Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XmVYl4q6ACi6Q0BoCH_Liv7uk3k.roa
File: XmVYl4q6ACi6Q0BoCH_Liv7uk3k.roa (raw, json)
Hash identifier: p8g8uAfS4EQ4L/HVcbOi5aHM9URte573ekU7zf6xOlA=
Subject key identifier: 5E:65:58:97:8A:BA:00:28:BA:43:40:68:08:7F:CB:8A:FE:EE:93:79
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191980A12D80E2C32E42CA2B3D949DFB5AF
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XmVYl4q6ACi6Q0BoCH_Liv7uk3k.roa
Signing time: Wed 28 Aug 2024 08:11:22 +0000
ROA not before: Wed 28 Aug 2024 08:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 28 Aug 2024 09:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:98:0a:12:d8:0e:2c:32:e4:2c:a2:b3:d9:49:df:b5:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 28 08:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e6558978aba0028ba434068087fcb8afeee9379
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b1:24:e4:a5:61:06:32:60:07:8a:61:8f:d7:
e4:14:0d:2a:60:bf:c8:49:c3:41:32:d4:86:21:f7:
fa:07:ac:3b:db:b9:92:02:73:e0:48:32:7b:85:47:
76:a2:78:8e:3c:1d:ab:37:ff:9f:a7:ff:c8:7d:9f:
7e:91:dd:4e:02:97:81:d2:7f:4a:51:55:fe:da:79:
17:11:69:24:e9:57:f3:7c:57:bb:d1:b8:be:24:42:
58:0e:5b:22:09:00:93:7f:cc:aa:b6:7a:2f:a7:fa:
f3:9c:a5:4e:a0:ca:fd:6a:d1:1f:52:a9:7c:2e:7b:
1a:66:ef:d6:d9:32:57:d3:55:d2:76:8a:e6:19:30:
59:03:2e:25:d1:cb:6a:16:11:f7:0b:42:59:91:22:
5c:7d:6f:c5:27:8d:98:83:a2:81:83:d9:ce:87:6b:
e3:fe:2e:75:e0:8b:61:92:8d:05:d7:e9:45:71:c6:
b0:26:00:c5:e7:80:0b:b4:a2:91:90:51:28:c9:53:
8a:2f:ce:3d:58:b8:5e:d3:2f:22:b5:39:c6:60:ee:
72:81:89:e7:3a:4b:3f:6e:0f:75:27:46:87:76:63:
d4:ea:1e:01:36:1d:8a:49:bc:bc:9e:1b:5e:8b:3f:
00:fd:e9:76:e9:c3:c5:7a:0f:5d:1c:a4:35:40:09:
a6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:65:58:97:8A:BA:00:28:BA:43:40:68:08:7F:CB:8A:FE:EE:93:79
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XmVYl4q6ACi6Q0BoCH_Liv7uk3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
7e:f9:ce:de:4f:aa:8d:94:bc:88:7f:16:39:99:90:cc:52:8f:
b9:9f:4e:69:39:c1:83:3b:f8:1c:bd:dd:53:07:25:86:3b:76:
50:93:43:e9:fb:93:b2:c8:5a:0a:92:61:91:a0:9e:bc:c3:aa:
7e:d5:e7:3e:cd:bc:d4:ea:f1:cf:c6:2d:31:a0:3a:43:4b:6d:
c8:d2:5c:b8:92:82:1b:00:bf:e7:a1:42:88:e1:11:62:7a:bd:
42:42:d2:52:9e:57:9b:9e:fe:a4:d2:cf:0d:78:a8:ee:71:01:
dd:68:0d:76:6e:99:06:d9:79:63:a9:47:4f:13:d9:12:d4:b5:
d7:2e:06:cd:8d:65:e6:75:76:10:e8:a2:41:1d:70:c8:50:01:
c6:51:34:b8:32:00:6a:81:fa:3e:4f:7e:ce:00:df:47:a0:d0:
0d:81:3b:75:ff:bc:82:cd:5e:77:99:33:4f:34:c1:5f:43:46:
34:49:3b:fa:35:ca:11:41:11:d5:7e:93:be:dc:e7:8a:3a:3a:
23:cb:84:39:5d:ea:1a:d1:51:01:1b:93:cd:f6:21:6f:0e:ea:
f6:73:1d:95:4c:5e:28:89:13:ac:f2:59:2b:e0:a7:f1:78:04:
ac:85:a1:69:45:a0:32:12:51:05:c6:1b:08:53:7e:26:66:b0:
c1:70:1a:8d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGYChLYDiwy5Cyis9lJ37WvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI4MDgxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTY1NTg5NzhhYmEwMDI4YmE0MzQwNjgwODdmY2I4YWZlZWU5Mzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLEk5KVhBjJgB4phj9fkFA0qYL/I
ScNBMtSGIff6B6w727mSAnPgSDJ7hUd2oniOPB2rN/+fp//IfZ9+kd1OApeB0n9K
UVX+2nkXEWkk6VfzfFe70bi+JEJYDlsiCQCTf8yqtnovp/rznKVOoMr9atEfUql8
LnsaZu/W2TJX01XSdormGTBZAy4l0ctqFhH3C0JZkSJcfW/FJ42Yg6KBg9nOh2vj
/i514Ithko0F1+lFccawJgDF54ALtKKRkFEoyVOKL849WLhe0y8itTnGYO5ygYnn
Oks/bg91J0aHdmPU6h4BNh2KSby8nhteiz8A/el26cPFeg9dHKQ1QAmmwwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFF5lWJeKugAoukNAaAh/y4r+7pN5MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWG1WWWw0cTZBQ2k2UTBCb0NIX0xpdjd1azNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAfvnO3k+qjZS8iH8WOZmQzFKP
uZ9OaTnBgzv4HL3dUwclhjt2UJND6fuTsshaCpJhkaCevMOqftXnPs281Orxz8Yt
MaA6Q0ttyNJcuJKCGwC/56FCiOERYnq9QkLSUp5Xm57+pNLPDXio7nEB3WgNdm6Z
Btl5Y6lHTxPZEtS11y4GzY1l5nV2EOiiQR1wyFABxlE0uDIAaoH6Pk9+zgDfR6DQ
DYE7df+8gs1ed5kzTzTBX0NGNEk7+jXKEUER1X6Tvtznijo6I8uEOV3qGtFRARuT
zfYhbw7q9nMdlUxeKIkTrPJZK+Cn8XgErIWhaUWgMhJRBcYbCFN+JmawwXAajQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:50 2025 by rpki-client