Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WnuHkk0EKEyHaMbWSCBJ9ZURfYI.roa
File: WnuHkk0EKEyHaMbWSCBJ9ZURfYI.roa (raw, json)
Hash identifier: DsORZE1SSIWZ0qrSwbNZmLuG68/zV+Z49i/H0ndjE7k=
Subject key identifier: 5A:7B:87:92:4D:04:28:4C:87:68:C6:D6:48:20:49:F5:95:11:7D:82
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191D82C9F6CBD37EF8963BE347FD1BDDB69
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WnuHkk0EKEyHaMbWSCBJ9ZURfYI.roa
Signing time: Mon 09 Sep 2024 19:04:48 +0000
ROA not before: Mon 09 Sep 2024 19:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 09 Sep 2024 20:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d8:2c:9f:6c:bd:37:ef:89:63:be:34:7f:d1:bd:db:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 9 19:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a7b87924d04284c8768c6d6482049f595117d82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f0:9d:90:17:18:4c:97:7b:32:25:82:fa:f3:
a5:d1:fd:81:37:a8:d5:1f:27:ae:27:b8:2d:89:93:
ed:34:c9:41:d9:2d:48:87:96:99:b0:24:a4:a6:d9:
c3:f9:3b:35:1c:82:79:6b:d2:99:28:12:bd:61:3d:
b6:a0:14:05:59:25:0e:54:c1:9d:8e:18:a4:3d:30:
9d:f4:0e:8d:c7:24:b6:d8:04:fe:0f:51:8b:b5:47:
cd:cf:26:ca:c6:70:8c:ec:00:19:19:cd:46:d5:a2:
6d:e2:d3:5c:f0:da:1b:97:45:60:bc:53:38:3a:fd:
eb:f7:7c:9b:fd:56:59:59:45:a5:21:b9:80:60:8c:
21:37:68:35:78:15:7f:ed:48:e5:0d:a9:cd:61:51:
2b:05:21:fa:bb:f6:4c:a1:99:bd:ea:2e:6c:0c:70:
cf:22:9d:26:77:04:5f:6b:97:97:85:10:bb:7e:00:
88:82:9b:0c:72:8c:42:43:b6:1b:a3:e8:a6:51:21:
a9:45:a0:5a:13:c5:6e:80:f4:a7:73:b3:ce:56:dc:
a5:cb:0a:66:05:c9:7c:c5:84:84:98:bb:25:b7:d7:
0f:4b:0f:04:28:5a:4e:97:e2:92:fd:1c:a8:dd:0e:
4e:e9:35:82:44:98:64:47:87:66:46:53:47:f2:c2:
15:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:7B:87:92:4D:04:28:4C:87:68:C6:D6:48:20:49:F5:95:11:7D:82
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WnuHkk0EKEyHaMbWSCBJ9ZURfYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
41:5f:88:f2:7a:99:e1:b7:76:a9:16:31:6d:fc:cb:52:09:8e:
2e:0c:3d:8b:ae:d1:ed:43:84:45:df:54:e2:bd:1e:e0:07:77:
34:45:bb:bc:ee:77:81:60:c5:96:d6:ca:78:63:8c:34:90:74:
28:68:80:48:67:d3:38:85:13:fd:5b:b9:9d:61:16:02:6f:c0:
0b:ee:e9:bd:11:c3:da:07:fd:65:fb:a3:4d:76:37:bd:93:51:
81:d7:d9:0f:64:b9:10:7b:bb:cb:8b:44:ae:a2:6e:56:0a:f4:
da:5c:85:3a:9e:ac:09:4b:ca:df:e1:b6:73:92:82:ef:db:88:
39:c1:fa:ee:1c:4d:52:c9:cb:20:d3:e6:a1:a7:60:ef:57:ce:
b0:96:f4:9f:d5:cd:50:22:d3:10:1b:c0:54:b7:8a:5b:0a:33:
a9:0b:20:b1:61:1f:64:e4:f6:24:52:87:81:c4:5a:f7:ab:6b:
b8:fa:34:cf:b8:56:8a:1f:77:52:18:29:15:6e:b9:8e:33:ba:
59:34:9f:f4:4d:2c:a3:a5:59:f4:0f:e5:e0:9a:e8:a9:f5:ba:
e1:87:d1:1f:df:30:e1:fa:44:f1:de:1e:3c:e0:ac:66:0a:ed:
6a:4a:fb:76:7c:48:a4:f3:92:a5:1e:a2:fa:b1:55:e1:43:cd:
07:e1:0d:86
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHYLJ9svTfviWO+NH/RvdtpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA5MTkwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTdiODc5MjRkMDQyODRjODc2OGM2ZDY0ODIwNDlmNTk1MTE3ZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvCdkBcYTJd7MiWC+vOl0f2BN6jV
HyeuJ7gtiZPtNMlB2S1Ih5aZsCSkptnD+Ts1HIJ5a9KZKBK9YT22oBQFWSUOVMGd
jhikPTCd9A6NxyS22AT+D1GLtUfNzybKxnCM7AAZGc1G1aJt4tNc8Nobl0VgvFM4
Ov3r93yb/VZZWUWlIbmAYIwhN2g1eBV/7UjlDanNYVErBSH6u/ZMoZm96i5sDHDP
Ip0mdwRfa5eXhRC7fgCIgpsMcoxCQ7Ybo+imUSGpRaBaE8VugPSnc7POVtylywpm
Bcl8xYSEmLslt9cPSw8EKFpOl+KS/Ryo3Q5O6TWCRJhkR4dmRlNH8sIV3QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFFp7h5JNBChMh2jG1kggSfWVEX2CMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvV251SGtrMEVLRXlIYU1iV1NDQko5WlVSZllJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wDEQAgAQZ8AGT//wAAAZHYLDcb
MA0GCSqGSIb3DQEBCwUAA4IBAQBBX4jyepnht3apFjFt/MtSCY4uDD2LrtHtQ4RF
31TivR7gB3c0Rbu87neBYMWW1sp4Y4w0kHQoaIBIZ9M4hRP9W7mdYRYCb8AL7um9
EcPaB/1l+6NNdje9k1GB19kPZLkQe7vLi0Suom5WCvTaXIU6nqwJS8rf4bZzkoLv
24g5wfruHE1Sycsg0+ahp2DvV86wlvSf1c1QItMQG8BUt4pbCjOpCyCxYR9k5PYk
UoeBxFr3q2u4+jTPuFaKH3dSGCkVbrmOM7pZNJ/0TSyjpVn0D+Xgmuip9brhh9Ef
3zDh+kTx3h484KxmCu1qSvt2fEik85KlHqL6sVXhQ80H4Q2G
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:57 2025 by rpki-client