Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DnBpGMrmdmHQyrT9DhiVPMn_R20.roa
File: DnBpGMrmdmHQyrT9DhiVPMn_R20.roa (raw, json)
Hash identifier: JD1/pHCMzfQ4BzEvNeZpfMT9GrHIvihvAAVDdIeu4bY=
Subject key identifier: 0E:70:69:18:CA:E6:76:61:D0:CA:B4:FD:0E:18:95:3C:C9:FF:47:6D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01917F92F39EF5F2D753EDDBF0BCB5F959E4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DnBpGMrmdmHQyrT9DhiVPMn_R20.roa
Signing time: Fri 23 Aug 2024 14:10:22 +0000
ROA not before: Fri 23 Aug 2024 14:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 23 Aug 2024 15:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7f:92:f3:9e:f5:f2:d7:53:ed:db:f0:bc:b5:f9:59:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 23 14:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e706918cae67661d0cab4fd0e18953cc9ff476d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ca:0b:08:a0:67:8f:d9:06:40:ae:91:39:8c:
70:95:f8:b1:02:a5:c2:59:1f:73:1e:01:6a:27:39:
c4:93:a1:96:49:65:75:4f:f4:1c:c4:2a:a8:dd:91:
19:2c:66:d0:87:f8:35:ab:98:6d:0a:67:2d:65:7f:
3e:25:b8:e9:05:56:a1:87:73:d1:75:1a:24:2c:b2:
40:d7:d8:1f:26:f2:1e:ab:e8:e8:38:0e:08:6c:2f:
08:8a:4a:81:13:8b:64:a9:28:66:79:07:60:50:4d:
10:4e:f7:25:f9:c6:52:86:e2:95:93:3e:b2:5d:f6:
d4:13:95:dd:31:a4:15:e5:f8:02:87:27:79:ca:43:
89:19:5e:26:bc:49:b2:f3:d1:fb:f5:3f:ab:3c:d5:
c8:ed:62:50:7e:36:e8:a8:96:a0:12:42:df:b3:6d:
90:85:37:93:e7:60:a4:0a:ed:02:77:b6:cf:4d:29:
db:03:ec:26:f9:f9:bf:41:4d:1e:1b:ad:df:b7:38:
38:40:c6:98:52:b8:19:2b:0c:91:74:2f:be:16:27:
1c:a7:ae:c9:c3:88:d2:0e:54:09:15:1d:0a:c8:e2:
37:a6:f6:87:f0:79:92:35:44:c1:ed:dd:8f:13:40:
9a:e1:ee:bb:fa:fc:d2:31:3c:39:51:47:3b:99:e4:
09:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:70:69:18:CA:E6:76:61:D0:CA:B4:FD:0E:18:95:3C:C9:FF:47:6D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DnBpGMrmdmHQyrT9DhiVPMn_R20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
12:4c:ab:61:6a:bc:2b:2b:b6:07:04:24:a5:a5:7d:20:10:fa:
03:87:f0:36:4c:fe:7d:6e:00:a5:eb:44:d7:3c:ab:42:55:ca:
6e:6e:17:a3:be:06:e1:4f:ad:0c:89:48:c4:39:88:c0:3d:dd:
ac:d5:15:32:99:ec:09:37:78:cc:f0:05:70:8e:c3:aa:0e:71:
29:66:c0:53:4f:b7:fb:71:89:5f:98:0f:80:6d:2e:15:34:72:
c9:0c:1d:9d:43:72:44:89:d8:1f:6f:53:e4:91:3b:4d:58:36:
50:c2:3b:eb:31:65:a3:1a:6f:1d:9f:af:33:b9:40:c3:8c:20:
7e:95:c6:35:ec:3a:3f:86:4a:57:c8:98:ec:ce:a9:8e:6d:1b:
d3:f8:3d:3d:4d:d1:09:42:da:ef:6d:17:53:84:f4:38:21:95:
ab:f8:d3:cb:21:a8:b7:b4:de:fe:7d:88:83:19:9d:2b:b7:f4:
7b:4f:cd:e7:b0:73:05:9f:46:cd:4f:61:f3:d2:da:d8:d0:74:
25:42:11:02:b7:92:98:8c:55:77:c5:e4:d1:7e:b3:42:ce:c9:
cf:1e:79:cf:b1:75:ef:85:e4:70:1d:ea:d0:52:ca:b8:6d:b8:
f8:f3:69:5d:fb:b8:c9:44:f6:38:97:cb:73:2a:6f:a6:f1:cf:
7e:c1:22:91
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZF/kvOe9fLXU+3b8Ly1+VnkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODIzMTQxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTcwNjkxOGNhZTY3NjYxZDBjYWI0ZmQwZTE4OTUzY2M5ZmY0NzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcoLCKBnj9kGQK6ROYxwlfixAqXC
WR9zHgFqJznEk6GWSWV1T/QcxCqo3ZEZLGbQh/g1q5htCmctZX8+JbjpBVahh3PR
dRokLLJA19gfJvIeq+joOA4IbC8IikqBE4tkqShmeQdgUE0QTvcl+cZShuKVkz6y
XfbUE5XdMaQV5fgChyd5ykOJGV4mvEmy89H79T+rPNXI7WJQfjboqJagEkLfs22Q
hTeT52CkCu0Cd7bPTSnbA+wm+fm/QU0eG63ftzg4QMaYUrgZKwyRdC++Ficcp67J
w4jSDlQJFR0KyOI3pvaH8HmSNUTB7d2PE0Ca4e67+vzSMTw5UUc7meQJcwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFA5waRjK5nZh0Mq0/Q4YlTzJ/0dtMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRG5CcEdNcm1kbUhReXJUOURoaVZQTW5fUjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAEkyrYWq8Kyu2BwQkpaV9IBD6
A4fwNkz+fW4ApetE1zyrQlXKbm4Xo74G4U+tDIlIxDmIwD3drNUVMpnsCTd4zPAF
cI7Dqg5xKWbAU0+3+3GJX5gPgG0uFTRyyQwdnUNyRInYH29T5JE7TVg2UMI76zFl
oxpvHZ+vM7lAw4wgfpXGNew6P4ZKV8iY7M6pjm0b0/g9PU3RCULa720XU4T0OCGV
q/jTyyGot7Te/n2IgxmdK7f0e0/N57BzBZ9GzU9h89La2NB0JUIRAreSmIxVd8Xk
0X6zQs7Jzx55z7F174XkcB3q0FLKuG24+PNpXfu4yUT2OJfLcypvpvHPfsEikQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:35 2025 by rpki-client