Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/GycBtfhxnh5qbqzJfh3Br-CkGm8.roa
File: GycBtfhxnh5qbqzJfh3Br-CkGm8.roa (raw, json)
Hash identifier: dS/ZiX1dj8S56pqE+8KbFiS0MyvoSOCOmBZp/3hCDu0=
Subject key identifier: 1B:27:01:B5:F8:71:9E:1E:6A:6E:AC:C9:7E:1D:C1:AF:E0:A4:1A:6F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01911A14ECEAF78E766B61E2FF694AE817B3
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/GycBtfhxnh5qbqzJfh3Br-CkGm8.roa
Signing time: Sat 03 Aug 2024 21:11:04 +0000
ROA not before: Sat 03 Aug 2024 21:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 03 Aug 2024 22:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1a:14:ec:ea:f7:8e:76:6b:61:e2:ff:69:4a:e8:17:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 3 21:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b2701b5f8719e1e6a6eacc97e1dc1afe0a41a6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:aa:5a:3b:3c:09:31:85:4d:c3:52:fd:36:07:
45:53:99:25:09:b5:94:6b:56:f2:df:41:6a:09:de:
23:49:0e:dd:b3:2a:2f:9a:cb:47:c1:2e:d5:7a:aa:
05:4a:24:91:95:61:d2:26:b6:99:9b:e1:6e:6a:cd:
3b:76:47:63:5a:20:36:c1:cf:b9:98:af:6b:c3:60:
81:f3:a5:d3:6a:8b:52:f7:5c:2c:ea:bb:9e:bb:c6:
0d:3a:d6:39:12:fc:27:60:37:5d:49:0d:9c:79:dd:
27:0a:ad:62:54:61:23:25:41:11:c9:4d:5f:a6:22:
6d:9a:3a:32:52:93:e8:c9:09:fe:9b:ff:f7:15:df:
e1:49:62:de:cb:d5:29:45:c3:92:fd:b0:59:e8:26:
e0:c5:16:3b:a0:b1:eb:d1:1d:14:5f:c2:bd:9d:8c:
48:16:6a:28:58:e6:71:35:3b:2a:64:52:26:1a:8f:
44:03:9f:a0:3f:ff:68:69:37:92:72:41:47:b5:71:
ea:aa:7b:15:95:f6:10:d7:da:51:af:d4:95:b8:1d:
cd:bc:00:40:01:0d:61:91:25:aa:ef:05:3c:02:ab:
26:22:f6:48:c4:6c:00:79:56:f5:ad:06:1e:b4:d6:
8d:38:93:99:b5:90:21:23:25:4f:c8:b8:cf:94:93:
2a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:27:01:B5:F8:71:9E:1E:6A:6E:AC:C9:7E:1D:C1:AF:E0:A4:1A:6F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/GycBtfhxnh5qbqzJfh3Br-CkGm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
24:ca:e0:0a:c1:e5:76:5c:b3:c8:ad:5f:2a:56:cb:10:77:e2:
e1:60:cc:66:23:d0:d8:24:6c:3a:2f:dd:20:66:70:fd:65:97:
8e:ae:54:c4:3a:95:57:7c:85:c0:b9:31:2d:b4:7a:19:5d:e1:
89:cb:10:cd:90:45:fb:7c:05:bb:38:54:36:11:1c:8c:ea:f1:
00:c7:15:51:48:e0:9d:b0:f7:ea:5b:60:e8:56:d4:95:e5:ce:
90:0b:54:be:f7:24:54:44:36:a2:38:40:99:95:a5:9c:04:7d:
fd:69:8d:05:d8:3f:df:e3:01:fd:25:64:32:dd:2a:81:b9:7f:
f7:ac:5d:c3:e4:0d:23:3c:51:b4:be:42:28:5e:96:bf:8b:19:
a3:30:af:8e:92:c6:01:2a:d6:b3:ed:25:83:1c:da:6f:25:c5:
38:5c:12:27:46:e8:ef:63:46:d4:41:13:93:df:47:0b:df:c6:
30:09:a5:93:d4:ec:4c:6b:0c:f0:47:fa:62:ed:b8:c9:20:b8:
b4:8a:b2:5e:bd:25:e7:e2:49:94:08:74:84:23:d0:a8:5f:0b:
f8:35:8a:5d:9d:2b:b8:77:81:91:b5:49:8b:5e:0d:d5:55:e6:
d2:af:d5:c2:9f:f5:20:bd:31:64:ff:19:3a:8d:b9:a4:90:f0:
bb:f2:4a:92
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEaFOzq9452a2Hi/2lK6BezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODAzMjExMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjI3MDFiNWY4NzE5ZTFlNmE2ZWFjYzk3ZTFkYzFhZmUwYTQxYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqpaOzwJMYVNw1L9NgdFU5klCbWU
a1by30FqCd4jSQ7dsyovmstHwS7VeqoFSiSRlWHSJraZm+Fuas07dkdjWiA2wc+5
mK9rw2CB86XTaotS91ws6rueu8YNOtY5EvwnYDddSQ2ced0nCq1iVGEjJUERyU1f
piJtmjoyUpPoyQn+m//3Fd/hSWLey9UpRcOS/bBZ6CbgxRY7oLHr0R0UX8K9nYxI
FmooWOZxNTsqZFImGo9EA5+gP/9oaTeSckFHtXHqqnsVlfYQ19pRr9SVuB3NvABA
AQ1hkSWq7wU8AqsmIvZIxGwAeVb1rQYetNaNOJOZtZAhIyVPyLjPlJMqXQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFBsnAbX4cZ4eam6syX4dwa/gpBpvMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvR3ljQnRmaHhuaDVxYnF6SmZoM0JyLUNrR204LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAJMrgCsHldlyzyK1fKlbLEHfi
4WDMZiPQ2CRsOi/dIGZw/WWXjq5UxDqVV3yFwLkxLbR6GV3hicsQzZBF+3wFuzhU
NhEcjOrxAMcVUUjgnbD36ltg6FbUleXOkAtUvvckVEQ2ojhAmZWlnAR9/WmNBdg/
3+MB/SVkMt0qgbl/96xdw+QNIzxRtL5CKF6Wv4sZozCvjpLGASrWs+0lgxzabyXF
OFwSJ0bo72NG1EETk99HC9/GMAmlk9TsTGsM8Ef6Yu24ySC4tIqyXr0l5+JJlAh0
hCPQqF8L+DWKXZ0ruHeBkbVJi14N1VXm0q/Vwp/1IL0xZP8ZOo25pJDwu/JKkg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:33:31 2025 by rpki-client