Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/X6wscOqjiT5zSnoAdoBRlkkb0C4.roa
File: X6wscOqjiT5zSnoAdoBRlkkb0C4.roa (raw, json)
Hash identifier: hVXFvD6UnUvb+XIhRk0Wfs1t5LMFHvERoIV5yh9umlc=
Subject key identifier: 5F:AC:2C:70:EA:A3:89:3E:73:4A:7A:00:76:80:51:96:49:1B:D0:2E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191BDCD214028ACD4706B5A76B00A9B33DC
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/X6wscOqjiT5zSnoAdoBRlkkb0C4.roa
Signing time: Wed 04 Sep 2024 16:10:22 +0000
ROA not before: Wed 04 Sep 2024 16:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 04 Sep 2024 17:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bd:cd:21:40:28:ac:d4:70:6b:5a:76:b0:0a:9b:33:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 4 16:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fac2c70eaa3893e734a7a0076805196491bd02e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c0:e2:07:3b:9b:c5:a8:5d:36:c1:3b:9f:c2:
b7:bc:f4:d3:fc:4b:46:df:f8:53:b8:55:8d:fc:12:
cc:91:c6:24:9a:98:62:48:25:2b:3f:d1:30:85:e3:
73:63:7b:b1:1c:53:ea:c1:97:d5:71:58:ea:f3:28:
bb:b4:9e:d1:69:0a:99:ac:14:b7:e2:a2:b5:1f:77:
db:61:91:a8:18:bd:ea:69:d2:e8:e9:7c:3d:74:73:
64:93:83:c5:dc:ce:03:ce:e6:3f:c1:bd:40:cd:5b:
ff:b6:88:7f:88:c7:34:c5:b1:5e:4f:48:31:9a:f7:
67:4d:7b:1e:e1:2f:00:cb:af:28:ef:68:27:be:ef:
67:24:7a:7b:f5:f8:ba:97:81:01:34:4b:f6:89:3f:
ce:08:9b:9e:cc:70:2a:cd:6b:f4:7f:d9:b9:50:f1:
da:dd:b0:6f:c8:97:a6:65:f7:38:0c:f5:ae:67:88:
a5:89:24:34:17:02:3e:77:0f:bd:c5:be:77:35:7b:
b6:1e:40:07:8f:4c:5b:a9:b7:ef:2c:90:da:c7:64:
01:35:0c:16:bf:09:8f:db:e6:e7:26:2c:d7:ce:ab:
e4:a5:8d:27:ae:21:e6:c0:47:4f:15:7b:37:f8:e1:
af:a7:57:0e:64:c4:ea:9d:bc:f3:ba:4c:b3:93:58:
f4:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:AC:2C:70:EA:A3:89:3E:73:4A:7A:00:76:80:51:96:49:1B:D0:2E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/X6wscOqjiT5zSnoAdoBRlkkb0C4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
92:05:68:8d:2b:6e:90:81:fd:9e:ce:2f:a2:f0:c8:12:d0:9e:
d9:27:56:21:5a:8e:c2:b1:23:32:44:9c:d5:38:b3:c3:9c:77:
cc:3b:86:f7:bf:7d:6a:40:ab:fe:0a:6d:63:2a:6a:4e:d2:7a:
ab:d0:bf:35:bc:50:46:70:15:48:f5:5d:fa:38:ea:a0:37:83:
ae:d0:70:62:32:79:29:98:d0:ad:43:ee:37:0d:29:2b:96:ef:
07:65:59:ff:2c:98:98:42:2b:ba:21:ef:9b:43:26:06:33:da:
ac:f0:45:21:02:d6:63:e4:9b:2f:98:49:37:ae:37:29:75:37:
9c:0b:20:7a:61:5a:0b:eb:b5:dd:5a:74:66:3a:1d:14:36:0f:
68:1b:30:90:c5:04:31:c3:a3:09:b9:d3:a8:2d:1b:3a:4d:b0:
47:1e:12:a9:a2:b6:ba:ec:2f:8e:33:0d:00:5e:bb:f3:bd:9a:
c1:34:02:18:d1:29:c9:0b:84:2b:31:8e:62:1d:9e:00:86:10:
ba:13:4f:3c:9e:39:46:51:3b:cf:4c:3f:71:ac:df:2c:54:bc:
db:03:d5:0a:ba:db:87:15:47:5f:d1:44:ca:1d:c8:4e:00:db:
95:ff:e2:0a:e3:65:3c:91:ec:7f:73:e6:b0:bf:a4:b0:82:d7:
c3:c2:52:4c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZG9zSFAKKzUcGtadrAKmzPcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA0MTYxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmFjMmM3MGVhYTM4OTNlNzM0YTdhMDA3NjgwNTE5NjQ5MWJkMDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscDiBzubxahdNsE7n8K3vPTT/EtG
3/hTuFWN/BLMkcYkmphiSCUrP9EwheNzY3uxHFPqwZfVcVjq8yi7tJ7RaQqZrBS3
4qK1H3fbYZGoGL3qadLo6Xw9dHNkk4PF3M4DzuY/wb1AzVv/toh/iMc0xbFeT0gx
mvdnTXse4S8Ay68o72gnvu9nJHp79fi6l4EBNEv2iT/OCJuezHAqzWv0f9m5UPHa
3bBvyJemZfc4DPWuZ4iliSQ0FwI+dw+9xb53NXu2HkAHj0xbqbfvLJDax2QBNQwW
vwmP2+bnJizXzqvkpY0nriHmwEdPFXs3+OGvp1cOZMTqnbzzukyzk1j0dwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFF+sLHDqo4k+c0p6AHaAUZZJG9AuMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWDZ3c2NPcWppVDV6U25vQWRvQlJsa2tiMEM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAkgVojStukIH9ns4vovDIEtCe
2SdWIVqOwrEjMkSc1Tizw5x3zDuG9799akCr/gptYypqTtJ6q9C/NbxQRnAVSPVd
+jjqoDeDrtBwYjJ5KZjQrUPuNw0pK5bvB2VZ/yyYmEIruiHvm0MmBjParPBFIQLW
Y+SbL5hJN643KXU3nAsgemFaC+u13Vp0ZjodFDYPaBswkMUEMcOjCbnTqC0bOk2w
Rx4SqaK2uuwvjjMNAF67872awTQCGNEpyQuEKzGOYh2eAIYQuhNPPJ45RlE7z0w/
cazfLFS82wPVCrrbhxVHX9FEyh3ITgDblf/iCuNlPJHsf3PmsL+ksILXw8JSTA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:09 2025 by rpki-client