Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/JV1CrKehAOrHYPn_oXq7-dxHjZc.roa
File: JV1CrKehAOrHYPn_oXq7-dxHjZc.roa (raw, json)
Hash identifier: t+Hynk9c4TAM21Sf3TpPSruk3eWkjcP17+PaoFMZ4Io=
Subject key identifier: 25:5D:42:AC:A7:A1:00:EA:C7:60:F9:FF:A1:7A:BB:F9:DC:47:8D:97
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191E0FE5128B9A78CF3CD5E4774B79154D6
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/JV1CrKehAOrHYPn_oXq7-dxHjZc.roa
Signing time: Wed 11 Sep 2024 12:10:48 +0000
ROA not before: Wed 11 Sep 2024 12:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 11 Sep 2024 13:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e0:fe:51:28:b9:a7:8c:f3:cd:5e:47:74:b7:91:54:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 11 12:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=255d42aca7a100eac760f9ffa17abbf9dc478d97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e9:41:70:53:ad:1f:f0:f8:5d:e4:0b:2a:ea:
51:f6:ea:1a:3c:4a:cc:a0:9f:0b:80:11:7a:5c:aa:
6a:68:9b:76:0e:fa:de:af:8f:da:50:2d:36:b0:8d:
85:db:6e:39:0d:bc:3a:d9:3b:4f:fd:35:c3:93:dc:
62:e3:d5:69:a7:c9:ed:43:59:d8:de:34:38:df:25:
2e:08:20:61:95:83:5b:05:94:81:45:63:0b:78:25:
18:92:b1:d1:2f:a7:30:61:22:9b:22:93:67:ef:67:
1a:20:da:27:c2:07:f4:d9:0a:43:4c:dc:f6:e2:27:
56:8e:c4:36:25:55:8f:80:65:35:62:74:5f:83:ae:
e6:d3:ef:df:83:45:2e:ba:89:85:6d:23:7d:dc:69:
e7:ee:a0:64:da:c3:0f:ee:31:89:9b:ad:b0:d4:1a:
13:73:e8:aa:a3:13:fc:a6:14:8e:e9:51:3d:b0:a7:
11:94:e2:27:06:66:2a:c4:8f:63:fc:c5:0c:da:44:
ad:3e:74:14:21:df:9b:7d:8d:73:8d:60:c4:57:1d:
f0:b7:1c:8b:2c:cf:b0:79:0c:a6:94:73:b6:58:5e:
cc:53:04:83:0c:1a:bd:db:c4:e8:5c:9b:e4:9e:77:
ad:5c:df:55:26:c7:9e:d2:33:97:74:a2:3c:1f:61:
fa:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:5D:42:AC:A7:A1:00:EA:C7:60:F9:FF:A1:7A:BB:F9:DC:47:8D:97
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/JV1CrKehAOrHYPn_oXq7-dxHjZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
7d:38:b3:d0:b0:4b:73:6f:9d:13:43:c6:f0:5a:a3:fa:61:cb:
48:a5:c2:d9:1f:5f:f6:47:3e:0c:77:03:9e:b0:6e:76:18:2e:
8d:f4:b8:4f:f0:86:1f:03:9c:e2:e4:13:d4:84:a5:61:d9:c4:
0d:3d:10:e0:f9:9c:6b:c7:f1:e8:79:91:75:f5:61:79:02:11:
71:20:0f:eb:60:7e:93:cf:11:80:a2:af:04:1c:00:f1:2e:be:
48:80:a6:98:04:b8:42:9f:c1:57:32:d3:52:a4:c5:c8:7e:59:
07:8d:a7:89:d4:b8:c6:83:a3:c7:1f:94:0f:52:9a:37:97:ca:
86:e9:d2:6c:80:db:2e:fd:39:07:d1:1a:3c:70:0f:51:39:44:
29:33:df:96:29:18:24:a5:b7:77:30:dd:3c:3d:c8:1f:89:1b:
3b:a6:93:6e:3f:94:27:e9:91:b8:1f:f2:e2:8f:0a:85:a7:e7:
e9:cc:95:72:f1:ef:79:b0:57:43:a7:53:1d:6a:4c:9c:8f:7c:
29:68:dd:fa:55:ac:bb:f3:57:f6:7b:65:c1:37:b5:b0:b9:48:
6b:1f:a2:da:03:17:55:05:fb:10:0d:38:e0:21:e5:62:f3:e0:
95:56:e8:1e:31:66:bd:07:96:fa:71:bf:6a:55:3c:b6:f5:54:
c5:b0:56:59
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHg/lEouaeM881eR3S3kVTWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTExMTIxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTVkNDJhY2E3YTEwMGVhYzc2MGY5ZmZhMTdhYmJmOWRjNDc4ZDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+lBcFOtH/D4XeQLKupR9uoaPErM
oJ8LgBF6XKpqaJt2Dvrer4/aUC02sI2F2245Dbw62TtP/TXDk9xi49Vpp8ntQ1nY
3jQ43yUuCCBhlYNbBZSBRWMLeCUYkrHRL6cwYSKbIpNn72caINonwgf02QpDTNz2
4idWjsQ2JVWPgGU1YnRfg67m0+/fg0UuuomFbSN93Gnn7qBk2sMP7jGJm62w1BoT
c+iqoxP8phSO6VE9sKcRlOInBmYqxI9j/MUM2kStPnQUId+bfY1zjWDEVx3wtxyL
LM+weQymlHO2WF7MUwSDDBq928ToXJvknnetXN9VJsee0jOXdKI8H2H62wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFCVdQqynoQDqx2D5/6F6u/ncR42XMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSlYxQ3JLZWhBT3JIWVBuX29YcTctZHhIalpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wDEQAgAQZ8AGT//wAAAZHYLDcb
MA0GCSqGSIb3DQEBCwUAA4IBAQB9OLPQsEtzb50TQ8bwWqP6YctIpcLZH1/2Rz4M
dwOesG52GC6N9LhP8IYfA5zi5BPUhKVh2cQNPRDg+Zxrx/HoeZF19WF5AhFxIA/r
YH6TzxGAoq8EHADxLr5IgKaYBLhCn8FXMtNSpMXIflkHjaeJ1LjGg6PHH5QPUpo3
l8qG6dJsgNsu/TkH0Ro8cA9ROUQpM9+WKRgkpbd3MN08PcgfiRs7ppNuP5Qn6ZG4
H/LijwqFp+fpzJVy8e95sFdDp1Mdakycj3wpaN36Vay781f2e2XBN7WwuUhrH6La
AxdVBfsQDTjgIeVi8+CVVugeMWa9B5b6cb9qVTy29VTFsFZZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:11 2025 by rpki-client