Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/X2kJ9VuOgFzMXDiIW2V8LzVzqKc.roa
File: X2kJ9VuOgFzMXDiIW2V8LzVzqKc.roa (raw, json)
Hash identifier: 9DR6LCq8S7vyJ42epoWB3z2yZPuSGv7zzZ2ARn1ikv4=
Subject key identifier: 5F:69:09:F5:5B:8E:80:5C:CC:5C:38:88:5B:65:7C:2F:35:73:A8:A7
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01910CC8145BEE327A9D48245D6CA21E7D5D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/X2kJ9VuOgFzMXDiIW2V8LzVzqKc.roa
Signing time: Thu 01 Aug 2024 07:12:04 +0000
ROA not before: Thu 01 Aug 2024 07:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 01 Aug 2024 08:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0c:c8:14:5b:ee:32:7a:9d:48:24:5d:6c:a2:1e:7d:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 1 07:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f6909f55b8e805ccc5c38885b657c2f3573a8a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9d:25:ba:b3:fd:ec:d7:5f:4f:bb:3b:b0:05:
78:1b:21:46:bb:85:7c:5c:c6:45:29:76:1d:81:24:
d8:68:e6:24:ba:e3:e8:05:7d:8a:49:44:e6:75:b5:
fa:88:51:01:96:e6:4c:51:9a:de:9f:72:05:19:fa:
2e:92:f2:be:7e:8c:1c:7c:d5:05:38:0b:d0:51:a9:
d1:c8:17:03:31:4b:8b:d8:1b:7c:26:e4:7e:06:39:
07:c2:2a:68:fe:c7:19:fd:7a:bf:fe:bf:a3:d4:3f:
e2:75:29:db:63:ef:6d:53:93:3c:86:a2:61:78:30:
11:48:4c:96:fb:a4:89:13:e7:90:03:17:0a:bb:6a:
01:42:a0:d2:f0:24:d9:99:42:10:d8:33:5f:86:b2:
6a:2c:d9:38:ac:87:86:b2:49:11:db:e3:68:be:b3:
21:3e:f6:5d:85:ed:18:98:07:4c:ef:b2:9a:dc:98:
13:d3:7c:04:b9:d3:c6:15:76:5f:ec:48:42:25:ae:
7d:01:49:4e:1c:f1:9c:3a:0a:86:1e:cc:fe:1d:4e:
da:59:68:d6:0c:8c:66:3d:94:2f:4f:6a:94:1c:bd:
83:23:cb:de:bc:fc:66:a9:cb:c3:be:4e:f6:18:d4:
cf:54:3e:e2:e5:e8:4a:0b:03:91:f1:17:40:fa:f5:
5c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:69:09:F5:5B:8E:80:5C:CC:5C:38:88:5B:65:7C:2F:35:73:A8:A7
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/X2kJ9VuOgFzMXDiIW2V8LzVzqKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
6e:f8:7d:15:34:68:dc:7a:21:c8:b0:63:c6:90:eb:49:ef:47:
84:53:63:a1:5b:f6:6f:4e:75:d0:a2:71:9b:d7:14:7e:58:df:
91:e1:7f:9c:fa:ff:f1:68:fa:56:51:cd:e0:5a:15:6c:de:0a:
98:77:6b:88:10:ea:04:b3:86:eb:57:4e:46:a7:32:d4:ee:4d:
01:91:ec:bd:b2:18:ce:67:6c:f4:f6:bf:cf:7a:bd:04:8f:02:
f6:79:07:79:29:45:02:cf:19:3d:88:08:d8:d8:7b:69:ad:ef:
9c:dd:ab:c3:9c:62:3a:05:f2:a8:2a:12:70:a8:67:d3:a3:46:
81:33:a2:d6:9f:d6:54:39:46:90:86:0e:ac:c9:ba:5f:2d:74:
6b:ce:19:75:04:f7:63:bf:cd:47:62:c8:33:aa:e7:39:66:cf:
dc:b5:f5:30:f1:fb:db:26:9b:84:60:7b:bd:eb:21:3f:34:b9:
04:70:1a:7f:6c:6b:40:7f:fc:20:5d:e1:15:e0:24:bc:58:6b:
b4:1e:5f:d2:12:aa:0d:c4:72:2e:93:0b:d6:cc:13:37:42:3a:
af:9a:01:5f:0c:40:e8:69:38:ca:0b:31:42:bd:17:da:f7:be:
1a:be:df:c3:19:e9:95:a9:aa:61:ef:19:04:da:3d:49:6e:fb:
09:c5:a0:26
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEMyBRb7jJ6nUgkXWyiHn1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODAxMDcxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjY5MDlmNTViOGU4MDVjY2M1YzM4ODg1YjY1N2MyZjM1NzNhOGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZ0lurP97NdfT7s7sAV4GyFGu4V8
XMZFKXYdgSTYaOYkuuPoBX2KSUTmdbX6iFEBluZMUZren3IFGfoukvK+fowcfNUF
OAvQUanRyBcDMUuL2Bt8JuR+BjkHwipo/scZ/Xq//r+j1D/idSnbY+9tU5M8hqJh
eDARSEyW+6SJE+eQAxcKu2oBQqDS8CTZmUIQ2DNfhrJqLNk4rIeGskkR2+NovrMh
PvZdhe0YmAdM77Ka3JgT03wEudPGFXZf7EhCJa59AUlOHPGcOgqGHsz+HU7aWWjW
DIxmPZQvT2qUHL2DI8vevPxmqcvDvk72GNTPVD7i5ehKCwOR8RdA+vVcGQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFF9pCfVbjoBczFw4iFtlfC81c6inMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWDJrSjlWdU9nRnpNWERpSVcyVjhMelZ6cUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAbvh9FTRo3HohyLBjxpDrSe9H
hFNjoVv2b0510KJxm9cUfljfkeF/nPr/8Wj6VlHN4FoVbN4KmHdriBDqBLOG61dO
Rqcy1O5NAZHsvbIYzmds9Pa/z3q9BI8C9nkHeSlFAs8ZPYgI2Nh7aa3vnN2rw5xi
OgXyqCoScKhn06NGgTOi1p/WVDlGkIYOrMm6Xy10a84ZdQT3Y7/NR2LIM6rnOWbP
3LX1MPH72yabhGB7veshPzS5BHAaf2xrQH/8IF3hFeAkvFhrtB5f0hKqDcRyLpML
1swTN0I6r5oBXwxA6Gk4ygsxQr0X2ve+Gr7fwxnplamqYe8ZBNo9SW77CcWgJg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:09 2025 by rpki-client