Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Og3lTTHTPRAs_xir5A3uncrqnoE.roa
File: Og3lTTHTPRAs_xir5A3uncrqnoE.roa (raw, json)
Hash identifier: Ja148oJwj0u93f/OyFe/ARDPQgncUVVVLVBsGHx+EpE=
Subject key identifier: 3A:0D:E5:4D:31:D3:3D:10:2C:FF:18:AB:E4:0D:EE:9D:CA:EA:9E:81
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01919AD5AEDD9EEAADF3112C72FD726454C4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Og3lTTHTPRAs_xir5A3uncrqnoE.roa
Signing time: Wed 28 Aug 2024 21:13:00 +0000
ROA not before: Wed 28 Aug 2024 21:13:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 28 Aug 2024 22:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9a:d5:ae:dd:9e:ea:ad:f3:11:2c:72:fd:72:64:54:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 28 21:13:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a0de54d31d33d102cff18abe40dee9dcaea9e81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4c:00:a6:68:8c:c9:43:63:db:19:14:45:b4:
d1:0a:2b:9f:b0:b5:c7:bd:a5:c7:a9:7e:37:8a:6b:
02:2e:e3:50:2c:a8:2f:79:a3:d8:fd:88:2c:44:55:
fb:44:3b:28:fe:2e:54:8f:61:a1:7a:74:14:65:ed:
7f:bb:1e:bc:6b:d9:77:41:f5:96:99:0a:f1:80:85:
d1:1b:5e:c1:9f:81:d6:51:19:24:a9:bf:0f:38:6c:
de:d3:36:67:3f:9f:ce:0f:84:ae:f9:69:ef:24:4a:
50:9a:3c:49:ab:98:dd:67:33:13:89:0f:58:af:1c:
b6:52:2d:7d:90:ea:fd:39:21:14:02:d0:12:87:b1:
f5:f8:50:57:d0:c2:62:f4:0c:26:1a:b6:ed:1e:78:
1c:d7:55:77:b3:3c:0a:c5:8d:66:8e:b9:78:77:d0:
ef:4c:38:7f:fa:49:de:8f:00:af:f0:99:16:d3:67:
c0:24:eb:a3:0f:02:e9:bd:44:df:7a:73:52:be:05:
00:87:f6:54:ec:a4:cf:51:52:9c:54:32:cb:7c:70:
bb:80:13:e0:54:cb:59:5b:b8:a0:a0:73:30:94:5c:
ce:d8:db:64:1b:cd:34:c4:9a:6c:a0:99:95:8f:ca:
82:8f:7b:ed:13:2f:46:61:9f:45:df:7b:25:fb:a2:
c6:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:0D:E5:4D:31:D3:3D:10:2C:FF:18:AB:E4:0D:EE:9D:CA:EA:9E:81
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Og3lTTHTPRAs_xir5A3uncrqnoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
45:d9:8c:62:bb:c0:62:1d:df:07:15:85:c5:e5:e8:02:10:85:
da:36:88:ad:15:69:50:21:73:a7:0f:11:53:76:de:2f:53:26:
b7:82:33:99:8f:6a:b3:8a:ef:f4:fa:db:1b:5f:42:cb:9c:45:
93:10:91:dd:e8:81:10:91:02:37:53:28:49:e0:6f:02:68:0a:
07:5d:ef:53:30:f7:4c:4b:ba:25:de:f6:bd:22:89:12:28:11:
1d:d6:56:04:7f:58:20:08:2c:52:9e:3a:36:66:8b:1b:1a:e8:
63:82:53:84:14:91:41:9f:d8:fa:23:06:33:3f:80:6e:54:9f:
ce:ab:0c:b1:14:3a:54:71:1c:9d:2b:bf:11:d0:df:9d:ba:d8:
57:eb:e0:5b:bc:13:8b:c7:55:0f:e7:d1:f8:c7:91:cb:96:b3:
75:14:c8:b7:d6:46:f7:22:f7:a0:e9:30:09:44:80:d4:03:06:
32:f0:a5:25:ca:21:f6:10:99:75:50:48:29:a7:82:5a:b3:51:
c1:ef:84:12:0f:53:b8:ca:2d:b1:32:7c:17:99:76:74:fb:51:
5a:0d:19:48:49:ee:0e:b8:0e:7e:2c:5e:41:1c:8c:7e:b3:bb:
73:11:37:86:96:1f:b1:02:3a:08:e1:12:21:22:74:83:ed:83:
65:c8:86:cc
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGa1a7dnuqt8xEscv1yZFTEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI4MjExMzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTBkZTU0ZDMxZDMzZDEwMmNmZjE4YWJlNDBkZWU5ZGNhZWE5ZTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUwApmiMyUNj2xkURbTRCiufsLXH
vaXHqX43imsCLuNQLKgveaPY/YgsRFX7RDso/i5Uj2GhenQUZe1/ux68a9l3QfWW
mQrxgIXRG17Bn4HWURkkqb8POGze0zZnP5/OD4Su+WnvJEpQmjxJq5jdZzMTiQ9Y
rxy2Ui19kOr9OSEUAtASh7H1+FBX0MJi9AwmGrbtHngc11V3szwKxY1mjrl4d9Dv
TDh/+knejwCv8JkW02fAJOujDwLpvUTfenNSvgUAh/ZU7KTPUVKcVDLLfHC7gBPg
VMtZW7igoHMwlFzO2NtkG800xJpsoJmVj8qCj3vtEy9GYZ9F33sl+6LG3wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDoN5U0x0z0QLP8Yq+QN7p3K6p6BMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvT2czbFRUSFRQUkFzX3hpcjVBM3VuY3Jxbm9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEARdmMYrvAYh3fBxWFxeXoAhCF
2jaIrRVpUCFzpw8RU3beL1Mmt4IzmY9qs4rv9PrbG19Cy5xFkxCR3eiBEJECN1Mo
SeBvAmgKB13vUzD3TEu6Jd72vSKJEigRHdZWBH9YIAgsUp46NmaLGxroY4JThBSR
QZ/Y+iMGMz+AblSfzqsMsRQ6VHEcnSu/EdDfnbrYV+vgW7wTi8dVD+fR+MeRy5az
dRTIt9ZG9yL3oOkwCUSA1AMGMvClJcoh9hCZdVBIKaeCWrNRwe+EEg9TuMotsTJ8
F5l2dPtRWg0ZSEnuDrgOfixeQRyMfrO7cxE3hpYfsQI6COESISJ0g+2DZciGzA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:36:32 2025 by rpki-client