4c:fb:78:ac:af:91:0c:be:
63:f8:4b:06:d5:06:e0:a1:f3:bc:3e:86:fb:46:09:
50:94:87:28:84:83:9a:0f:c9:89:79:45:f5:cb:50:
9b:03:b5:1b:c7:e2:e5:8d:d3:3c:a5:17:9b:79:8c:
52:9c:92:a7:ad:b7:cb:8c:61:c0:29:6e:58:a7:27:
64:be:3f:27:5e:d9:3b:7e:3e:ea:7e:63:71:ab:31:
e9:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:97:A4:E3:43:6E:84:01:3F:33:06:75:8A:1D:08:0C:5F:CD:FD:15
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Cpek40NuhAE_MwZ1ih0IDF_N_RU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:193:1bc1:afe/128
Signature Algorithm: sha256WithRSAEncryption
03:f7:15:48:69:36:a2:1d:af:e6:5e:c2:08:b6:40:85:bf:6c:
54:5b:8e:7c:82:c8:3b:0e:80:b9:0c:30:9f:f1:67:1e:5c:ac:
43:da:37:aa:bc:ba:f0:94:e2:ff:df:ee:bf:a7:c4:57:d3:0d:
b6:c4:c0:41:32:e7:5e:54:49:5c:52:5b:22:f4:10:f5:d3:24:
18:af:96:cb:e6:43:49:97:73:6f:4a:24:53:37:3c:7e:4e:b2:
fc:57:11:25:58:75:8e:b3:17:2e:39:6b:30:ac:8f:3a:6f:c8:
6b:19:58:1e:12:2f:58:74:07:97:29:aa:1c:b2:19:ec:97:31:
8e:09:b4:97:bf:11:55:ba:f1:cc:d0:ac:44:82:86:a9:39:dc:
5a:3a:7e:c3:50:53:e1:86:93:86:7e:72:25:33:bb:2a:08:1e:
30:07:64:ed:94:69:6f:95:e9:c1:ea:62:2a:48:81:13:e2:c5:
4f:82:68:2e:5d:1b:a5:a5:df:a3:ed:e8:f2:ea:b0:3d:5f:63:
a8:81:80:34:47:5a:9d:90:ac:18:7e:62:10:54:3f:ce:18:3c:
21:60:39:e8:54:62:82:31:fb:b4:17:bc:d9:32:e7:46:a5:3f:
64:e0:33:d4:8e:02:ae:06:13:bd:ef:43:1e:8e:8b:94:ad:87:
55:2e:83:38
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZMbwd58D6PInj9aUT/gCmerMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMTExMTUwNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTk3YTRlMzQzNmU4NDAxM2YzMzA2NzU4YTFkMDgwYzVmY2RmZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQoseL9KyRVA8IyHmsNzWZ9BLeBw
muwIRP/c1ha7yV1h07uD9qz8ikq7ndUu2nTTxqhzkxfHmDbMQK/RLp08INBn4egB
PwZYpDZslbGbgzYnXTaAU5ocD9i7chvPE9AA4i4oDf5UqHaOWBXKcqqBmD+BU3Xn
VNeRWIz1RqiNtloNM76ETnSv1Vg2n8vtHvfcTd6GQGh2ff/VtPj+l9XfAWfRFblX
TpvhcnPYTPt4rK+RDL5j+EsG1QbgofO8Pob7RglQlIcohIOaD8mJeUX1y1CbA7Ub
x+LljdM8pRebeYxSnJKnrbfLjGHAKW5Ypydkvj8nXtk7fj7qfmNxqzHpSwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAqXpONDboQBPzMGdYodCAxfzf0VMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQ3BlazQwTnVoQUVfTXdaMWloMElERl9OX1JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGTG8EK/jANBgkqhkiG9w0BAQsFAAOCAQEAA/cVSGk2oh2v5l7CCLZAhb9s
VFuOfILIOw6AuQwwn/FnHlysQ9o3qry68JTi/9/uv6fEV9MNtsTAQTLnXlRJXFJb
IvQQ9dMkGK+Wy+ZDSZdzb0okUzc8fk6y/FcRJVh1jrMXLjlrMKyPOm/IaxlYHhIv
WHQHlymqHLIZ7Jcxjgm0l78RVbrxzNCsRIKGqTncWjp+w1BT4YaThn5yJTO7Kgge
MAdk7ZRpb5XpwepiKkiBE+LFT4JoLl0bpaXfo+3o8uqwPV9jqIGANEdanZCsGH5i
EFQ/zhg8IWA56FRigjH7tBe82TLnRqU/ZOAz1I4CrgYTve9DHo6LlK2HVS6DOA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:21 2025 by rpki-client