Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/LhHKh15Gzo8Ct2kkYrO6UdsTQoQ.roa
File: LhHKh15Gzo8Ct2kkYrO6UdsTQoQ.roa (raw, json)
Hash identifier: 4m5wU9XYizRZhfSFRBsu2nnF63mGy61AmHFPRuWSz6M=
Subject key identifier: 2E:11:CA:87:5E:46:CE:8F:02:B7:69:24:62:B3:BA:51:DB:13:42:84
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01913D0F16301A121BC16D0471F9DCF24D3B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/LhHKh15Gzo8Ct2kkYrO6UdsTQoQ.roa
Signing time: Sat 10 Aug 2024 16:11:24 +0000
ROA not before: Sat 10 Aug 2024 16:11:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 10 Aug 2024 17:04:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3d:0f:16:30:1a:12:1b:c1:6d:04:71:f9:dc:f2:4d:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 10 16:11:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e11ca875e46ce8f02b7692462b3ba51db134284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:de:fa:25:a9:d8:97:af:ff:27:8a:bc:1f:be:
0f:65:79:73:5e:b1:c4:b1:f8:d3:74:a8:bf:f2:6d:
82:86:9f:55:1e:cd:0b:1d:d6:d1:06:7f:21:72:6c:
52:ea:86:e7:70:c6:fe:02:4f:d3:86:1f:5b:d3:2f:
af:c4:67:8a:c0:ae:e7:7c:d4:87:22:b4:7a:a6:3f:
fd:ab:b6:dc:5f:3c:36:f6:1c:1a:45:80:d0:aa:df:
2d:6e:80:c9:33:55:af:47:f6:be:8a:59:59:0f:6b:
9e:e5:06:71:78:ac:2c:a6:18:6b:1f:87:b8:32:6f:
11:fa:6e:bb:17:d7:75:8d:01:dd:ba:22:7e:ba:ef:
07:fd:c8:76:9c:7b:e5:22:13:fc:27:d7:2b:e1:4a:
42:0e:91:30:25:28:cf:35:66:30:49:d3:7d:57:bb:
e8:8a:69:1e:df:b2:29:61:83:06:ee:38:80:8b:5e:
a0:c4:7f:d6:56:ac:b5:33:9d:de:10:ec:f1:40:09:
bc:5f:7e:12:ba:7f:90:be:85:6e:1f:13:f4:d6:2f:
ae:c2:b8:0f:38:01:42:cc:fb:9a:7a:4b:6b:aa:80:
7f:f2:ff:4d:d7:79:44:6d:38:a8:1e:0b:66:9a:20:
5a:e0:eb:85:f2:86:6f:81:94:e5:a1:b3:43:1a:31:
b3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:11:CA:87:5E:46:CE:8F:02:B7:69:24:62:B3:BA:51:DB:13:42:84
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/LhHKh15Gzo8Ct2kkYrO6UdsTQoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
53:15:c1:44:24:8b:98:99:14:d2:32:c0:54:57:f7:5a:39:ac:
17:6a:5e:a2:8a:47:e7:5f:61:38:4e:a9:c6:1e:bc:52:a9:8e:
9c:e2:3e:38:42:a5:2a:df:ac:20:24:cc:4c:bb:79:b8:75:02:
5c:d9:24:d8:55:72:fb:e7:2d:ed:c6:54:72:cb:b3:6d:70:e9:
a5:79:20:d7:cf:49:1e:55:ca:b0:e3:1b:cb:27:1c:37:1c:3a:
6a:37:ae:7d:5d:2f:d0:a1:83:12:c2:bd:a1:29:6e:85:a7:5c:
be:4e:1e:d5:4a:0b:d0:24:8c:91:a9:8f:ec:ba:0f:23:81:32:
45:0d:2d:ba:df:af:c4:36:b1:71:23:f1:a1:2e:ea:bb:8b:2f:
c4:7f:ed:c2:d8:af:99:42:4f:6c:e2:15:80:6a:d8:08:7e:e4:
e8:9e:14:0e:52:61:95:23:f3:73:98:0f:99:d9:03:e0:b4:3a:
f5:48:8b:b5:9c:3e:d3:5d:b7:62:53:90:42:09:dc:41:3b:82:
26:84:65:a6:ac:0c:33:02:5d:84:c7:30:75:8a:33:83:88:3f:
2d:fb:6e:84:fb:f6:e4:32:5d:89:b1:fc:9e:2f:f3:64:a4:a5:
56:04:ef:a2:d7:46:2f:b6:c9:fd:d9:c0:66:13:fb:f8:3c:45:
61:49:2e:93
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZE9DxYwGhIbwW0Ecfnc8k07MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODEwMTYxMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTExY2E4NzVlNDZjZThmMDJiNzY5MjQ2MmIzYmE1MWRiMTM0Mjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqd76JanYl6//J4q8H74PZXlzXrHE
sfjTdKi/8m2Chp9VHs0LHdbRBn8hcmxS6obncMb+Ak/Thh9b0y+vxGeKwK7nfNSH
IrR6pj/9q7bcXzw29hwaRYDQqt8tboDJM1WvR/a+illZD2ue5QZxeKwsphhrH4e4
Mm8R+m67F9d1jQHduiJ+uu8H/ch2nHvlIhP8J9cr4UpCDpEwJSjPNWYwSdN9V7vo
imke37IpYYMG7jiAi16gxH/WVqy1M53eEOzxQAm8X34Sun+QvoVuHxP01i+uwrgP
OAFCzPuaektrqoB/8v9N13lEbTioHgtmmiBa4OuF8oZvgZTlobNDGjGzOQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFC4RyodeRs6PArdpJGKzulHbE0KEMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTGhIS2gxNUd6bzhDdDJra1lyTzZVZHNUUW9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAUxXBRCSLmJkU0jLAVFf3Wjms
F2peoopH519hOE6pxh68UqmOnOI+OEKlKt+sICTMTLt5uHUCXNkk2FVy++ct7cZU
csuzbXDppXkg189JHlXKsOMbyyccNxw6ajeufV0v0KGDEsK9oSluhadcvk4e1UoL
0CSMkamP7LoPI4EyRQ0tut+vxDaxcSPxoS7qu4svxH/twtivmUJPbOIVgGrYCH7k
6J4UDlJhlSPzc5gPmdkD4LQ69UiLtZw+0123YlOQQgncQTuCJoRlpqwMMwJdhMcw
dYozg4g/LftuhPv25DJdibH8ni/zZKSlVgTvotdGL7bJ/dnAZhP7+DxFYUkukw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:40 2025 by rpki-client