Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IcV0ict6OwvDfSFXYKy-XgImXxw.roa
File: IcV0ict6OwvDfSFXYKy-XgImXxw.roa (raw, json)
Hash identifier: ud9KLzooX7VfxzO5Syhdasc/i6UNQkowPR2lsnQXQ6s=
Subject key identifier: 21:C5:74:89:CB:7A:3B:0B:C3:7D:21:57:60:AC:BE:5E:02:26:5F:1C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01913AB2D6AFD9AFA4CA83595379BEEB5CC5
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IcV0ict6OwvDfSFXYKy-XgImXxw.roa
Signing time: Sat 10 Aug 2024 05:11:24 +0000
ROA not before: Sat 10 Aug 2024 05:11:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 10 Aug 2024 06:05:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3a:b2:d6:af:d9:af:a4:ca:83:59:53:79:be:eb:5c:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 10 05:11:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21c57489cb7a3b0bc37d215760acbe5e02265f1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:37:22:a0:af:e3:d7:17:c8:d3:9b:19:dd:2e:
94:27:8d:44:f1:e4:4f:d5:2e:7e:53:47:4f:23:77:
54:4e:51:31:a8:42:ed:9f:19:20:1c:c7:ba:6c:ac:
c3:f0:db:07:99:fe:8f:0c:73:bb:9f:11:e7:53:1d:
6c:44:be:01:4c:24:42:c6:fd:53:52:88:21:79:60:
25:55:50:d1:9b:f7:9d:9d:36:c0:d7:87:92:1d:a2:
10:3a:99:36:cd:b9:da:be:73:3c:dc:1a:31:2e:20:
3b:fd:9c:a9:83:dd:65:db:8e:15:7d:e0:19:6c:eb:
0c:20:25:2c:d6:74:4c:91:1c:1c:fd:eb:93:e7:0b:
f4:b2:48:b9:f0:71:70:4e:13:fe:86:c3:bc:6d:de:
c1:19:14:e1:4b:6f:d5:cb:87:33:c2:91:22:9d:96:
5b:f0:fb:1c:1e:a9:81:7c:bc:d3:16:52:1c:30:ff:
0b:08:76:65:00:f3:1a:05:d1:35:ad:35:cc:1b:aa:
68:04:67:3b:f5:51:2d:ad:3f:43:a7:5e:03:d4:e7:
77:a9:a7:55:a7:cd:3c:f0:fa:d7:d0:ca:e8:86:ca:
6d:16:2d:0f:63:3e:8f:b9:78:71:4d:26:0a:fc:35:
ab:34:0b:3c:0d:a3:c2:85:42:ba:ba:41:51:6e:4d:
34:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:C5:74:89:CB:7A:3B:0B:C3:7D:21:57:60:AC:BE:5E:02:26:5F:1C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IcV0ict6OwvDfSFXYKy-XgImXxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
3b:59:62:1e:dd:e7:b9:1c:7d:a1:ee:3f:9e:d4:07:11:a5:f8:
34:e3:95:54:ed:12:4b:35:69:66:47:27:e6:d2:7f:f4:9f:04:
6d:44:e6:5c:c4:e3:eb:bf:a7:8c:65:47:e8:3e:11:13:51:b8:
57:2c:62:fb:62:6d:3a:e6:a4:8a:cd:0f:97:93:8b:0c:28:61:
2e:04:38:21:79:20:ba:f1:7e:31:6f:6f:42:8b:0a:1b:eb:6d:
15:72:05:d2:0a:49:20:8c:97:25:4a:99:e9:46:2a:2f:04:f3:
84:3a:18:04:82:33:63:3d:dd:10:11:ff:fd:bf:ad:b3:54:db:
e0:9e:ea:88:dd:2d:76:db:79:d4:93:a2:31:58:fb:f8:24:6e:
db:8a:5e:24:a1:13:b6:53:c6:f7:4d:cc:1e:b2:a6:34:d8:2b:
10:dc:19:33:c4:43:0c:d6:60:3f:98:93:b3:04:79:6b:f5:c6:
d0:9a:04:7e:b0:77:dd:f9:22:e3:c4:43:17:b3:3c:a9:1e:4d:
af:f1:aa:76:fe:fd:67:60:a0:0a:0e:ad:40:4e:3b:e2:ba:60:
21:c5:a3:57:63:0c:be:c8:b1:25:19:55:54:a0:52:d7:c2:50:
af:83:a3:bc:68:10:6c:4a:f6:e1:06:30:72:d2:e3:81:c3:52:
8d:6a:dd:fa
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZE6stav2a+kyoNZU3m+61zFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODEwMDUxMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWM1NzQ4OWNiN2EzYjBiYzM3ZDIxNTc2MGFjYmU1ZTAyMjY1ZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzcioK/j1xfI05sZ3S6UJ41E8eRP
1S5+U0dPI3dUTlExqELtnxkgHMe6bKzD8NsHmf6PDHO7nxHnUx1sRL4BTCRCxv1T
UogheWAlVVDRm/ednTbA14eSHaIQOpk2zbnavnM83BoxLiA7/Zypg91l244VfeAZ
bOsMICUs1nRMkRwc/euT5wv0ski58HFwThP+hsO8bd7BGRThS2/Vy4czwpEinZZb
8PscHqmBfLzTFlIcMP8LCHZlAPMaBdE1rTXMG6poBGc79VEtrT9Dp14D1Od3qadV
p8088PrX0MrohsptFi0PYz6PuXhxTSYK/DWrNAs8DaPChUK6ukFRbk005wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCHFdInLejsLw30hV2Csvl4CJl8cMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSWNWMGljdDZPd3ZEZlNGWFlLeS1YZ0ltWHh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAO1liHt3nuRx9oe4/ntQHEaX4
NOOVVO0SSzVpZkcn5tJ/9J8EbUTmXMTj67+njGVH6D4RE1G4Vyxi+2JtOuakis0P
l5OLDChhLgQ4IXkguvF+MW9vQosKG+ttFXIF0gpJIIyXJUqZ6UYqLwTzhDoYBIIz
Yz3dEBH//b+ts1Tb4J7qiN0tdtt51JOiMVj7+CRu24peJKETtlPG903MHrKmNNgr
ENwZM8RDDNZgP5iTswR5a/XG0JoEfrB33fki48RDF7M8qR5Nr/Gqdv79Z2CgCg6t
QE474rpgIcWjV2MMvsixJRlVVKBS18JQr4OjvGgQbEr24QYwctLjgcNSjWrd+g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:21:55 2025 by rpki-client