Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/W5kkUwGmoRrZNWC2XUzGYszpZhI.roa
File: W5kkUwGmoRrZNWC2XUzGYszpZhI.roa (raw, json)
Hash identifier: KleVC6MG5bPXmtk2p+hjrTiqKJAedCdvGd9U+K11SQo=
Subject key identifier: 5B:99:24:53:01:A6:A1:1A:D9:35:60:B6:5D:4C:C6:62:CC:E9:66:12
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191BACB2AFC8E951BB233DA32B2FEBA36C6
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/W5kkUwGmoRrZNWC2XUzGYszpZhI.roa
Signing time: Wed 04 Sep 2024 02:09:22 +0000
ROA not before: Wed 04 Sep 2024 02:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 04 Sep 2024 03:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ba:cb:2a:fc:8e:95:1b:b2:33:da:32:b2:fe:ba:36:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 4 02:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b99245301a6a11ad93560b65d4cc662cce96612
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6d:98:c9:6b:7d:c9:f7:cf:4b:e1:03:9b:b4:
24:13:2f:77:10:72:39:c5:58:e9:0e:ea:c4:61:93:
5a:09:71:39:98:68:53:58:d6:04:0d:c4:9c:cb:d9:
8f:87:5b:f1:af:60:c6:b8:56:85:44:5e:db:49:a4:
74:0f:04:ba:e1:73:5f:1f:e3:d4:4b:ba:50:79:a1:
72:de:8f:ce:29:a4:7a:e4:b9:ae:41:a9:ed:df:19:
90:63:28:7b:d4:b2:d7:b2:a9:f5:91:9f:b5:da:ee:
c5:08:18:4b:8d:40:03:3f:dd:54:86:2a:44:b2:39:
35:bb:49:91:23:3d:72:4a:9c:d5:d8:70:7e:82:dc:
bb:db:a6:7e:d3:9c:ec:05:ab:6a:b2:96:c5:3e:34:
9f:8c:f8:5b:c3:7e:82:77:03:80:0b:ca:d7:29:2c:
b9:38:4d:20:5f:33:b2:52:48:6f:d4:ca:e0:9c:ce:
e3:78:c8:d9:81:f4:ea:8d:6e:00:ac:4b:03:0a:5a:
93:02:c8:dd:f6:c2:e7:24:7a:55:a6:f8:23:f4:a3:
1e:f3:3e:ec:09:ce:90:b1:04:7d:3a:62:82:f8:de:
54:6d:40:21:a6:fd:e3:19:3f:94:0a:38:56:5f:f0:
3a:ca:42:63:b2:18:4a:10:d3:0e:cd:8f:2c:3f:41:
c1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:99:24:53:01:A6:A1:1A:D9:35:60:B6:5D:4C:C6:62:CC:E9:66:12
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/W5kkUwGmoRrZNWC2XUzGYszpZhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
22:64:59:66:9c:83:4a:83:4a:0b:7a:46:1b:cc:e5:b9:c0:2d:
31:84:de:50:76:d6:d3:03:1c:90:fe:92:c2:66:fb:71:61:3a:
64:8f:94:d4:2b:ca:fc:45:9f:9f:be:09:99:be:32:74:0d:8e:
89:c7:ea:5a:72:61:36:e5:3a:ea:c1:24:c4:9a:1e:15:8f:f4:
26:f5:4b:0c:d9:80:63:60:23:15:c4:63:82:b8:22:08:e2:d9:
1e:22:ff:ac:94:5d:dd:81:03:dc:83:01:39:bd:e2:7f:77:aa:
8e:c3:56:43:dd:f5:66:96:76:34:50:dd:06:d7:11:e6:d6:3b:
b6:f2:51:7b:44:fb:a9:b9:cc:9c:2c:0a:5b:c9:c6:21:ac:60:
7e:0a:44:22:2c:b9:92:cf:61:d8:d6:91:4e:0b:0d:5c:33:a4:
95:a0:c5:bb:fe:5c:61:34:66:ca:04:56:ee:b5:e0:a2:9c:67:
5c:67:ed:d6:35:4a:ee:58:52:f5:0a:73:d6:1d:33:d2:aa:88:
8a:db:49:ac:d6:8a:fc:12:54:ce:23:e0:97:71:d3:47:9c:a2:
8e:bf:34:de:58:47:85:db:2f:f3:ce:5b:70:d7:9b:ea:ad:d6:
f9:b8:ff:80:76:98:11:52:ad:70:f3:c3:03:69:71:28:f7:23:
dc:9f:ba:b5
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZG6yyr8jpUbsjPaMrL+ujbGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA0MDIwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yjk5MjQ1MzAxYTZhMTFhZDkzNTYwYjY1ZDRjYzY2MmNjZTk2NjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsW2YyWt9yffPS+EDm7QkEy93EHI5
xVjpDurEYZNaCXE5mGhTWNYEDcScy9mPh1vxr2DGuFaFRF7bSaR0DwS64XNfH+PU
S7pQeaFy3o/OKaR65LmuQant3xmQYyh71LLXsqn1kZ+12u7FCBhLjUADP91UhipE
sjk1u0mRIz1ySpzV2HB+gty726Z+05zsBatqspbFPjSfjPhbw36CdwOAC8rXKSy5
OE0gXzOyUkhv1MrgnM7jeMjZgfTqjW4ArEsDClqTAsjd9sLnJHpVpvgj9KMe8z7s
Cc6QsQR9OmKC+N5UbUAhpv3jGT+UCjhWX/A6ykJjshhKENMOzY8sP0HBPwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFuZJFMBpqEa2TVgtl1MxmLM6WYSMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVzVra1V3R21vUnJaTldDMlhVekdZc3pwWmhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAImRZZpyDSoNKC3pGG8zlucAt
MYTeUHbW0wMckP6Swmb7cWE6ZI+U1CvK/EWfn74Jmb4ydA2OicfqWnJhNuU66sEk
xJoeFY/0JvVLDNmAY2AjFcRjgrgiCOLZHiL/rJRd3YED3IMBOb3if3eqjsNWQ931
ZpZ2NFDdBtcR5tY7tvJRe0T7qbnMnCwKW8nGIaxgfgpEIiy5ks9h2NaRTgsNXDOk
laDFu/5cYTRmygRW7rXgopxnXGft1jVK7lhS9Qpz1h0z0qqIittJrNaK/BJUziPg
l3HTR5yijr803lhHhdsv885bcNeb6q3W+bj/gHaYEVKtcPPDA2lxKPcj3J+6tQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:28 2025 by rpki-client