Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ObD_MCX3cGJsoZpmde5QyO2EDHo.roa
File: ObD_MCX3cGJsoZpmde5QyO2EDHo.roa (raw, json)
Hash identifier: LGJTFcJhaAssxtPZKtEhPG1oY1VR2Iv5LwHKX5H649g=
Subject key identifier: 39:B0:FF:30:25:F7:70:62:6C:A1:9A:66:75:EE:50:C8:ED:84:0C:7A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01912EE461CA7CD86BF3309E611727D7209A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ObD_MCX3cGJsoZpmde5QyO2EDHo.roa
Signing time: Wed 07 Aug 2024 22:10:04 +0000
ROA not before: Wed 07 Aug 2024 22:10:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 07 Aug 2024 23:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2e:e4:61:ca:7c:d8:6b:f3:30:9e:61:17:27:d7:20:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 7 22:10:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39b0ff3025f770626ca19a6675ee50c8ed840c7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0a:9d:26:43:1e:4c:f4:9e:f8:ce:59:63:33:
7d:34:85:14:0b:c1:c8:63:c2:ab:f8:bd:95:fd:b3:
1d:f5:f9:7d:71:6b:2c:ba:02:17:3d:69:3d:cc:f2:
32:6b:24:f2:9b:e9:d1:17:bb:f6:fe:e4:86:d1:98:
65:dd:8f:06:7a:57:4f:32:96:9c:90:72:d0:39:14:
9b:fc:89:58:fb:c6:c9:b6:49:bd:a5:4a:72:59:67:
16:18:81:27:67:15:e8:00:3e:da:29:cd:af:64:58:
e3:47:34:74:c4:21:ae:a9:0b:b9:87:ae:1e:6f:1d:
3d:33:1e:8a:b7:36:ea:38:2c:e7:53:ac:d2:a9:1e:
b8:72:bd:58:48:ec:81:e3:69:0c:c7:f6:89:5b:48:
28:6c:75:b2:0c:26:5e:a8:63:f6:b3:c7:f0:61:bf:
f1:01:02:6e:a1:17:12:61:bd:c1:e6:13:ab:f9:fd:
38:a2:bb:6c:53:93:4d:fe:7d:dd:b6:8a:42:ca:df:
cf:5d:5d:da:74:a2:88:d6:90:15:ab:57:b5:ff:55:
93:dd:77:40:d7:9b:f6:2e:b1:81:30:ea:7d:8a:0e:
b6:bd:2a:6e:22:46:64:cc:61:5f:bd:8d:5c:30:08:
ac:9e:5f:ce:3c:64:a5:81:7f:29:cd:80:59:97:d6:
35:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B0:FF:30:25:F7:70:62:6C:A1:9A:66:75:EE:50:C8:ED:84:0C:7A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ObD_MCX3cGJsoZpmde5QyO2EDHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
88:3b:37:8a:07:d3:53:f1:44:20:94:d1:6f:6f:49:a1:34:63:
25:fa:2c:ab:77:2e:bb:e6:70:92:73:cb:25:3b:c5:a9:98:23:
da:ca:3b:bc:85:60:d7:4e:f2:d2:66:b5:12:42:ad:1c:7d:2b:
81:b4:9a:06:da:ed:09:be:f3:d4:35:6e:a4:9a:56:cd:43:7c:
a1:74:47:39:07:24:13:e4:3e:01:8d:c3:5e:d3:22:3d:c6:2f:
ab:ca:27:64:50:dd:22:35:2b:42:42:53:da:b5:af:3a:b3:06:
00:b1:97:3f:1e:1d:49:dd:fc:a0:f4:43:17:7d:d0:48:6f:0d:
e9:41:9c:30:c1:2a:16:a9:8d:dc:1c:a1:9a:cc:43:b1:48:f0:
51:6d:02:d9:fc:df:1f:e8:df:1c:1a:10:fe:e9:33:5b:e0:67:
f6:52:22:91:a4:3f:5e:76:32:2d:16:37:a8:92:84:99:35:c4:
f1:2c:fc:2b:ea:d0:d6:d9:d6:fb:b7:16:0a:31:dc:bc:f0:f9:
34:f5:1d:83:e6:32:ca:ad:ee:da:e9:25:0f:0e:6d:e5:86:96:
54:c9:66:b2:e4:7b:86:2c:90:dd:09:cb:a7:30:5c:e4:f2:54:
ea:ab:6d:31:33:b0:35:d5:da:bb:d5:37:7f:12:1f:db:d4:31:
12:75:e7:eb
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEu5GHKfNhr8zCeYRcn1yCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA3MjIxMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWIwZmYzMDI1Zjc3MDYyNmNhMTlhNjY3NWVlNTBjOGVkODQwYzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgqdJkMeTPSe+M5ZYzN9NIUUC8HI
Y8Kr+L2V/bMd9fl9cWssugIXPWk9zPIyayTym+nRF7v2/uSG0Zhl3Y8GeldPMpac
kHLQORSb/IlY+8bJtkm9pUpyWWcWGIEnZxXoAD7aKc2vZFjjRzR0xCGuqQu5h64e
bx09Mx6KtzbqOCznU6zSqR64cr1YSOyB42kMx/aJW0gobHWyDCZeqGP2s8fwYb/x
AQJuoRcSYb3B5hOr+f04ortsU5NN/n3dtopCyt/PXV3adKKI1pAVq1e1/1WT3XdA
15v2LrGBMOp9ig62vSpuIkZkzGFfvY1cMAisnl/OPGSlgX8pzYBZl9Y1rwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDmw/zAl93BibKGaZnXuUMjthAx6MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvT2JEX01DWDNjR0pzb1pwbWRlNVF5TzJFREhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAiDs3igfTU/FEIJTRb29JoTRj
Jfosq3cuu+ZwknPLJTvFqZgj2so7vIVg107y0ma1EkKtHH0rgbSaBtrtCb7z1DVu
pJpWzUN8oXRHOQckE+Q+AY3DXtMiPcYvq8onZFDdIjUrQkJT2rWvOrMGALGXPx4d
Sd38oPRDF33QSG8N6UGcMMEqFqmN3ByhmsxDsUjwUW0C2fzfH+jfHBoQ/ukzW+Bn
9lIikaQ/XnYyLRY3qJKEmTXE8Sz8K+rQ1tnW+7cWCjHcvPD5NPUdg+Yyyq3u2ukl
Dw5t5YaWVMlmsuR7hiyQ3QnLpzBc5PJU6qttMTOwNdXau9U3fxIf29QxEnXn6w==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:01 2025 by rpki-client