Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Sj811dBCON6oJYUlKIeVqaUxBYg.roa
File: Sj811dBCON6oJYUlKIeVqaUxBYg.roa (raw, json)
Hash identifier: zsfEG57U3EPCTzmOL+es6RHnp6Y7ixGn/H49qwvov+c=
Subject key identifier: 4A:3F:35:D5:D0:42:38:DE:A8:25:85:25:28:87:95:A9:A5:31:05:88
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01913DB4CD93000D130B92025932F60BDE6B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Sj811dBCON6oJYUlKIeVqaUxBYg.roa
Signing time: Sat 10 Aug 2024 19:12:24 +0000
ROA not before: Sat 10 Aug 2024 19:12:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 10 Aug 2024 20:04:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3d:b4:cd:93:00:0d:13:0b:92:02:59:32:f6:0b:de:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 10 19:12:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a3f35d5d04238dea8258525288795a9a5310588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5e:50:61:a4:ad:49:3a:f6:83:c7:7c:3c:e1:
4b:e1:e2:61:79:cb:2d:9a:31:ba:67:4d:38:4d:8a:
68:d9:72:7f:bb:09:db:6a:94:eb:88:ba:14:1f:42:
06:fb:3f:48:72:8f:8e:e2:1c:f3:b8:f8:d8:52:da:
ab:57:f5:19:5f:ab:0f:f4:c5:2b:38:17:cd:87:7c:
bb:21:13:9e:93:3b:8d:ba:6b:70:d1:cf:a1:d1:b2:
1a:97:9c:c8:6b:fb:c2:a9:60:73:d1:26:a7:90:56:
47:70:19:8e:be:9d:d3:93:bd:9d:fd:e4:0b:f9:d5:
8b:8b:95:12:3a:38:57:a4:80:50:ba:30:99:7c:b6:
ad:04:f5:5e:d9:ec:c1:a2:77:58:a2:18:61:0c:03:
ee:cb:18:ae:27:b2:e6:8d:9b:8a:89:3a:bb:31:fc:
7a:25:77:e2:82:ac:f7:27:ee:e6:f4:bb:e4:35:4a:
bd:73:05:47:f9:8a:16:b4:73:33:73:56:30:e3:84:
c7:24:8b:bc:55:66:84:d2:94:5d:42:69:11:a8:6a:
42:6e:74:68:80:49:33:39:c8:8c:28:a2:c9:49:3e:
8b:a6:00:27:f4:e0:92:75:83:a1:42:47:dc:cc:0f:
ac:0f:58:01:9d:87:e3:40:70:17:3d:e0:39:63:45:
40:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:3F:35:D5:D0:42:38:DE:A8:25:85:25:28:87:95:A9:A5:31:05:88
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Sj811dBCON6oJYUlKIeVqaUxBYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
2b:5c:21:86:c0:b5:91:ec:05:6f:7c:a8:82:34:d6:53:9d:69:
ce:71:c6:f7:05:5a:75:49:77:12:46:36:66:00:78:7d:bb:bf:
ae:bc:be:c5:92:a9:60:ed:57:97:a8:7d:de:2f:88:78:48:b0:
5a:19:d4:2c:28:b8:f0:c0:3f:63:14:75:a5:65:cc:4d:42:8a:
12:83:78:6a:f1:de:73:30:92:70:27:14:68:07:d4:df:2f:71:
8e:33:da:53:92:01:e0:46:e0:43:83:47:79:28:8f:57:54:7b:
57:2d:9e:29:00:22:fc:b7:53:96:e5:94:27:e6:18:90:43:ce:
1b:48:57:94:66:44:29:c3:fe:47:40:ca:a6:bd:d8:6a:ec:d0:
7b:ae:31:2b:15:0d:e7:4a:e7:79:c2:ff:e3:28:fc:03:6d:a1:
13:7f:99:a1:df:fa:89:73:a2:fc:ce:13:bb:59:0f:49:1d:d1:
9e:36:69:c3:8c:9d:8e:4c:2b:86:0b:bd:ce:1f:11:18:f2:86:
e5:93:55:47:9a:2b:08:7e:87:4d:06:1b:0d:e5:e2:9f:77:38:
d2:0a:33:9d:24:74:d0:27:34:4a:ea:8d:29:24:7e:70:c8:fd:
2b:d2:64:5c:e0:42:c0:f7:94:a3:06:6e:ff:4f:3b:3c:8b:41:
0a:58:ab:56
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZE9tM2TAA0TC5ICWTL2C95rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODEwMTkxMjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTNmMzVkNWQwNDIzOGRlYTgyNTg1MjUyODg3OTVhOWE1MzEwNTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwF5QYaStSTr2g8d8POFL4eJhecst
mjG6Z004TYpo2XJ/uwnbapTriLoUH0IG+z9Ico+O4hzzuPjYUtqrV/UZX6sP9MUr
OBfNh3y7IROekzuNumtw0c+h0bIal5zIa/vCqWBz0SankFZHcBmOvp3Tk72d/eQL
+dWLi5USOjhXpIBQujCZfLatBPVe2ezBondYohhhDAPuyxiuJ7LmjZuKiTq7Mfx6
JXfigqz3J+7m9LvkNUq9cwVH+YoWtHMzc1Yw44THJIu8VWaE0pRdQmkRqGpCbnRo
gEkzOciMKKLJST6LpgAn9OCSdYOhQkfczA+sD1gBnYfjQHAXPeA5Y0VAkwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEo/NdXQQjjeqCWFJSiHlamlMQWIMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvU2o4MTFkQkNPTjZvSllVbEtJZVZxYVV4QllnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAK1whhsC1kewFb3yogjTWU51p
znHG9wVadUl3EkY2ZgB4fbu/rry+xZKpYO1Xl6h93i+IeEiwWhnULCi48MA/YxR1
pWXMTUKKEoN4avHeczCScCcUaAfU3y9xjjPaU5IB4EbgQ4NHeSiPV1R7Vy2eKQAi
/LdTluWUJ+YYkEPOG0hXlGZEKcP+R0DKpr3YauzQe64xKxUN50rnecL/4yj8A22h
E3+Zod/6iXOi/M4Tu1kPSR3RnjZpw4ydjkwrhgu9zh8RGPKG5ZNVR5orCH6HTQYb
DeXin3c40goznSR00Cc0SuqNKSR+cMj9K9JkXOBCwPeUowZu/087PItBClirVg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:50 2025 by rpki-client