Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TdzsvkLfQpTz_3xJqNRHqyUg-Wg.roa
File: TdzsvkLfQpTz_3xJqNRHqyUg-Wg.roa (raw, json)
Hash identifier: DByMyB8JnvdMZn8IQCRaJlkempMSi9fTQfZkJBzHHSA=
Subject key identifier: 4D:DC:EC:BE:42:DF:42:94:F3:FF:7C:49:A8:D4:47:AB:25:20:F9:68
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191D8D6E96332307155D22039052B9B5218
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TdzsvkLfQpTz_3xJqNRHqyUg-Wg.roa
Signing time: Mon 09 Sep 2024 22:10:48 +0000
ROA not before: Mon 09 Sep 2024 22:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 09 Sep 2024 23:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d8:d6:e9:63:32:30:71:55:d2:20:39:05:2b:9b:52:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 9 22:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ddcecbe42df4294f3ff7c49a8d447ab2520f968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:97:d4:59:e8:75:4c:f2:c2:85:dd:de:79:02:
b9:22:95:80:f5:3f:bc:3a:3e:4d:6f:ca:75:fb:70:
cb:e7:4b:cd:92:4b:ba:0a:74:df:91:de:d6:53:45:
ea:34:f8:e0:5c:b7:a5:16:8e:fb:c5:aa:6b:8d:56:
89:8d:84:98:a3:c0:95:2a:d9:b7:62:82:40:e6:c9:
52:eb:20:51:46:b3:d6:e6:7e:1d:42:f5:7d:0f:c4:
b0:01:87:bb:ab:37:65:53:76:92:fb:bd:eb:79:76:
86:62:1e:e6:22:ad:18:8e:ae:59:88:35:14:1a:57:
02:1a:9c:d1:d8:17:30:db:22:8b:9f:6e:6e:76:bb:
16:ac:e3:34:8c:26:df:1b:4b:47:da:0b:9d:8a:28:
04:b6:9c:85:e7:d0:b5:bc:2a:b5:3b:ce:e8:88:88:
04:c7:26:9c:27:8d:29:cf:e6:1a:c4:ba:3e:37:11:
f9:7c:7a:b4:1c:70:8a:f5:13:98:be:8c:1d:8e:cc:
11:a2:f7:01:fb:e6:2c:db:9b:aa:fe:69:40:2a:d8:
f8:a6:f8:b9:24:f5:eb:b2:a6:16:6b:e4:55:80:01:
fa:b3:97:ab:07:89:b9:d4:22:a7:85:1a:31:36:e7:
36:7e:2f:be:e5:54:5c:d9:80:5f:99:7b:d5:2c:a8:
64:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:DC:EC:BE:42:DF:42:94:F3:FF:7C:49:A8:D4:47:AB:25:20:F9:68
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TdzsvkLfQpTz_3xJqNRHqyUg-Wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
73:14:de:19:4d:07:eb:6d:97:d4:a9:10:8d:b4:c4:67:c6:fe:
6a:c5:49:61:68:5a:5e:5f:35:f7:7a:32:70:6f:ac:e5:c2:0b:
b9:7f:9f:51:42:c5:c2:28:b3:32:48:60:43:e2:42:75:b3:b9:
a9:da:3c:fe:16:50:aa:64:f2:9d:74:b0:7b:41:12:00:3e:fc:
bd:92:b7:1d:c9:68:ac:ae:f2:44:ce:c4:85:7c:23:ab:d3:68:
6b:e6:8d:0a:a5:9e:05:93:c3:90:07:f3:06:89:75:27:db:39:
8e:bb:70:32:90:99:74:36:49:c8:7f:4d:73:e8:46:2d:f7:6b:
ae:0b:39:a8:aa:29:08:52:b6:ed:55:c9:51:46:5b:43:d7:e9:
ec:fd:c7:2a:17:bb:ad:1e:51:18:ec:e0:03:a6:09:13:01:28:
e3:98:d9:8f:d1:a8:9f:d2:62:89:73:c9:7b:8b:ec:03:1a:1d:
ad:9b:c2:c1:a1:56:ae:8a:8e:95:ec:e2:cc:0c:4d:40:77:fa:
7b:ef:9e:09:1c:62:cd:67:d0:db:35:16:c1:35:b9:3c:dc:3c:
11:85:1e:3d:64:fa:88:d2:27:4b:08:18:1b:09:a0:ce:87:ce:
7e:28:b7:7f:96:a4:d0:95:0f:21:f9:94:43:32:fa:9f:b6:d3:
f5:1a:dd:6e
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHY1uljMjBxVdIgOQUrm1IYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA5MjIxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGRjZWNiZTQyZGY0Mjk0ZjNmZjdjNDlhOGQ0NDdhYjI1MjBmOTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZfUWeh1TPLChd3eeQK5IpWA9T+8
Oj5Nb8p1+3DL50vNkku6CnTfkd7WU0XqNPjgXLelFo77xaprjVaJjYSYo8CVKtm3
YoJA5slS6yBRRrPW5n4dQvV9D8SwAYe7qzdlU3aS+73reXaGYh7mIq0Yjq5ZiDUU
GlcCGpzR2Bcw2yKLn25udrsWrOM0jCbfG0tH2gudiigEtpyF59C1vCq1O87oiIgE
xyacJ40pz+YaxLo+NxH5fHq0HHCK9ROYvowdjswRovcB++Ys25uq/mlAKtj4pvi5
JPXrsqYWa+RVgAH6s5erB4m51CKnhRoxNuc2fi++5VRc2YBfmXvVLKhkYwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFE3c7L5C30KU8/98SajUR6slIPloMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVGR6c3ZrTGZRcFR6XzN4SnFOUkhxeVVnLVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wDEQAgAQZ8AGT//wAAAZHYLDcb
MA0GCSqGSIb3DQEBCwUAA4IBAQBzFN4ZTQfrbZfUqRCNtMRnxv5qxUlhaFpeXzX3
ejJwb6zlwgu5f59RQsXCKLMySGBD4kJ1s7mp2jz+FlCqZPKddLB7QRIAPvy9krcd
yWisrvJEzsSFfCOr02hr5o0KpZ4Fk8OQB/MGiXUn2zmOu3AykJl0NknIf01z6EYt
92uuCzmoqikIUrbtVclRRltD1+ns/ccqF7utHlEY7OADpgkTASjjmNmP0aif0mKJ
c8l7i+wDGh2tm8LBoVauio6V7OLMDE1Ad/p7754JHGLNZ9DbNRbBNbk83DwRhR49
ZPqI0idLCBgbCaDOh85+KLd/lqTQlQ8h+ZRDMvqfttP1Gt1u
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:02 2025 by rpki-client