Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RLDgIW8iss86SASXIy475f6H310.roa
File: RLDgIW8iss86SASXIy475f6H310.roa (raw, json)
Hash identifier: aR0gmBsOFYX5kjXOW5sNavhPBE8JpuOb2TZuSay3FFc=
Subject key identifier: 44:B0:E0:21:6F:22:B2:CF:3A:48:04:97:23:2E:3B:E5:FE:87:DF:5D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191D610AF89C24C315E439AB606CDAC7FBE
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RLDgIW8iss86SASXIy475f6H310.roa
Signing time: Mon 09 Sep 2024 09:15:03 +0000
ROA not before: Mon 09 Sep 2024 09:15:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 09 Sep 2024 10:04:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:10:af:89:c2:4c:31:5e:43:9a:b6:06:cd:ac:7f:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 9 09:15:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44b0e0216f22b2cf3a480497232e3be5fe87df5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:a1:31:dd:1d:f4:ce:f1:76:bf:62:79:a4:13:
22:df:5d:1a:d2:a5:7a:d2:b1:3d:4a:7b:85:c2:6f:
94:37:36:b2:dd:0a:57:1a:db:22:91:ba:86:1b:21:
4e:75:7a:bf:51:a5:b0:f1:aa:05:14:4e:dc:81:06:
7f:ad:03:4c:fe:ac:34:df:b7:87:fb:95:c1:20:89:
2b:52:71:df:d0:63:97:fd:8b:e0:64:31:0e:6d:ad:
02:71:3d:f9:09:e7:18:36:57:b4:eb:57:67:c9:8f:
8e:61:6c:c6:7b:1c:55:b9:8f:8a:8a:bc:bd:83:f8:
b4:1c:c6:cc:18:be:d0:e7:99:2c:1a:fb:b1:65:08:
42:1a:48:e9:e2:79:05:4a:6a:b9:b1:78:b9:de:b8:
dd:46:9c:e5:78:d8:3c:31:dd:78:aa:00:1c:33:c7:
66:fc:83:41:03:06:c4:e3:47:18:72:c8:68:3a:0e:
de:f7:40:05:fb:d2:ff:76:70:c3:ac:6e:5e:b2:55:
84:02:92:b0:40:a1:84:08:03:d9:ae:ef:e9:e2:6e:
9d:c3:17:b0:70:f8:6e:49:14:f5:c1:56:d0:e5:0b:
4c:4e:53:de:ed:b2:f6:03:d2:ba:f9:92:e1:5b:fc:
2b:99:24:ee:7a:91:e4:a9:38:19:f1:d8:5a:51:c0:
41:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:B0:E0:21:6F:22:B2:CF:3A:48:04:97:23:2E:3B:E5:FE:87:DF:5D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RLDgIW8iss86SASXIy475f6H310.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
Signature Algorithm: sha256WithRSAEncryption
0b:83:19:8f:e1:91:cb:85:fe:5d:b1:55:6b:88:1b:93:91:6e:
e2:bd:90:30:fa:fd:00:49:37:24:89:d4:5a:e3:92:9b:60:5b:
31:40:30:2f:e0:1b:4d:ac:3d:3c:53:3c:11:95:d4:48:f2:71:
99:a1:89:05:95:29:b2:b9:71:26:37:3b:04:58:cf:76:9b:c6:
4c:43:d1:6d:07:3e:c8:30:b3:65:96:e3:40:f1:e5:e3:9e:d4:
05:88:a8:64:e2:84:25:cc:72:42:47:16:56:98:d9:98:8d:82:
a9:15:91:f5:e1:2b:c7:f6:88:85:ce:a7:44:b5:a5:3d:56:87:
f9:28:fd:85:cf:05:c6:05:ed:23:eb:dc:66:ca:f1:34:34:ec:
d6:1e:f4:8d:25:30:ce:37:46:48:e0:a1:29:01:72:b6:81:b9:
86:6c:12:14:57:08:35:e4:8f:81:9a:b0:94:62:8e:02:10:52:
cb:dc:25:eb:54:54:f8:94:5d:57:77:07:ed:a1:36:b9:1a:68:
04:31:d9:0b:f5:d3:73:2f:fe:3d:47:b6:0d:78:4d:8d:71:43:
2e:62:bb:56:ca:56:ac:f2:a1:b7:1e:8e:8b:21:40:24:ed:ee:
ed:a8:dd:f0:31:c4:04:61:96:0d:48:cf:a6:12:36:32:45:05:
15:e1:f1:56
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZHWEK+JwkwxXkOatgbNrH++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA5MDkxNTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGIwZTAyMTZmMjJiMmNmM2E0ODA0OTcyMzJlM2JlNWZlODdkZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA66Ex3R30zvF2v2J5pBMi310a0qV6
0rE9SnuFwm+UNzay3QpXGtsikbqGGyFOdXq/UaWw8aoFFE7cgQZ/rQNM/qw037eH
+5XBIIkrUnHf0GOX/YvgZDEOba0CcT35CecYNle061dnyY+OYWzGexxVuY+Kiry9
g/i0HMbMGL7Q55ksGvuxZQhCGkjp4nkFSmq5sXi53rjdRpzleNg8Md14qgAcM8dm
/INBAwbE40cYcshoOg7e90AF+9L/dnDDrG5eslWEApKwQKGECAPZru/p4m6dwxew
cPhuSRT1wVbQ5QtMTlPe7bL2A9K6+ZLhW/wrmSTuepHkqTgZ8dhaUcBBswIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFESw4CFvIrLPOkgElyMuO+X+h99dMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUkxEZ0lXOGlzczg2U0FTWEl5NDc1ZjZIMzEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wwDQYJKoZIhvcNAQELBQADggEB
AAuDGY/hkcuF/l2xVWuIG5ORbuK9kDD6/QBJNySJ1FrjkptgWzFAMC/gG02sPTxT
PBGV1EjycZmhiQWVKbK5cSY3OwRYz3abxkxD0W0HPsgws2WW40Dx5eOe1AWIqGTi
hCXMckJHFlaY2ZiNgqkVkfXhK8f2iIXOp0S1pT1Wh/ko/YXPBcYF7SPr3GbK8TQ0
7NYe9I0lMM43RkjgoSkBcraBuYZsEhRXCDXkj4GasJRijgIQUsvcJetUVPiUXVd3
B+2hNrkaaAQx2Qv103Mv/j1Htg14TY1xQy5iu1bKVqzyobcejoshQCTt7u2o3fAx
xARhlg1Iz6YSNjJFBRXh8VY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:09 2025 by rpki-client