Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/N5SBdvo5TJAiNLuIi7-2RtoZDZQ.roa
File: N5SBdvo5TJAiNLuIi7-2RtoZDZQ.roa (raw, json)
Hash identifier: m3L34Q6pJCAb+BWKUcPGzMVQzXc7m+mC30DznqW5vYU=
Subject key identifier: 37:94:81:76:FA:39:4C:90:22:34:BB:88:8B:BF:B6:46:DA:19:0D:94
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01912D5F4782B1C922ECAAE2D6CDE94095F1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/N5SBdvo5TJAiNLuIi7-2RtoZDZQ.roa
Signing time: Wed 07 Aug 2024 15:05:04 +0000
ROA not before: Wed 07 Aug 2024 15:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:2d5e:8c44/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 07 Aug 2024 15:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2d:5f:47:82:b1:c9:22:ec:aa:e2:d6:cd:e9:40:95:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 7 15:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37948176fa394c902234bb888bbfb646da190d94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:18:9c:c8:23:e7:50:60:f0:9c:ff:c0:d0:49:
b1:12:a9:14:de:6a:db:d9:59:1a:a0:a2:85:c9:01:
f5:5b:ad:65:33:a0:34:e1:7d:94:55:ab:44:32:a7:
41:32:56:33:17:fc:f0:76:22:54:e9:92:e0:b6:02:
cb:97:a0:ad:a8:4f:d8:8b:e7:06:ec:01:f6:d8:d5:
92:50:9b:78:8f:b1:1d:e0:00:19:4f:6e:ad:76:75:
cb:0f:3f:b7:7d:42:cc:69:de:48:24:3d:32:bb:7f:
da:b8:b1:e6:e9:72:04:ce:49:21:35:86:07:4c:59:
4e:51:2f:f3:ae:2b:b1:64:88:99:ef:a2:6d:f2:22:
5d:ad:a1:31:69:05:c8:f2:a8:62:14:ca:0a:09:29:
e6:f2:6d:b5:92:d0:b9:b4:1e:47:8d:80:60:db:78:
6c:b1:80:f2:b3:23:d6:7e:da:a4:44:94:88:cd:59:
92:54:d4:3a:8e:ce:57:33:61:5e:5b:c7:95:2d:cc:
35:2a:f9:f8:0d:b0:38:e9:09:ab:a3:ab:95:5d:4a:
1c:a4:26:02:9f:98:45:6f:5a:a0:94:2c:27:95:40:
ff:bb:4d:11:6f:10:c5:ff:dc:c0:a6:5d:4d:ba:73:
5c:6d:1b:80:dc:14:c6:a4:49:7d:6e:2f:da:bf:60:
15:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:94:81:76:FA:39:4C:90:22:34:BB:88:8B:BF:B6:46:DA:19:0D:94
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/N5SBdvo5TJAiNLuIi7-2RtoZDZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:2d5e:8c44/128
Signature Algorithm: sha256WithRSAEncryption
6a:53:e1:0a:93:ad:1b:89:97:d0:c6:39:7a:d7:0c:a6:02:e6:
2f:06:4c:08:e1:7e:e0:0b:6f:e4:e0:90:19:22:f0:c2:12:29:
67:d6:db:89:04:11:7a:88:9e:1f:d4:da:87:30:0b:e7:53:79:
af:c8:3e:72:ad:29:2d:3d:df:15:31:14:2e:9f:75:f1:37:ed:
76:12:18:cc:9d:24:02:7a:cc:7c:c0:d6:da:2f:ae:86:ae:19:
c2:2d:c5:0d:37:12:76:7f:12:4c:80:3b:71:b9:52:3d:74:12:
7c:f8:0e:cc:c5:4d:e3:30:4a:f0:cb:a9:ef:82:09:78:b8:cd:
5a:4d:06:b2:e4:e8:8b:2f:87:7b:3c:93:da:81:46:99:89:67:
af:b0:44:7d:df:43:26:b3:58:0f:7d:a9:11:13:d3:3a:62:26:
e0:f7:ff:09:25:7f:5c:d4:de:8a:1e:39:28:8e:6a:65:e0:60:
49:9e:6d:34:07:fa:85:cf:28:30:31:63:19:c8:13:0e:2c:35:
da:da:53:38:b9:82:92:9b:d0:ad:2e:45:c7:e2:e1:59:b3:b9:
c3:9c:4f:8d:a2:b1:28:d2:9d:b5:51:6b:d3:27:64:6b:1f:50:
73:af:70:e3:31:97:16:6c:d7:51:02:ea:19:e0:41:75:aa:0e:
b6:e3:fb:c9
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZEtX0eCscki7Kri1s3pQJXxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA3MTUwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzk0ODE3NmZhMzk0YzkwMjIzNGJiODg4YmJmYjY0NmRhMTkwZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthicyCPnUGDwnP/A0EmxEqkU3mrb
2VkaoKKFyQH1W61lM6A04X2UVatEMqdBMlYzF/zwdiJU6ZLgtgLLl6CtqE/Yi+cG
7AH22NWSUJt4j7Ed4AAZT26tdnXLDz+3fULMad5IJD0yu3/auLHm6XIEzkkhNYYH
TFlOUS/zriuxZIiZ76Jt8iJdraExaQXI8qhiFMoKCSnm8m21ktC5tB5HjYBg23hs
sYDysyPWftqkRJSIzVmSVNQ6js5XM2FeW8eVLcw1Kvn4DbA46Qmro6uVXUocpCYC
n5hFb1qglCwnlUD/u00RbxDF/9zApl1NunNcbRuA3BTGpEl9bi/av2AV6wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDeUgXb6OUyQIjS7iIu/tkbaGQ2UMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTjVTQmR2bzVUSkFpTkx1SWk3LTJSdG9aRFpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkS1ejEQwDQYJKoZIhvcNAQELBQADggEB
AGpT4QqTrRuJl9DGOXrXDKYC5i8GTAjhfuALb+TgkBki8MISKWfW24kEEXqInh/U
2ocwC+dTea/IPnKtKS093xUxFC6fdfE37XYSGMydJAJ6zHzA1tovroauGcItxQ03
EnZ/EkyAO3G5Uj10Enz4DszFTeMwSvDLqe+CCXi4zVpNBrLk6Isvh3s8k9qBRpmJ
Z6+wRH3fQyazWA99qRET0zpiJuD3/wklf1zU3ooeOSiOamXgYEmebTQH+oXPKDAx
YxnIEw4sNdraUzi5gpKb0K0uRcfi4VmzucOcT42isSjSnbVRa9MnZGsfUHOvcOMx
lxZs11EC6hngQXWqDrbj+8k=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:56 2025 by rpki-client