Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TX-L7p7piOZo5i6MC8FF8T05F6o.roa
File: TX-L7p7piOZo5i6MC8FF8T05F6o.roa (raw, json)
Hash identifier: Q1zQya03Xlzbkw14taWysJ5fIf1UAy88u3Nj9+qMxpk=
Subject key identifier: 4D:7F:8B:EE:9E:E9:88:E6:68:E6:2E:8C:0B:C1:45:F1:3D:39:17:AA
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191DE351ECDEB7492F7BD81293C36384BA9
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TX-L7p7piOZo5i6MC8FF8T05F6o.roa
Signing time: Tue 10 Sep 2024 23:11:48 +0000
ROA not before: Tue 10 Sep 2024 23:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 11 Sep 2024 00:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:de:35:1e:cd:eb:74:92:f7:bd:81:29:3c:36:38:4b:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 10 23:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d7f8bee9ee988e668e62e8c0bc145f13d3917aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f0:7a:25:85:06:bf:7e:fa:e2:8d:ca:c1:2a:
ec:4d:cb:04:31:50:9a:4f:6f:cf:20:5b:f2:55:b4:
1d:6c:53:2a:5d:64:89:f1:5d:10:ef:7f:73:61:0e:
db:6a:a3:8c:90:01:46:b7:1d:14:ad:3f:90:8b:ae:
56:f2:9b:f9:14:ee:d0:24:0a:48:f4:e3:5c:73:92:
fc:4d:6d:0a:7c:89:6f:3b:46:b5:1e:97:33:52:d8:
fe:0a:92:24:77:6e:51:aa:85:e0:e1:ac:98:c5:64:
3a:43:53:65:18:21:4b:57:a3:bc:2b:db:b0:a3:b2:
d4:f9:46:ed:a7:5c:f1:e5:eb:f4:eb:09:1e:f6:94:
0b:09:d9:83:59:1f:7a:5b:a4:9d:1f:cb:21:bd:27:
3e:61:65:70:7f:55:1c:18:ae:6d:b0:56:cc:89:1c:
a9:d3:35:45:17:26:ea:ff:b3:1e:93:db:25:0b:6f:
71:4d:4f:48:4d:5a:41:6f:50:d9:3b:a4:aa:33:1b:
78:a4:f6:ce:65:e8:6e:0c:71:b7:00:47:aa:fa:fd:
07:16:71:38:e3:08:8f:60:2f:90:78:6c:3b:f2:8d:
4a:9c:b4:97:1f:2b:47:c8:a1:67:3b:82:f3:e4:c3:
4e:32:70:95:49:89:17:04:06:98:b0:58:37:9b:de:
ee:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:7F:8B:EE:9E:E9:88:E6:68:E6:2E:8C:0B:C1:45:F1:3D:39:17:AA
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TX-L7p7piOZo5i6MC8FF8T05F6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
38:2e:3a:32:79:3c:61:e0:2d:1f:c9:8a:f1:c4:6f:92:40:55:
72:00:3d:17:5f:36:36:1f:0a:86:07:4d:f9:3d:91:4e:f4:92:
9f:50:96:f7:3e:56:bd:0c:c1:7b:6f:41:b0:7d:61:0a:c8:d5:
cb:8b:eb:4e:e0:b1:88:08:7e:e9:f1:9f:fc:7d:ff:d7:4a:a5:
77:8a:42:a6:8f:c4:bd:f2:a9:45:f9:7b:71:cb:ba:f6:b4:01:
e8:f2:19:45:57:44:f8:90:0a:5d:9f:28:e2:75:3b:bd:f1:87:
24:03:f4:3d:f2:5e:37:88:21:e8:2a:fa:4d:f5:d5:a6:48:a0:
47:1a:c5:d8:fe:33:83:54:fe:76:c8:40:f1:04:a4:69:1a:0c:
3e:6f:8e:20:e4:0e:a7:73:46:e3:3b:98:19:52:0a:13:cd:6a:
aa:2e:ef:56:d6:a3:ef:ca:db:c7:b9:b1:0e:46:14:c8:89:34:
45:96:7c:bf:8e:d2:8a:6e:f1:eb:17:54:7a:6a:e5:ae:b6:98:
d1:47:81:3c:77:86:ee:8c:5a:ec:6f:16:70:74:fe:a5:64:e4:
cc:fa:2f:de:7e:00:b8:10:81:9a:35:3c:6e:14:8a:d8:8c:bc:
68:cf:7b:d3:98:de:03:1e:2c:21:dd:5c:5f:14:a2:30:84:cf:
26:00:6c:f1
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHeNR7N63SS972BKTw2OEupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTEwMjMxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDdmOGJlZTllZTk4OGU2NjhlNjJlOGMwYmMxNDVmMTNkMzkxN2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4fB6JYUGv3764o3KwSrsTcsEMVCa
T2/PIFvyVbQdbFMqXWSJ8V0Q739zYQ7baqOMkAFGtx0UrT+Qi65W8pv5FO7QJApI
9ONcc5L8TW0KfIlvO0a1HpczUtj+CpIkd25RqoXg4ayYxWQ6Q1NlGCFLV6O8K9uw
o7LU+Ubtp1zx5ev06wke9pQLCdmDWR96W6SdH8shvSc+YWVwf1UcGK5tsFbMiRyp
0zVFFybq/7Mek9slC29xTU9ITVpBb1DZO6SqMxt4pPbOZehuDHG3AEeq+v0HFnE4
4wiPYC+QeGw78o1KnLSXHytHyKFnO4Lz5MNOMnCVSYkXBAaYsFg3m97uBwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFE1/i+6e6YjmaOYujAvBRfE9OReqMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVFgtTDdwN3BpT1pvNWk2TUM4RkY4VDA1RjZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wDEQAgAQZ8AGT//wAAAZHYLDcb
MA0GCSqGSIb3DQEBCwUAA4IBAQA4LjoyeTxh4C0fyYrxxG+SQFVyAD0XXzY2HwqG
B035PZFO9JKfUJb3Pla9DMF7b0GwfWEKyNXLi+tO4LGICH7p8Z/8ff/XSqV3ikKm
j8S98qlF+Xtxy7r2tAHo8hlFV0T4kApdnyjidTu98YckA/Q98l43iCHoKvpN9dWm
SKBHGsXY/jODVP52yEDxBKRpGgw+b44g5A6nc0bjO5gZUgoTzWqqLu9W1qPvytvH
ubEORhTIiTRFlny/jtKKbvHrF1R6auWutpjRR4E8d4bujFrsbxZwdP6lZOTM+i/e
fgC4EIGaNTxuFIrYjLxoz3vTmN4DHiwh3VxfFKIwhM8mAGzx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:56 2025 by rpki-client