Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/LsfAqIbUWmTn0ABvDsA08Rk_5Jc.roa
File: LsfAqIbUWmTn0ABvDsA08Rk_5Jc.roa (raw, json)
Hash identifier: nFwBcbh9h2vIy3bulMmL3x0OZzk9XC4mK/68NLplhHU=
Subject key identifier: 2E:C7:C0:A8:86:D4:5A:64:E7:D0:00:6F:0E:C0:34:F1:19:3F:E4:97
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191678C70230EFBD08469BBBD495BFBBF85
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/LsfAqIbUWmTn0ABvDsA08Rk_5Jc.roa
Signing time: Sun 18 Aug 2024 22:12:22 +0000
ROA not before: Sun 18 Aug 2024 22:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 18 Aug 2024 23:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:67:8c:70:23:0e:fb:d0:84:69:bb:bd:49:5b:fb:bf:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 18 22:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ec7c0a886d45a64e7d0006f0ec034f1193fe497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:3e:27:16:7d:cf:12:d9:3c:41:65:b2:49:80:
9f:81:44:52:ef:64:b7:c3:1f:46:8e:ca:3b:e7:0b:
07:15:25:3b:a9:02:76:bd:f6:87:d6:ec:0a:1c:e5:
c2:53:dc:27:d8:8d:63:69:11:56:f4:df:e8:88:3d:
31:c3:11:7a:c5:9f:3f:6a:b6:26:1f:32:fe:4b:df:
f8:80:00:5c:86:54:00:e0:30:03:29:6d:ec:f7:bf:
1f:4c:a1:c5:7d:20:a4:53:2b:e8:72:e3:13:de:cd:
84:c3:c1:d5:57:22:1e:25:18:26:42:1d:b4:00:bb:
d6:bc:61:f7:ea:43:71:98:9b:74:83:c5:0e:36:06:
4d:86:1a:ef:6c:ba:9a:19:1e:16:fb:d9:a5:95:7f:
11:94:db:20:b8:23:09:e7:8c:6a:a9:6b:89:c9:c5:
b2:c7:60:9a:b3:5b:8b:13:2e:4c:5b:57:43:af:03:
ea:a8:de:3f:0a:7d:54:2b:66:03:98:a3:d5:5a:d6:
c8:bf:4d:50:05:1c:f9:ec:8b:06:ae:c2:e4:af:2b:
c7:a6:64:9c:08:64:b6:8c:a2:91:61:64:3d:53:12:
92:80:73:c4:7e:ce:04:63:c5:03:ff:f4:ca:b2:1c:
af:0c:6d:24:82:98:61:2e:e9:c1:dc:6c:13:0f:4d:
31:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C7:C0:A8:86:D4:5A:64:E7:D0:00:6F:0E:C0:34:F1:19:3F:E4:97
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/LsfAqIbUWmTn0ABvDsA08Rk_5Jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
2d:f4:5d:c6:aa:f7:80:c0:fc:8f:75:c0:45:4a:f7:ad:05:dc:
40:8a:90:9b:00:69:48:e9:61:7a:93:d0:8a:92:af:fb:3e:c0:
f2:ac:ad:a2:60:da:7a:f6:d6:42:ea:17:e7:78:ae:f8:34:c9:
36:c6:89:1c:f9:f3:0d:75:48:39:8d:ae:db:56:fd:6d:cc:ef:
ba:63:31:10:1f:fa:07:5b:25:54:17:f6:8e:c1:2c:0e:7e:1e:
00:f6:26:46:31:38:f2:5d:03:a9:43:5a:5e:90:20:6b:41:4b:
c6:b5:79:7e:5c:67:fe:44:0f:ba:b8:ba:e1:4e:0b:b8:af:9e:
41:8d:56:6f:7b:53:0e:ef:13:71:4c:e5:8b:e1:0f:3b:92:3a:
17:f1:f8:c5:b2:ec:6f:23:22:f3:a5:24:9a:a3:51:a3:84:e4:
98:51:af:d5:25:7e:53:ae:05:0b:4e:69:3d:65:56:a6:4a:7f:
46:0e:84:86:a3:7d:14:40:4b:5d:c7:1b:94:da:b6:03:cc:02:
df:98:a2:15:fb:81:46:23:27:62:20:2e:3b:ee:67:93:ef:e4:
29:3f:b8:89:72:5d:64:96:24:13:c7:3c:1a:42:19:a6:06:57:
ee:a9:1b:b4:2a:1a:82:84:97:ca:11:f2:cd:c3:17:4f:09:db:
18:53:a8:cb
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFnjHAjDvvQhGm7vUlb+7+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODE4MjIxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWM3YzBhODg2ZDQ1YTY0ZTdkMDAwNmYwZWMwMzRmMTE5M2ZlNDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6D4nFn3PEtk8QWWySYCfgURS72S3
wx9Gjso75wsHFSU7qQJ2vfaH1uwKHOXCU9wn2I1jaRFW9N/oiD0xwxF6xZ8/arYm
HzL+S9/4gABchlQA4DADKW3s978fTKHFfSCkUyvocuMT3s2Ew8HVVyIeJRgmQh20
ALvWvGH36kNxmJt0g8UONgZNhhrvbLqaGR4W+9mllX8RlNsguCMJ54xqqWuJycWy
x2Cas1uLEy5MW1dDrwPqqN4/Cn1UK2YDmKPVWtbIv01QBRz57IsGrsLkryvHpmSc
CGS2jKKRYWQ9UxKSgHPEfs4EY8UD//TKshyvDG0kgphhLunB3GwTD00xuQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFC7HwKiG1Fpk59AAbw7ANPEZP+SXMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTHNmQXFJYlVXbVRuMEFCdkRzQTA4UmtfNUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEALfRdxqr3gMD8j3XARUr3rQXc
QIqQmwBpSOlhepPQipKv+z7A8qytomDaevbWQuoX53iu+DTJNsaJHPnzDXVIOY2u
21b9bczvumMxEB/6B1slVBf2jsEsDn4eAPYmRjE48l0DqUNaXpAga0FLxrV5flxn
/kQPuri64U4LuK+eQY1Wb3tTDu8TcUzli+EPO5I6F/H4xbLsbyMi86UkmqNRo4Tk
mFGv1SV+U64FC05pPWVWpkp/Rg6EhqN9FEBLXccblNq2A8wC35iiFfuBRiMnYiAu
O+5nk+/kKT+4iXJdZJYkE8c8GkIZpgZX7qkbtCoagoSXyhHyzcMXTwnbGFOoyw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:06 2025 by rpki-client