Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/K7u6hfULhS-oZTRtO9F_A9-H_5Q.roa
File: K7u6hfULhS-oZTRtO9F_A9-H_5Q.roa (raw, json)
Hash identifier: O9mr/VjRfoxQMYCeoo3p3PeQD4W/40ApDpZqKzOWGuM=
Subject key identifier: 2B:BB:BA:85:F5:0B:85:2F:A8:65:34:6D:3B:D1:7F:03:DF:87:FF:94
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191174AD089596F9FA145FFEB2D5279433D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/K7u6hfULhS-oZTRtO9F_A9-H_5Q.roa
Signing time: Sat 03 Aug 2024 08:11:04 +0000
ROA not before: Sat 03 Aug 2024 08:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 03 Aug 2024 09:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:17:4a:d0:89:59:6f:9f:a1:45:ff:eb:2d:52:79:43:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 3 08:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bbbba85f50b852fa865346d3bd17f03df87ff94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8c:01:87:c0:c6:32:fd:29:12:19:42:4a:95:
02:99:b4:f9:af:4b:7f:a1:95:c0:07:76:2e:3c:09:
18:6d:e1:79:3a:33:b9:63:e5:08:88:33:4f:f8:47:
d1:aa:d4:03:fe:04:f2:ab:f6:2a:6c:27:ce:d1:b9:
77:da:4c:43:e5:db:d8:bf:e3:2d:60:c2:94:0d:cd:
7b:ac:6f:56:24:ca:ef:9d:52:94:e6:e1:57:20:9e:
e5:28:d1:88:8d:9a:78:72:a3:13:76:e5:48:6d:3f:
05:2f:f4:78:88:94:d0:2a:ac:3a:df:6d:a1:50:c5:
63:6d:33:ca:1a:93:ee:8c:d4:28:1f:ee:c8:62:83:
63:52:c9:8d:fd:d5:52:b8:92:c7:73:de:4a:a9:72:
99:b6:0f:58:2d:9d:18:bf:03:c7:66:d2:e0:1e:39:
d1:95:11:a0:74:ce:8a:90:7a:01:7d:2b:34:7f:fa:
51:b1:7a:35:a3:fe:52:ca:ea:c8:2f:c6:2b:89:79:
45:44:db:43:e0:28:67:75:1a:b5:41:ef:ea:97:61:
ef:ef:f7:c9:85:34:66:3c:8f:f2:01:c8:c2:d8:ba:
cf:9e:8c:6c:a4:80:db:0a:f2:20:23:86:a5:2f:82:
ea:68:bd:e5:66:c5:67:ae:20:0d:88:94:b3:e2:a6:
e4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:BB:BA:85:F5:0B:85:2F:A8:65:34:6D:3B:D1:7F:03:DF:87:FF:94
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/K7u6hfULhS-oZTRtO9F_A9-H_5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
57:b4:e0:19:d8:f1:17:65:ca:be:bf:73:02:07:16:5c:c1:1f:
db:73:cf:03:67:d8:98:1a:79:4a:a9:5f:5d:33:86:b7:39:f8:
d3:44:2a:a8:65:38:24:b2:ba:47:00:7f:c4:e5:cf:16:6c:ea:
9f:08:96:93:3d:8a:ab:4a:e1:60:45:5f:1d:95:5f:f4:64:7e:
f0:ac:09:d7:f2:09:4a:61:29:bc:19:69:69:61:16:27:9b:92:
c2:c7:f5:8a:60:32:15:06:bb:e2:8c:46:76:b0:a4:d0:e5:37:
0e:07:2e:8d:c5:5d:7f:78:cf:a7:7e:49:18:6d:b2:54:3f:5a:
b5:2c:e1:ff:ca:72:65:a6:0a:77:a1:a9:cb:aa:b5:36:ea:b2:
66:c7:34:01:f3:8a:c6:2d:9d:e0:f3:c6:da:d9:97:70:72:4c:
4f:81:d4:2d:c0:14:bd:cf:e3:2a:d2:c6:7f:56:fa:f4:bc:67:
24:62:0c:d8:55:ec:67:14:12:ba:9a:39:49:b2:82:1f:f7:b7:
a7:6c:12:6c:6e:39:54:11:59:f9:72:7e:c1:0b:01:2d:41:22:
f5:85:32:79:a5:78:43:08:15:6c:2d:8a:49:9a:d0:c5:24:e5:
8b:d7:ed:7d:43:4f:d1:e6:cd:a8:c8:39:55:cd:16:bf:e3:94:
ff:f0:be:a2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEXStCJWW+foUX/6y1SeUM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODAzMDgxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmJiYmE4NWY1MGI4NTJmYTg2NTM0NmQzYmQxN2YwM2RmODdmZjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIwBh8DGMv0pEhlCSpUCmbT5r0t/
oZXAB3YuPAkYbeF5OjO5Y+UIiDNP+EfRqtQD/gTyq/YqbCfO0bl32kxD5dvYv+Mt
YMKUDc17rG9WJMrvnVKU5uFXIJ7lKNGIjZp4cqMTduVIbT8FL/R4iJTQKqw6322h
UMVjbTPKGpPujNQoH+7IYoNjUsmN/dVSuJLHc95KqXKZtg9YLZ0YvwPHZtLgHjnR
lRGgdM6KkHoBfSs0f/pRsXo1o/5SyurIL8YriXlFRNtD4ChndRq1Qe/ql2Hv7/fJ
hTRmPI/yAcjC2LrPnoxspIDbCvIgI4alL4LqaL3lZsVnriANiJSz4qbkdQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCu7uoX1C4UvqGU0bTvRfwPfh/+UMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSzd1NmhmVUxoUy1vWlRSdE85Rl9BOS1IXzVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAV7TgGdjxF2XKvr9zAgcWXMEf
23PPA2fYmBp5SqlfXTOGtzn400QqqGU4JLK6RwB/xOXPFmzqnwiWkz2Kq0rhYEVf
HZVf9GR+8KwJ1/IJSmEpvBlpaWEWJ5uSwsf1imAyFQa74oxGdrCk0OU3DgcujcVd
f3jPp35JGG2yVD9atSzh/8pyZaYKd6Gpy6q1NuqyZsc0AfOKxi2d4PPG2tmXcHJM
T4HULcAUvc/jKtLGf1b69LxnJGIM2FXsZxQSupo5SbKCH/e3p2wSbG45VBFZ+XJ+
wQsBLUEi9YUyeaV4QwgVbC2KSZrQxSTli9ftfUNP0ebNqMg5Vc0Wv+OU//C+og==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:47:08 2025 by rpki-client