Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KKnWRJVYKm1IEy6o6EN4Y0k2xRI.roa
File: KKnWRJVYKm1IEy6o6EN4Y0k2xRI.roa (raw, json)
Hash identifier: 3uqxFHVuGk2wqz4EVHLVnFFVv4qFxnr3AfYDOcB+B/k=
Subject key identifier: 28:A9:D6:44:95:58:2A:6D:48:13:2E:A8:E8:43:78:63:49:36:C5:12
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191D90DD84A142E8F7AC164FC241F57F2A3
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KKnWRJVYKm1IEy6o6EN4Y0k2xRI.roa
Signing time: Mon 09 Sep 2024 23:10:48 +0000
ROA not before: Mon 09 Sep 2024 23:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 10 Sep 2024 00:04:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d9:0d:d8:4a:14:2e:8f:7a:c1:64:fc:24:1f:57:f2:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 9 23:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28a9d64495582a6d48132ea8e84378634936c512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1e:4f:1d:fc:40:49:86:a8:29:ca:f3:7b:0c:
89:b4:65:93:72:ee:e7:9f:1d:17:af:5e:98:ed:55:
bf:7d:b0:24:8a:7b:d0:b3:a4:bb:fa:ca:41:d6:96:
cf:ef:10:73:bb:a1:49:0a:0b:50:10:41:20:b1:f8:
62:64:e8:95:8c:d7:b0:68:f2:d4:de:c4:36:c9:7f:
37:db:54:da:7a:e5:3d:5a:30:af:6d:b9:fe:d3:b5:
0d:4b:ec:f8:12:cb:e2:57:1a:f3:1f:99:bd:f1:e9:
58:40:3b:87:c3:bc:b1:2c:ad:c1:ee:4e:71:47:00:
42:c6:db:e6:b9:5a:aa:4e:ed:07:a4:23:e1:6d:2c:
69:10:57:75:03:bf:c8:2e:05:ba:7a:79:11:bb:d7:
6f:a8:18:47:f6:27:5b:9b:b9:ce:cd:8d:e5:43:a4:
f8:33:ab:fc:18:f5:d3:bc:ba:ab:da:f2:84:27:f4:
e1:f2:b6:4d:0e:d3:82:d1:f8:eb:bf:2c:85:55:3c:
d6:a9:df:1a:fa:f3:e2:08:b3:e5:51:34:6c:30:eb:
72:71:9d:c6:d5:e6:a4:cc:40:6a:79:a9:3d:fc:a0:
2f:63:4c:d6:40:d6:c6:5e:a2:7f:fa:34:e4:78:49:
a3:ef:a9:e7:4f:0b:30:8c:bf:80:46:b5:5b:29:7b:
35:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A9:D6:44:95:58:2A:6D:48:13:2E:A8:E8:43:78:63:49:36:C5:12
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KKnWRJVYKm1IEy6o6EN4Y0k2xRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
41:13:93:36:66:44:19:06:06:54:2b:57:16:b7:64:2c:55:46:
f9:a8:cf:66:aa:ac:ce:7b:7d:5b:27:a8:65:31:ea:6d:da:ba:
3d:d2:46:8d:40:f4:13:73:23:9e:76:dc:f2:34:6c:af:8d:4b:
c6:73:93:4f:90:8a:6d:62:63:38:14:53:be:34:31:ee:cd:3f:
d5:bc:de:44:b4:4b:b9:12:d9:a8:70:f3:da:ed:c3:0c:28:8c:
7a:99:d9:76:3d:07:7b:bd:58:45:6d:bd:39:48:da:7d:8e:20:
67:86:a3:0b:cf:14:54:d8:ff:ec:31:f0:81:28:55:a7:b0:cc:
17:37:fb:c3:97:30:b8:ee:16:d8:d8:9b:f1:9b:84:b6:22:db:
e8:07:46:2c:fd:06:56:7e:4a:45:c8:fd:2a:f1:b5:13:3d:9d:
54:1d:0f:67:fd:5a:53:06:51:3b:e6:5f:63:5a:9f:ce:8c:0d:
4b:3d:fd:89:f0:b4:b7:4e:c9:23:1c:1e:3d:67:f6:7a:8d:bb:
52:e7:94:69:44:71:e1:9c:2a:6b:70:1b:eb:11:99:5d:1c:a6:
6f:c6:e3:da:81:23:c9:d8:56:b4:a8:b1:90:d0:d0:3c:43:c2:
79:23:f6:65:38:74:49:e3:2a:c6:aa:77:bc:b9:e6:44:63:c8:
be:e5:eb:a9
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHZDdhKFC6PesFk/CQfV/KjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA5MjMxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGE5ZDY0NDk1NTgyYTZkNDgxMzJlYThlODQzNzg2MzQ5MzZjNTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph5PHfxASYaoKcrzewyJtGWTcu7n
nx0Xr16Y7VW/fbAkinvQs6S7+spB1pbP7xBzu6FJCgtQEEEgsfhiZOiVjNewaPLU
3sQ2yX8321TaeuU9WjCvbbn+07UNS+z4EsviVxrzH5m98elYQDuHw7yxLK3B7k5x
RwBCxtvmuVqqTu0HpCPhbSxpEFd1A7/ILgW6enkRu9dvqBhH9idbm7nOzY3lQ6T4
M6v8GPXTvLqr2vKEJ/Th8rZNDtOC0fjrvyyFVTzWqd8a+vPiCLPlUTRsMOtycZ3G
1eakzEBqeak9/KAvY0zWQNbGXqJ/+jTkeEmj76nnTwswjL+ARrVbKXs1TwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFCip1kSVWCptSBMuqOhDeGNJNsUSMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvS0tuV1JKVllLbTFJRXk2bzZFTjRZMGsyeFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wDEQAgAQZ8AGT//wAAAZHYLDcb
MA0GCSqGSIb3DQEBCwUAA4IBAQBBE5M2ZkQZBgZUK1cWt2QsVUb5qM9mqqzOe31b
J6hlMept2ro90kaNQPQTcyOedtzyNGyvjUvGc5NPkIptYmM4FFO+NDHuzT/VvN5E
tEu5EtmocPPa7cMMKIx6mdl2PQd7vVhFbb05SNp9jiBnhqMLzxRU2P/sMfCBKFWn
sMwXN/vDlzC47hbY2Jvxm4S2ItvoB0Ys/QZWfkpFyP0q8bUTPZ1UHQ9n/VpTBlE7
5l9jWp/OjA1LPf2J8LS3TskjHB49Z/Z6jbtS55RpRHHhnCprcBvrEZldHKZvxuPa
gSPJ2Fa0qLGQ0NA8Q8J5I/ZlOHRJ4yrGqne8ueZEY8i+5eup
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:43:25 2025 by rpki-client