Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/SeR7JWu5igCVXSVpLIPgzxef7XU.roa
File: SeR7JWu5igCVXSVpLIPgzxef7XU.roa (raw, json)
Hash identifier: 2596ZDN97cUf27a7zgVOV+1kioxklAB515fp+scDSYI=
Subject key identifier: 49:E4:7B:25:6B:B9:8A:00:95:5D:25:69:2C:83:E0:CF:17:9F:ED:75
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191CA0A4211B12A0F5AB52FAECABC5E3ABD
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/SeR7JWu5igCVXSVpLIPgzxef7XU.roa
Signing time: Sat 07 Sep 2024 01:12:35 +0000
ROA not before: Sat 07 Sep 2024 01:12:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 07 Sep 2024 02:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ca:0a:42:11:b1:2a:0f:5a:b5:2f:ae:ca:bc:5e:3a:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 7 01:12:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49e47b256bb98a00955d25692c83e0cf179fed75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:20:cf:97:db:d3:53:08:0b:57:0e:f7:86:13:
32:02:1e:1f:2a:93:7f:24:e9:88:2a:c3:65:17:95:
cb:90:da:9a:3e:28:4b:88:17:59:79:e2:90:71:0b:
43:12:75:06:79:a5:d3:f4:46:f9:66:d2:d9:57:bb:
b2:ad:4d:96:5d:28:54:5a:25:6e:8c:89:0c:fa:a6:
f5:df:82:48:cc:25:35:49:f3:6b:a1:4a:5d:b9:7c:
d1:9a:d7:90:10:9e:ea:9c:45:df:e8:ae:92:05:ea:
dd:52:28:12:c8:e6:67:eb:48:11:2a:e8:89:41:14:
e0:32:ea:72:e9:1c:1c:0c:02:3d:3f:1a:3b:60:b2:
b7:07:8d:7b:82:22:93:31:d2:e3:51:ea:8e:f5:8a:
9c:a3:11:d4:ed:fb:27:c3:22:c6:33:40:63:b4:e9:
68:65:86:f5:2a:d7:14:db:14:0f:b1:aa:c0:93:f4:
ac:bb:b4:d9:2b:0d:2f:91:f7:83:92:4c:d5:d4:38:
f7:f7:00:52:f9:3e:d1:68:fe:41:fd:49:6e:47:a7:
7d:ef:02:14:ab:ab:af:5d:99:e3:e5:03:5f:6e:4f:
09:82:79:4e:a3:a8:4a:43:64:52:e9:3f:98:f7:b5:
b8:da:1b:bc:68:28:51:1a:3e:15:51:0b:b7:74:9f:
7f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:E4:7B:25:6B:B9:8A:00:95:5D:25:69:2C:83:E0:CF:17:9F:ED:75
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/SeR7JWu5igCVXSVpLIPgzxef7XU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
71:19:5e:02:6b:da:70:f4:74:b1:18:d6:59:88:6e:d3:78:7e:
6e:5a:bf:76:f2:8a:2c:70:9c:96:ae:34:ed:a3:77:45:c4:c8:
16:c4:82:3a:ee:59:5c:f6:9d:7d:73:74:bd:51:7f:d8:92:f4:
45:e6:2d:51:88:93:74:16:b5:d0:19:58:0b:c6:72:17:5b:31:
17:92:b2:5e:29:20:3d:3b:03:2d:f0:5e:59:08:a2:93:2e:5e:
7d:39:1f:7c:72:b3:bb:21:5e:60:c0:c4:a1:1d:1c:37:0d:db:
bd:ba:c2:82:f2:c9:41:d8:10:8e:af:93:23:25:82:fe:fa:08:
10:e6:07:bb:22:3e:e5:99:92:74:bf:c6:18:ce:2e:d7:48:ff:
50:d6:53:1e:5c:5e:03:ed:9b:9b:e5:65:3e:32:a3:0c:49:e1:
db:e6:bf:8b:a1:af:bd:7d:b9:b6:24:7a:a9:e5:31:dd:95:dc:
49:ce:88:7b:db:c4:6f:fb:12:2b:98:ac:23:0c:96:d7:01:59:
3f:16:05:a2:62:09:2e:4d:77:18:9e:bc:2a:a0:3c:ab:5a:b2:
4c:ad:95:5e:c7:a3:95:9d:10:9b:11:fb:ef:ad:67:b3:d1:59:
aa:3e:ad:1e:9d:17:d7:83:0c:b2:bf:5c:a3:74:b5:ee:b3:00:
b1:20:e3:b3
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZHKCkIRsSoPWrUvrsq8Xjq9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA3MDExMjM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWU0N2IyNTZiYjk4YTAwOTU1ZDI1NjkyYzgzZTBjZjE3OWZlZDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8iDPl9vTUwgLVw73hhMyAh4fKpN/
JOmIKsNlF5XLkNqaPihLiBdZeeKQcQtDEnUGeaXT9Eb5ZtLZV7uyrU2WXShUWiVu
jIkM+qb134JIzCU1SfNroUpduXzRmteQEJ7qnEXf6K6SBerdUigSyOZn60gRKuiJ
QRTgMupy6RwcDAI9Pxo7YLK3B417giKTMdLjUeqO9YqcoxHU7fsnwyLGM0BjtOlo
ZYb1KtcU2xQPsarAk/Ssu7TZKw0vkfeDkkzV1Dj39wBS+T7RaP5B/UluR6d97wIU
q6uvXZnj5QNfbk8JgnlOo6hKQ2RS6T+Y97W42hu8aChRGj4VUQu3dJ9/swIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEnkeyVruYoAlV0laSyD4M8Xn+11MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvU2VSN0pXdTVpZ0NWWFNWcExJUGd6eGVmN1hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAcRleAmvacPR0sRjWWYhu03h+
blq/dvKKLHCclq407aN3RcTIFsSCOu5ZXPadfXN0vVF/2JL0ReYtUYiTdBa10BlY
C8ZyF1sxF5KyXikgPTsDLfBeWQiiky5efTkffHKzuyFeYMDEoR0cNw3bvbrCgvLJ
QdgQjq+TIyWC/voIEOYHuyI+5ZmSdL/GGM4u10j/UNZTHlxeA+2bm+VlPjKjDEnh
2+a/i6GvvX25tiR6qeUx3ZXcSc6Ie9vEb/sSK5isIwyW1wFZPxYFomIJLk13GJ68
KqA8q1qyTK2VXsejlZ0QmxH7761ns9FZqj6tHp0X14MMsr9co3S17rMAsSDjsw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:36:04 2025 by rpki-client