Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/VijMT1VZavUfuMnAveD-UPo3pCo.roa
File: VijMT1VZavUfuMnAveD-UPo3pCo.roa (raw, json)
Hash identifier: Aaek1W33Fp8HnP3dFJ4x/r5qLnppXl7OaWZ4RF66214=
Subject key identifier: 56:28:CC:4F:55:59:6A:F5:1F:B8:C9:C0:BD:E0:FE:50:FA:37:A4:2A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019126182F7EE25C7FAD16925B1EDDE7B2AD
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/VijMT1VZavUfuMnAveD-UPo3pCo.roa
Signing time: Tue 06 Aug 2024 05:10:04 +0000
ROA not before: Tue 06 Aug 2024 05:10:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 06 Aug 2024 06:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:26:18:2f:7e:e2:5c:7f:ad:16:92:5b:1e:dd:e7:b2:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 6 05:10:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5628cc4f55596af51fb8c9c0bde0fe50fa37a42a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:dc:f1:8b:49:09:4e:20:2a:ea:c1:2f:60:f0:
9c:07:8f:90:5b:09:5c:d9:6d:e2:85:b7:3a:46:57:
59:ed:07:1d:c4:62:dd:ed:b5:26:f0:f5:f2:64:e5:
b2:cb:02:2f:9f:78:75:42:04:a9:f4:bf:d5:19:bf:
4a:34:0c:26:b0:13:3c:cf:a5:44:93:3b:40:47:04:
ca:86:7a:08:4f:8c:7d:c4:09:72:b1:4e:38:a3:76:
e0:42:a3:7c:5f:e9:cb:31:32:fd:e3:b2:42:bb:c3:
6c:06:ca:8b:51:f4:60:40:a8:c0:c4:c8:52:0b:01:
95:33:b7:13:20:68:46:be:ad:3f:2f:87:73:20:a2:
36:f6:fa:c0:62:6b:1d:d2:eb:42:42:37:39:93:54:
1b:98:ba:af:bc:d6:72:a0:76:09:32:16:91:2b:52:
de:b3:ea:cc:6e:e1:1d:69:48:dd:d8:c9:20:8f:a1:
16:ad:fa:e1:39:28:7c:0d:de:8d:f3:f7:55:06:21:
18:ad:61:7e:35:af:71:ff:dd:17:6a:8a:bb:5c:1c:
92:b3:f6:31:ac:2a:6f:10:65:e7:57:fb:17:a2:a2:
e6:74:68:78:cd:43:1d:3e:94:ad:a1:72:49:19:1b:
bb:02:58:14:53:a8:60:2f:17:c4:6d:73:fe:81:59:
b2:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:28:CC:4F:55:59:6A:F5:1F:B8:C9:C0:BD:E0:FE:50:FA:37:A4:2A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/VijMT1VZavUfuMnAveD-UPo3pCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
69:80:dc:53:f5:21:17:4e:61:4e:a7:f0:b2:36:e6:11:8d:4b:
06:26:85:c7:f0:cb:39:da:b4:f2:29:9c:46:47:1e:90:31:6c:
53:ba:10:cb:23:77:22:8a:52:4e:a1:ae:51:a4:f5:d5:14:1c:
68:8a:a5:2e:88:c4:fc:32:95:43:3c:0e:6d:a6:f1:fc:23:ef:
6b:94:f1:52:ae:db:89:9e:05:ce:e0:17:65:3f:26:3d:89:3d:
21:b1:bf:af:f3:f2:19:d9:1b:db:28:c3:2c:45:e2:0c:92:b8:
12:a5:6c:3d:ef:bd:96:40:bc:8e:71:d3:00:06:ee:14:92:52:
6f:72:ff:b2:f8:08:0e:42:52:9e:c7:85:00:b0:19:b7:37:44:
22:1a:5a:4a:75:be:13:50:75:c2:ae:6b:9f:d5:5a:74:9c:96:
dc:06:e8:2b:90:b3:3e:ae:28:67:c1:c5:e1:bf:ab:bc:bd:fd:
5a:a0:99:46:f9:a8:60:29:db:53:8d:76:ea:d5:8c:f2:e3:64:
ec:ee:4c:f2:84:9c:cb:23:d7:12:f0:90:5e:a4:87:fa:a7:96:
c1:4c:4a:31:7d:35:ee:db:72:ea:ae:9e:13:34:82:23:2a:f9:
5d:0a:d9:69:3e:ff:28:8a:b2:33:01:33:3d:f9:e8:63:a8:c3:
0c:49:fc:81
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEmGC9+4lx/rRaSWx7d57KtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA2MDUxMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjI4Y2M0ZjU1NTk2YWY1MWZiOGM5YzBiZGUwZmU1MGZhMzdhNDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydzxi0kJTiAq6sEvYPCcB4+QWwlc
2W3ihbc6RldZ7QcdxGLd7bUm8PXyZOWyywIvn3h1QgSp9L/VGb9KNAwmsBM8z6VE
kztARwTKhnoIT4x9xAlysU44o3bgQqN8X+nLMTL947JCu8NsBsqLUfRgQKjAxMhS
CwGVM7cTIGhGvq0/L4dzIKI29vrAYmsd0utCQjc5k1QbmLqvvNZyoHYJMhaRK1Le
s+rMbuEdaUjd2Mkgj6EWrfrhOSh8Dd6N8/dVBiEYrWF+Na9x/90Xaoq7XBySs/Yx
rCpvEGXnV/sXoqLmdGh4zUMdPpStoXJJGRu7AlgUU6hgLxfEbXP+gVmy1wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFYozE9VWWr1H7jJwL3g/lD6N6QqMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVmlqTVQxVlphdlVmdU1uQXZlRC1VUG8zcENvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAaYDcU/UhF05hTqfwsjbmEY1L
BiaFx/DLOdq08imcRkcekDFsU7oQyyN3IopSTqGuUaT11RQcaIqlLojE/DKVQzwO
babx/CPva5TxUq7biZ4FzuAXZT8mPYk9IbG/r/PyGdkb2yjDLEXiDJK4EqVsPe+9
lkC8jnHTAAbuFJJSb3L/svgIDkJSnseFALAZtzdEIhpaSnW+E1B1wq5rn9VadJyW
3AboK5CzPq4oZ8HF4b+rvL39WqCZRvmoYCnbU4126tWM8uNk7O5M8oScyyPXEvCQ
XqSH+qeWwUxKMX017tty6q6eEzSCIyr5XQrZaT7/KIqyMwEzPfnoY6jDDEn8gQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:45 2025 by rpki-client