Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/P8dVHGBir2A9BEdUjqmyP4mPjRo.roa
File: P8dVHGBir2A9BEdUjqmyP4mPjRo.roa (raw, json)
Hash identifier: Nwbao/lHS7zB4PNe7v7wo3b7Vln3ypo4j2ymox/Yw+I=
Subject key identifier: 3F:C7:55:1C:60:62:AF:60:3D:04:47:54:8E:A9:B2:3F:89:8F:8D:1A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190E8B5277E08E9EF9E55B1FBD717632D2B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/P8dVHGBir2A9BEdUjqmyP4mPjRo.roa
Signing time: Thu 25 Jul 2024 07:05:04 +0000
ROA not before: Thu 25 Jul 2024 07:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:e8b4:56a2/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 25 Jul 2024 07:14:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e8:b5:27:7e:08:e9:ef:9e:55:b1:fb:d7:17:63:2d:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 25 07:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fc7551c6062af603d0447548ea9b23f898f8d1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:76:cd:b6:e9:d1:ec:5f:19:2b:cb:22:84:d7:
96:05:a1:83:68:66:c8:a5:4e:77:5d:55:25:ad:e8:
10:7b:57:a6:fd:36:42:78:35:e6:4f:1d:cb:aa:27:
e0:aa:1c:df:60:48:aa:3a:ab:2e:0a:39:64:b2:ee:
32:80:d3:c7:13:17:10:79:95:a5:4b:fe:b3:f1:67:
d0:3c:9e:18:8f:05:e4:07:db:6f:7e:36:c1:28:a5:
0e:df:9d:f0:9b:b9:e0:29:69:45:2e:6c:66:16:9e:
7d:51:0c:65:b3:87:bd:33:79:af:ec:bd:0e:b9:58:
d2:fd:8d:78:82:2c:31:8a:b3:b6:b3:f5:ec:11:65:
cf:b7:66:5f:86:f0:43:ad:8d:6b:b9:83:70:60:72:
0b:a8:d8:73:28:47:11:bf:a1:b8:66:c2:75:f0:3a:
20:1b:dd:0c:b2:e7:3a:01:61:d9:1f:71:ac:7d:ad:
39:e4:7f:89:46:31:af:5a:65:83:62:56:f9:d7:4b:
51:74:be:5b:9c:79:6b:24:09:56:58:56:bd:75:d7:
09:d8:0a:be:b9:df:a3:8b:22:67:79:a0:bb:13:57:
5f:ee:9f:2d:9e:e8:65:a4:fb:f7:1f:52:c1:1f:ab:
10:7c:46:c5:a9:bf:d3:cb:77:47:ed:05:16:c7:62:
8f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C7:55:1C:60:62:AF:60:3D:04:47:54:8E:A9:B2:3F:89:8F:8D:1A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/P8dVHGBir2A9BEdUjqmyP4mPjRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:e8b4:56a2/128
Signature Algorithm: sha256WithRSAEncryption
12:86:43:68:92:a5:47:09:2c:36:dd:86:a4:9d:f6:f2:3d:6e:
88:6a:be:24:26:90:f0:f1:2f:d1:e5:60:94:ef:d7:8f:6e:a4:
07:78:79:c6:89:64:29:52:4e:d7:4f:44:24:32:05:a5:c0:2b:
52:57:2e:49:90:05:06:f5:38:dc:1d:bd:1e:95:ad:88:7e:eb:
63:1a:96:3e:f9:94:50:c0:0b:b5:2e:a0:7d:9b:a5:3c:75:bb:
aa:94:29:62:83:79:6a:35:67:3e:af:5d:67:50:80:77:89:85:
45:12:bf:14:10:00:b4:56:fb:43:ea:d5:a5:99:d8:b2:ce:35:
c7:30:47:0c:01:40:98:fe:b5:64:ff:32:66:16:6c:ed:90:18:
14:4a:38:92:ba:19:88:ea:dd:4a:26:95:09:77:db:6a:c8:75:
9d:99:54:26:f9:f4:86:7c:ea:71:62:1f:38:76:2d:d7:52:17:
07:11:47:04:0d:5e:fc:91:22:41:f0:2c:bf:cc:c7:92:f2:6f:
18:22:68:9d:d8:e2:5e:13:ed:0c:97:4b:50:b5:41:6b:bc:60:
16:05:3a:bf:d1:b3:ea:8a:a9:81:1e:1f:cc:23:32:c8:73:90:
7a:d8:6d:13:66:ed:27:fb:1d:93:0c:07:44:69:3d:48:60:29:
24:47:72:59
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZDotSd+COnvnlWx+9cXYy0rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzI1MDcwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmM3NTUxYzYwNjJhZjYwM2QwNDQ3NTQ4ZWE5YjIzZjg5OGY4ZDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9XbNtunR7F8ZK8sihNeWBaGDaGbI
pU53XVUlregQe1em/TZCeDXmTx3LqifgqhzfYEiqOqsuCjlksu4ygNPHExcQeZWl
S/6z8WfQPJ4YjwXkB9tvfjbBKKUO353wm7ngKWlFLmxmFp59UQxls4e9M3mv7L0O
uVjS/Y14giwxirO2s/XsEWXPt2ZfhvBDrY1ruYNwYHILqNhzKEcRv6G4ZsJ18Dog
G90Msuc6AWHZH3Gsfa055H+JRjGvWmWDYlb510tRdL5bnHlrJAlWWFa9ddcJ2Aq+
ud+jiyJneaC7E1df7p8tnuhlpPv3H1LBH6sQfEbFqb/Ty3dH7QUWx2KPqwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFD/HVRxgYq9gPQRHVI6psj+Jj40aMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUDhkVkhHQmlyMkE5QkVkVWpxbXlQNG1QalJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ6LRWojANBgkqhkiG9w0BAQsFAAOCAQEAEoZDaJKlRwksNt2GpJ328j1u
iGq+JCaQ8PEv0eVglO/Xj26kB3h5xolkKVJO109EJDIFpcArUlcuSZAFBvU43B29
HpWtiH7rYxqWPvmUUMALtS6gfZulPHW7qpQpYoN5ajVnPq9dZ1CAd4mFRRK/FBAA
tFb7Q+rVpZnYss41xzBHDAFAmP61ZP8yZhZs7ZAYFEo4kroZiOrdSiaVCXfbash1
nZlUJvn0hnzqcWIfOHYt11IXBxFHBA1e/JEiQfAsv8zHkvJvGCJondjiXhPtDJdL
ULVBa7xgFgU6v9Gz6oqpgR4fzCMyyHOQethtE2btJ/sdkwwHRGk9SGApJEdyWQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:05:38 2025 by rpki-client