Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/S88i-fAB8Rf4iAdY08d97ZTPNOA.roa
File: S88i-fAB8Rf4iAdY08d97ZTPNOA.roa (raw, json)
Hash identifier: q47FAmwAhNO2BqvncspHEvWcxUL4YXgiv/YEeVQDYhQ=
Subject key identifier: 4B:CF:22:F9:F0:01:F1:17:F8:88:07:58:D3:C7:7D:ED:94:CF:34:E0
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019148A41A26786DA991A9D7DC2A249D8B2A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/S88i-fAB8Rf4iAdY08d97ZTPNOA.roa
Signing time: Mon 12 Aug 2024 22:09:59 +0000
ROA not before: Mon 12 Aug 2024 22:09:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 12 Aug 2024 23:04:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:48:a4:1a:26:78:6d:a9:91:a9:d7:dc:2a:24:9d:8b:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 12 22:09:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bcf22f9f001f117f8880758d3c77ded94cf34e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b4:b1:bc:db:6d:e0:3a:9a:cb:d8:47:b9:70:
b9:ca:52:64:ac:00:30:37:35:0f:de:c9:67:1c:92:
1c:87:3b:c1:05:8b:99:71:9d:bc:8b:5e:9b:2d:43:
28:1e:1c:11:2a:7d:52:93:69:8d:6e:6f:c6:8c:d4:
ba:ac:b2:5d:9a:52:82:d2:12:4b:c0:b0:5b:1e:48:
11:51:99:9d:de:46:e5:67:fb:c1:2b:79:a1:5a:b3:
f1:59:da:b5:dd:4d:8a:2f:03:95:af:52:cc:ae:c8:
8a:08:38:40:00:76:00:24:91:88:1a:1b:32:ee:ae:
e0:57:98:d5:93:e0:6f:53:4d:17:6c:67:c0:fa:37:
1e:ee:2e:4e:5b:b5:75:1b:f5:f4:30:0e:6a:68:ec:
ea:1d:db:ed:35:40:68:8a:63:0b:24:f4:89:d7:51:
f8:c0:dc:4b:3c:8c:d7:5c:80:8b:2b:bf:a6:c7:4d:
dd:a5:e0:48:f9:b7:d1:92:e7:26:42:49:02:3e:8b:
0f:1a:0e:2f:f4:e2:13:ab:60:c3:03:a4:55:53:f6:
af:14:ce:c7:a2:41:d8:1f:dc:15:c8:76:09:28:b5:
aa:38:67:bf:6c:2b:0f:48:81:83:e4:66:43:56:71:
8f:73:24:dd:62:60:1e:35:6f:e2:cd:42:8d:0e:b9:
63:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:CF:22:F9:F0:01:F1:17:F8:88:07:58:D3:C7:7D:ED:94:CF:34:E0
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/S88i-fAB8Rf4iAdY08d97ZTPNOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
10:d2:d0:46:f1:6c:f2:bd:ab:15:96:52:d4:63:9b:57:ed:ce:
b7:a3:07:f6:ce:6b:20:fd:40:19:f9:e0:db:83:02:59:2b:7f:
3c:53:f9:9a:cb:e5:d3:25:57:32:b1:92:d6:e1:c1:23:74:49:
c5:cb:15:ef:41:00:ee:88:b9:39:64:0a:47:b6:fe:b5:e7:80:
02:98:39:c1:53:6e:d0:82:02:ce:9d:34:bb:6a:2f:e0:c4:b4:
9e:82:f6:9f:2b:c2:85:29:c2:8a:3d:fe:c8:b1:41:ba:5d:d7:
e5:29:05:2a:30:eb:f9:37:82:95:d3:71:df:84:b1:73:6c:88:
34:b4:3f:f1:9a:59:57:f1:15:f2:2c:7d:fb:bf:94:be:61:16:
c8:8d:6f:a5:94:dd:84:19:d9:de:f4:f8:ca:87:a8:49:01:5f:
cc:2b:b0:63:64:b4:cb:b6:76:c5:94:dc:41:35:3e:8b:dd:a2:
80:60:71:f6:c9:d7:96:0d:a8:5c:d9:04:2a:cd:b0:46:3c:2e:
1a:5c:1d:3d:3e:b7:87:b4:62:82:91:53:57:f1:70:c3:bb:f6:
07:b8:b9:10:49:71:75:f1:b6:fb:98:ea:b2:ce:e0:ec:a5:dd:
dd:b9:e0:07:87:bf:2e:9c:df:25:4f:3e:90:e9:92:a5:ae:75:
38:5f:fc:80
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFIpBomeG2pkanX3CoknYsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODEyMjIwOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmNmMjJmOWYwMDFmMTE3Zjg4ODA3NThkM2M3N2RlZDk0Y2YzNGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07SxvNtt4Dqay9hHuXC5ylJkrAAw
NzUP3slnHJIchzvBBYuZcZ28i16bLUMoHhwRKn1Sk2mNbm/GjNS6rLJdmlKC0hJL
wLBbHkgRUZmd3kblZ/vBK3mhWrPxWdq13U2KLwOVr1LMrsiKCDhAAHYAJJGIGhsy
7q7gV5jVk+BvU00XbGfA+jce7i5OW7V1G/X0MA5qaOzqHdvtNUBoimMLJPSJ11H4
wNxLPIzXXICLK7+mx03dpeBI+bfRkucmQkkCPosPGg4v9OITq2DDA6RVU/avFM7H
okHYH9wVyHYJKLWqOGe/bCsPSIGD5GZDVnGPcyTdYmAeNW/izUKNDrljrwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEvPIvnwAfEX+IgHWNPHfe2UzzTgMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUzg4aS1mQUI4UmY0aUFkWTA4ZDk3WlRQTk9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAENLQRvFs8r2rFZZS1GObV+3O
t6MH9s5rIP1AGfng24MCWSt/PFP5msvl0yVXMrGS1uHBI3RJxcsV70EA7oi5OWQK
R7b+teeAApg5wVNu0IICzp00u2ov4MS0noL2nyvChSnCij3+yLFBul3X5SkFKjDr
+TeCldNx34Sxc2yINLQ/8ZpZV/EV8ix9+7+UvmEWyI1vpZTdhBnZ3vT4yoeoSQFf
zCuwY2S0y7Z2xZTcQTU+i92igGBx9snXlg2oXNkEKs2wRjwuGlwdPT63h7RigpFT
V/Fww7v2B7i5EElxdfG2+5jqss7g7KXd3bngB4e/LpzfJU8+kOmSpa51OF/8gA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:10:48 2025 by rpki-client