Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TmK7FbSe0hYg4dznc00ggVSizqY.roa
File: TmK7FbSe0hYg4dznc00ggVSizqY.roa (raw, json)
Hash identifier: sqi+wh9RFVQl5mzFKvc1mTP4ZzaHLHxZBwGH72bjbXM=
Subject key identifier: 4E:62:BB:15:B4:9E:D2:16:20:E1:DC:E7:73:4D:20:81:54:A2:CE:A6
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191B4952E5DE0A1CFDCAE4D1B7A5559AB49
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TmK7FbSe0hYg4dznc00ggVSizqY.roa
Signing time: Mon 02 Sep 2024 21:12:41 +0000
ROA not before: Mon 02 Sep 2024 21:12:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 02 Sep 2024 22:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b4:95:2e:5d:e0:a1:cf:dc:ae:4d:1b:7a:55:59:ab:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 2 21:12:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e62bb15b49ed21620e1dce7734d208154a2cea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f9:ce:f4:ec:d7:e1:a9:cb:5b:9c:c7:e6:ea:
5c:86:7e:6e:b0:11:2a:08:31:1c:a3:97:a0:d1:b1:
94:7e:fc:60:37:f5:2d:a0:50:43:c3:56:2c:5c:2a:
5a:27:88:05:b8:d8:5d:29:20:df:83:aa:6b:73:31:
f4:02:0d:46:bc:0e:51:e1:22:7e:dd:d1:5c:1a:0e:
b6:0c:86:8d:7d:a3:9f:18:8b:5c:aa:e5:d1:e7:3a:
92:0b:30:77:82:25:05:ac:d9:68:e2:38:b1:65:43:
23:3f:ee:fb:34:91:e5:b2:8b:84:af:9c:2c:96:3c:
22:f8:3a:f9:63:e3:69:e2:f3:1d:50:e7:d9:e5:a4:
6b:cc:f9:89:7c:ab:c5:58:a7:78:ac:55:23:3e:c5:
c8:5a:95:f5:01:5b:65:de:71:2f:d6:f5:b6:5d:07:
90:dc:fa:c9:a4:6a:1b:84:1d:62:7a:81:89:e3:94:
c4:69:ea:84:39:eb:d6:f8:d0:7f:30:64:ae:99:2e:
7d:d1:42:bf:9b:bc:d0:17:22:9f:1f:63:81:75:40:
28:43:72:0e:8c:5e:d2:a4:b7:35:f4:b1:4b:19:e5:
1d:a1:14:ff:b5:de:0c:20:25:9c:87:b7:08:c4:30:
24:9e:d3:5c:31:d1:2d:63:89:21:b8:3b:e6:2d:64:
ba:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:62:BB:15:B4:9E:D2:16:20:E1:DC:E7:73:4D:20:81:54:A2:CE:A6
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TmK7FbSe0hYg4dznc00ggVSizqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
44:8d:d1:9c:12:f1:90:38:5c:7b:f2:41:27:0c:fe:17:5b:62:
aa:9f:3d:68:d7:7c:f8:53:78:ee:47:d7:65:55:52:79:05:19:
24:7a:43:77:ea:da:44:62:d0:f3:b8:47:73:08:48:d7:3e:91:
0f:6f:97:b9:70:23:d6:e4:82:48:40:50:63:9a:68:89:f4:88:
09:44:90:f0:c7:b5:cf:97:19:93:c5:10:4c:9c:21:e2:13:0c:
49:50:96:d9:33:f6:4b:dd:40:f9:a9:2e:98:bb:aa:ea:c3:da:
88:03:27:6e:d1:8f:13:25:c3:8f:12:41:a6:55:7d:db:c7:df:
95:24:8e:68:b9:af:cb:9c:04:7f:c3:79:d4:84:89:f2:8e:97:
89:76:51:73:21:db:bf:12:30:74:fd:a1:c0:72:37:d1:bd:65:
f1:6b:1b:07:dd:f5:b9:a9:a7:ac:e4:ab:52:29:7e:f3:df:bb:
ae:30:6d:04:4b:53:a4:e6:16:08:7c:69:31:4f:d3:de:6e:5f:
5c:6d:37:8a:09:55:42:f9:b7:e0:95:f5:ea:5a:43:b1:94:d0:
bd:d3:30:d9:91:7b:09:15:b8:6a:09:5c:48:24:c2:30:4a:ec:
2a:47:2f:0a:a2:12:64:9a:8c:39:eb:55:ac:c7:ac:fb:eb:1e:
c3:f1:eb:fe
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZG0lS5d4KHP3K5NG3pVWatJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAyMjExMjQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTYyYmIxNWI0OWVkMjE2MjBlMWRjZTc3MzRkMjA4MTU0YTJjZWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvnO9OzX4anLW5zH5upchn5usBEq
CDEco5eg0bGUfvxgN/UtoFBDw1YsXCpaJ4gFuNhdKSDfg6prczH0Ag1GvA5R4SJ+
3dFcGg62DIaNfaOfGItcquXR5zqSCzB3giUFrNlo4jixZUMjP+77NJHlsouEr5ws
ljwi+Dr5Y+Np4vMdUOfZ5aRrzPmJfKvFWKd4rFUjPsXIWpX1AVtl3nEv1vW2XQeQ
3PrJpGobhB1ieoGJ45TEaeqEOevW+NB/MGSumS590UK/m7zQFyKfH2OBdUAoQ3IO
jF7SpLc19LFLGeUdoRT/td4MICWch7cIxDAkntNcMdEtY4khuDvmLWS6pwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFE5iuxW0ntIWIOHc53NNIIFUos6mMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVG1LN0ZiU2UwaFlnNGR6bmMwMGdnVlNpenFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEARI3RnBLxkDhce/JBJwz+F1ti
qp89aNd8+FN47kfXZVVSeQUZJHpDd+raRGLQ87hHcwhI1z6RD2+XuXAj1uSCSEBQ
Y5poifSICUSQ8Me1z5cZk8UQTJwh4hMMSVCW2TP2S91A+akumLuq6sPaiAMnbtGP
EyXDjxJBplV928fflSSOaLmvy5wEf8N51ISJ8o6XiXZRcyHbvxIwdP2hwHI30b1l
8WsbB931uamnrOSrUil+89+7rjBtBEtTpOYWCHxpMU/T3m5fXG03iglVQvm34JX1
6lpDsZTQvdMw2ZF7CRW4aglcSCTCMErsKkcvCqISZJqMOetVrMes++sew/Hr/g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:50 2025 by rpki-client