Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RCzN_-SGlsLaKhu5OJjOstEoyoA.roa
File: RCzN_-SGlsLaKhu5OJjOstEoyoA.roa (raw, json)
Hash identifier: 1LQP6MOl/YN4iwPjz92b3L3BcqRa2nAosostWInbGyM=
Subject key identifier: 44:2C:CD:FF:E4:86:96:C2:DA:2A:1B:B9:38:98:CE:B2:D1:28:CA:80
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191AA48389AD83A4741DEEB3B01B53C8EC8
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RCzN_-SGlsLaKhu5OJjOstEoyoA.roa
Signing time: Sat 31 Aug 2024 21:12:25 +0000
ROA not before: Sat 31 Aug 2024 21:12:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 31 Aug 2024 22:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:aa:48:38:9a:d8:3a:47:41:de:eb:3b:01:b5:3c:8e:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 31 21:12:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=442ccdffe48696c2da2a1bb93898ceb2d128ca80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:05:2f:6b:f8:8d:ae:51:d8:88:e0:2b:75:bc:
1b:2c:e9:e8:e4:9d:ef:d1:50:d0:07:06:74:86:95:
5a:e1:10:61:b0:62:c2:02:10:3a:93:74:ea:b4:d2:
b1:be:aa:e5:1f:56:41:50:8f:ce:bb:cd:64:eb:f7:
d4:9d:31:8f:07:43:2e:98:87:8f:85:d7:1c:35:bc:
24:0f:5b:3c:fc:0f:c4:e2:35:63:65:ff:ef:45:30:
2a:09:db:aa:f8:94:74:48:5c:5d:97:62:1e:6c:35:
03:2d:fc:4c:a0:5b:e9:05:99:4d:59:c2:b8:2e:0e:
33:6b:65:42:b7:39:a0:50:5f:cd:de:3b:48:43:b5:
99:58:56:d7:4b:e5:c9:76:9c:df:f8:ae:87:f6:a0:
a1:2e:7d:86:72:07:e6:7b:10:24:70:cd:78:0f:9f:
9f:d9:e5:41:87:e2:b2:e1:11:48:df:ab:4e:22:77:
ab:39:aa:5f:90:85:10:a5:dd:9c:ff:7b:bf:b0:81:
92:ad:02:57:79:e5:cf:78:14:a5:5c:8a:06:12:15:
d7:78:59:5b:3f:23:d2:7c:d2:b5:71:a8:2a:88:e0:
c4:39:5e:c3:0a:0e:49:3b:1f:9e:09:80:0f:a0:71:
7b:26:af:65:0d:d8:c4:84:6d:0f:ea:c6:69:1e:43:
38:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:2C:CD:FF:E4:86:96:C2:DA:2A:1B:B9:38:98:CE:B2:D1:28:CA:80
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RCzN_-SGlsLaKhu5OJjOstEoyoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
54:be:81:5c:25:5a:30:e8:b4:31:93:b8:0b:11:da:be:69:be:
06:ed:d7:65:9d:98:2f:0d:cc:28:e1:57:87:b2:48:05:fa:d8:
2b:36:c1:ba:97:59:09:5c:d2:b8:01:2b:6d:6e:94:2f:f7:16:
45:40:6d:55:4e:0f:b1:05:df:f4:71:f9:2f:25:f2:07:f6:01:
09:bb:60:2a:8d:46:b1:d7:76:52:3a:4e:b4:35:d3:6b:4e:56:
12:ab:15:60:fc:88:c8:4f:02:f7:5a:a3:e8:42:3a:ba:1d:92:
60:6d:cd:8d:b9:5f:c3:c7:72:36:12:0f:98:ef:a6:6e:13:bd:
03:39:61:75:56:66:cf:85:f3:b6:5a:31:f8:e7:58:4d:e7:71:
6d:bc:37:02:20:b6:df:5f:87:c9:69:f0:24:3e:3a:42:db:54:
cc:a5:c7:69:78:ad:9e:73:57:09:92:eb:af:10:9b:55:01:72:
7f:a9:02:90:34:02:5e:70:d7:04:42:18:c4:68:07:e1:8d:14:
43:5d:8e:e2:3d:4c:8e:a3:ff:80:72:86:06:81:e0:eb:27:af:
eb:41:d3:92:36:f0:bb:5b:09:9a:16:2b:cf:f4:9f:fc:03:b2:
d5:e5:55:73:38:b3:bd:79:5b:81:37:f9:d7:be:12:7f:12:72:
d3:f3:6c:11
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGqSDia2DpHQd7rOwG1PI7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODMxMjExMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDJjY2RmZmU0ODY5NmMyZGEyYTFiYjkzODk4Y2ViMmQxMjhjYTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgUva/iNrlHYiOArdbwbLOno5J3v
0VDQBwZ0hpVa4RBhsGLCAhA6k3TqtNKxvqrlH1ZBUI/Ou81k6/fUnTGPB0MumIeP
hdccNbwkD1s8/A/E4jVjZf/vRTAqCduq+JR0SFxdl2IebDUDLfxMoFvpBZlNWcK4
Lg4za2VCtzmgUF/N3jtIQ7WZWFbXS+XJdpzf+K6H9qChLn2GcgfmexAkcM14D5+f
2eVBh+Ky4RFI36tOInerOapfkIUQpd2c/3u/sIGSrQJXeeXPeBSlXIoGEhXXeFlb
PyPSfNK1cagqiODEOV7DCg5JOx+eCYAPoHF7Jq9lDdjEhG0P6sZpHkM4RQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEQszf/khpbC2iobuTiYzrLRKMqAMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUkN6Tl8tU0dsc0xhS2h1NU9Kak9zdEVveW9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAVL6BXCVaMOi0MZO4CxHavmm+
Bu3XZZ2YLw3MKOFXh7JIBfrYKzbBupdZCVzSuAErbW6UL/cWRUBtVU4PsQXf9HH5
LyXyB/YBCbtgKo1Gsdd2UjpOtDXTa05WEqsVYPyIyE8C91qj6EI6uh2SYG3Njblf
w8dyNhIPmO+mbhO9AzlhdVZmz4Xztlox+OdYTedxbbw3AiC231+HyWnwJD46QttU
zKXHaXitnnNXCZLrrxCbVQFyf6kCkDQCXnDXBEIYxGgH4Y0UQ12O4j1MjqP/gHKG
BoHg6yev60HTkjbwu1sJmhYrz/Sf/AOy1eVVczizvXlbgTf5174SfxJy0/NsEQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:29 2025 by rpki-client