Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KZVqqbNR4I0x2X3gqMsM3nS5CxA.roa
File: KZVqqbNR4I0x2X3gqMsM3nS5CxA.roa (raw, json)
Hash identifier: W3/zKigGBsRvTR1ynVINmjAqfSqjjGisEjicss/3bX4=
Subject key identifier: 29:95:6A:A9:B3:51:E0:8D:31:D9:7D:E0:A8:CB:0C:DE:74:B9:0B:10
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191C174FF8EF6305FE1E38B27CBC53C4FB0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KZVqqbNR4I0x2X3gqMsM3nS5CxA.roa
Signing time: Thu 05 Sep 2024 09:12:35 +0000
ROA not before: Thu 05 Sep 2024 09:12:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 05 Sep 2024 10:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c1:74:ff:8e:f6:30:5f:e1:e3:8b:27:cb:c5:3c:4f:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 5 09:12:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29956aa9b351e08d31d97de0a8cb0cde74b90b10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ca:67:80:7a:59:62:76:74:a2:4f:4f:56:dc:
fe:74:8e:d8:d7:11:e5:75:0d:00:92:83:9c:89:a7:
48:fa:dd:93:1a:ff:4e:6c:c3:2a:77:c2:8f:23:14:
e3:46:ee:80:b4:d6:1f:72:e3:ba:a6:4d:58:7e:86:
5f:78:36:cd:a6:9d:d9:4e:0e:36:b4:b6:cc:b3:9b:
c8:28:e8:0d:2a:ea:c8:53:af:06:d4:7d:7c:63:0a:
cc:a8:ff:48:c3:8b:7f:59:ef:7d:dd:0d:83:0d:13:
8f:2c:d6:e4:42:bf:4b:da:97:07:a2:dc:ca:5a:ee:
a9:52:8d:ed:42:b8:df:85:a9:b0:57:e2:32:79:82:
84:96:d4:80:c8:f1:55:43:4e:3b:09:a4:96:5d:59:
86:3b:95:8a:c8:73:00:d0:5b:68:b1:f7:21:ee:d5:
04:f2:69:2c:47:80:11:7e:f1:53:e6:6d:8c:b2:24:
05:a7:eb:62:62:e3:9a:96:25:27:0c:ea:07:91:2d:
9e:f8:07:20:9f:a5:01:2b:15:5e:50:b6:7e:c9:ae:
fd:8b:63:69:8c:17:7f:25:00:85:d4:9d:7e:4a:49:
4e:c8:8f:38:dd:5b:6f:0b:fe:4e:48:7c:35:8c:e6:
85:52:bc:35:d3:88:ee:e5:e8:de:aa:0f:1f:9c:09:
1a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:95:6A:A9:B3:51:E0:8D:31:D9:7D:E0:A8:CB:0C:DE:74:B9:0B:10
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KZVqqbNR4I0x2X3gqMsM3nS5CxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
70:36:32:02:a8:21:6b:91:98:82:30:b3:64:0a:7f:03:0e:0f:
64:53:c7:77:0a:b9:61:c0:ba:cf:fc:ef:62:0a:a2:75:92:6e:
d7:4e:08:a5:95:cd:fe:be:2e:65:01:df:cc:06:47:97:81:20:
9a:48:32:d7:81:a2:80:2b:03:7e:64:26:aa:cf:50:3c:2d:90:
46:a9:d7:e3:2b:0f:25:f5:b5:0a:dd:fb:27:e3:5a:bf:7a:fd:
6d:2b:52:d6:12:9b:63:1f:05:ec:e1:af:1e:8e:63:e2:38:cb:
e4:b2:00:d2:86:82:0b:89:c5:ba:f7:10:62:af:99:c3:51:4b:
68:0b:5e:82:64:1a:da:9b:8c:30:55:f7:36:4b:eb:4f:d0:82:
4b:d9:9e:ee:99:15:88:44:b9:15:b8:3b:02:d3:5f:e6:c8:c7:
ee:23:60:f8:1a:f7:ba:ac:50:f3:7d:71:43:bd:35:fb:77:db:
b7:a0:0f:cb:07:09:88:cd:6b:de:09:eb:d2:ab:0e:00:1b:26:
f0:44:32:47:83:86:fa:2c:c3:13:7b:91:ac:ef:0e:36:49:7a:
c0:92:15:3c:39:9a:2e:49:32:05:4b:53:22:31:2c:64:d0:74:
41:30:ca:d1:c8:f4:ce:55:1e:1a:7f:0f:36:aa:9b:c3:2b:bc:
be:87:57:33
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZHBdP+O9jBf4eOLJ8vFPE+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA1MDkxMjM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTk1NmFhOWIzNTFlMDhkMzFkOTdkZTBhOGNiMGNkZTc0YjkwYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocpngHpZYnZ0ok9PVtz+dI7Y1xHl
dQ0AkoOciadI+t2TGv9ObMMqd8KPIxTjRu6AtNYfcuO6pk1YfoZfeDbNpp3ZTg42
tLbMs5vIKOgNKurIU68G1H18YwrMqP9Iw4t/We993Q2DDROPLNbkQr9L2pcHotzK
Wu6pUo3tQrjfhamwV+IyeYKEltSAyPFVQ047CaSWXVmGO5WKyHMA0Ftosfch7tUE
8mksR4ARfvFT5m2MsiQFp+tiYuOaliUnDOoHkS2e+Acgn6UBKxVeULZ+ya79i2Np
jBd/JQCF1J1+SklOyI843VtvC/5OSHw1jOaFUrw104ju5ejeqg8fnAkaOQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCmVaqmzUeCNMdl94KjLDN50uQsQMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvS1pWcXFiTlI0STB4MlgzZ3FNc00zblM1Q3hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAcDYyAqgha5GYgjCzZAp/Aw4P
ZFPHdwq5YcC6z/zvYgqidZJu104IpZXN/r4uZQHfzAZHl4Egmkgy14GigCsDfmQm
qs9QPC2QRqnX4ysPJfW1Ct37J+Nav3r9bStS1hKbYx8F7OGvHo5j4jjL5LIA0oaC
C4nFuvcQYq+Zw1FLaAtegmQa2puMMFX3NkvrT9CCS9me7pkViES5Fbg7AtNf5sjH
7iNg+Br3uqxQ831xQ701+3fbt6APywcJiM1r3gnr0qsOABsm8EQyR4OG+izDE3uR
rO8ONkl6wJIVPDmaLkkyBUtTIjEsZNB0QTDK0cj0zlUeGn8PNqqbwyu8vodXMw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:14 2025 by rpki-client