Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KhXCepDohfK-Ep-okWlbI1Fb1c4.roa
File: KhXCepDohfK-Ep-okWlbI1Fb1c4.roa (raw, json)
Hash identifier: 8cWVzog+I48EkFBzl7Y+jGdjnas9uNIzWjkvn5TQUtc=
Subject key identifier: 2A:15:C2:7A:90:E8:85:F2:BE:12:9F:A8:91:69:5B:23:51:5B:D5:CE
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0192139D0F5620E163EC4E12A1EE8FF5F430
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KhXCepDohfK-Ep-okWlbI1Fb1c4.roa
Signing time: Sat 21 Sep 2024 08:05:13 +0000
ROA not before: Sat 21 Sep 2024 08:05:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:192:139c:eee/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 21 Sep 2024 08:11:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:13:9d:0f:56:20:e1:63:ec:4e:12:a1:ee:8f:f5:f4:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 21 08:05:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a15c27a90e885f2be129fa891695b23515bd5ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f0:d8:3a:b7:50:54:03:63:de:ff:9f:f2:bc:
6e:fd:e6:01:51:98:07:de:79:8a:28:b4:a2:8b:16:
6e:94:50:5e:b1:15:d6:e0:b7:04:c5:84:8a:fb:81:
fc:1b:2c:ce:ac:b1:83:7f:c4:87:0d:3b:1d:17:ce:
f6:61:1f:73:30:ae:04:f2:4b:85:06:20:d8:89:39:
16:f8:48:e4:05:d6:ef:6c:0e:e2:3b:e8:b9:26:d8:
31:e4:b3:71:ef:55:eb:df:a4:ed:0b:e6:5d:d4:15:
ef:7f:c3:26:5a:fc:44:f4:5a:3b:e5:d7:1e:db:5b:
33:ef:92:0a:1c:b7:68:b5:b0:0c:12:27:90:de:fd:
1c:57:38:94:45:6d:29:ad:d0:56:37:84:bb:0a:5e:
78:59:e0:27:e6:a7:36:88:cd:76:53:c7:ee:97:20:
2b:3b:13:9f:c8:cd:b6:39:3c:ff:33:2a:a1:37:3b:
bf:bf:81:f0:c7:60:66:11:0f:55:ba:65:3a:7d:a4:
4f:db:c2:31:ef:7e:0d:9c:71:dd:ba:20:5d:86:e6:
09:68:ea:6a:35:9b:e8:22:f5:7a:11:f6:2e:27:78:
4a:aa:77:eb:5e:9f:49:91:2f:26:4e:87:a9:92:88:
6e:62:20:e5:f1:63:d4:26:b9:c1:c8:4d:50:17:45:
63:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:15:C2:7A:90:E8:85:F2:BE:12:9F:A8:91:69:5B:23:51:5B:D5:CE
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KhXCepDohfK-Ep-okWlbI1Fb1c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:192:139c:eee/128
Signature Algorithm: sha256WithRSAEncryption
12:d6:f6:6f:f1:d3:fd:d2:0e:84:2a:6e:b3:4a:a1:c8:40:17:
9c:5e:35:06:d4:cf:6e:8e:93:94:c1:76:bf:fa:b9:95:a0:69:
da:5f:bb:a2:fb:20:9a:49:89:9c:85:da:1b:0e:55:da:a9:63:
46:38:c6:00:9f:cd:30:66:7b:3a:5d:7f:27:a5:c1:d9:10:5a:
2b:36:78:35:dd:b6:0c:46:a6:77:51:e7:63:71:fd:4a:09:2b:
ed:9f:8b:ca:56:28:a9:7c:d7:16:e1:4a:8e:3e:14:ca:5e:83:
82:a7:df:45:bb:6f:e3:84:52:0f:4a:be:12:02:e9:9a:88:90:
32:df:81:cf:6d:00:bf:bf:33:e7:86:e9:fd:79:1d:93:d2:6d:
f4:98:1c:18:03:52:ae:5d:58:27:c5:4c:d5:7b:c1:e5:e3:ec:
4b:e1:df:73:7a:d5:ba:16:e4:8c:22:8f:0f:1a:cd:81:ca:14:
45:ca:40:71:45:87:87:9e:51:35:b5:76:14:27:c5:2e:69:24:
00:5d:f6:62:1a:9f:34:9a:70:ef:fa:f5:78:90:05:70:18:32:
62:e3:43:73:90:fc:a5:a4:3e:2c:d9:bf:44:90:dd:9f:be:e3:
0f:fd:43:6c:e7:d8:8c:84:20:e9:9a:2c:8c:bb:19:e5:bf:23:
0a:0d:b7:7f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZITnQ9WIOFj7E4Soe6P9fQwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTIxMDgwNTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTE1YzI3YTkwZTg4NWYyYmUxMjlmYTg5MTY5NWIyMzUxNWJkNWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/DYOrdQVANj3v+f8rxu/eYBUZgH
3nmKKLSiixZulFBesRXW4LcExYSK+4H8GyzOrLGDf8SHDTsdF872YR9zMK4E8kuF
BiDYiTkW+EjkBdbvbA7iO+i5Jtgx5LNx71Xr36TtC+Zd1BXvf8MmWvxE9Fo75dce
21sz75IKHLdotbAMEieQ3v0cVziURW0prdBWN4S7Cl54WeAn5qc2iM12U8fulyAr
OxOfyM22OTz/MyqhNzu/v4Hwx2BmEQ9VumU6faRP28Ix734NnHHduiBdhuYJaOpq
NZvoIvV6EfYuJ3hKqnfrXp9JkS8mToepkohuYiDl8WPUJrnByE1QF0VjNQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCoVwnqQ6IXyvhKfqJFpWyNRW9XOMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvS2hYQ2VwRG9oZkstRXAtb2tXbGJJMUZiMWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGSE5wO7jANBgkqhkiG9w0BAQsFAAOCAQEAEtb2b/HT/dIOhCpus0qhyEAX
nF41BtTPbo6TlMF2v/q5laBp2l+7ovsgmkmJnIXaGw5V2qljRjjGAJ/NMGZ7Ol1/
J6XB2RBaKzZ4Nd22DEamd1HnY3H9Sgkr7Z+LylYoqXzXFuFKjj4Uyl6DgqffRbtv
44RSD0q+EgLpmoiQMt+Bz20Av78z54bp/Xkdk9Jt9JgcGANSrl1YJ8VM1XvB5ePs
S+Hfc3rVuhbkjCKPDxrNgcoURcpAcUWHh55RNbV2FCfFLmkkAF32YhqfNJpw7/r1
eJAFcBgyYuNDc5D8paQ+LNm/RJDdn77jD/1DbOfYjIQg6ZosjLsZ5b8jCg23fw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:54 2025 by rpki-client