Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YFRg7c8WK0k0Pm2CkrNJleq0nFM.roa
File: YFRg7c8WK0k0Pm2CkrNJleq0nFM.roa (raw, json)
Hash identifier: 0Y9Y6qvg/5pvdOGsCusJfZpCBp07/DC2ILmcPapXu7w=
Subject key identifier: 60:54:60:ED:CF:16:2B:49:34:3E:6D:82:92:B3:49:95:EA:B4:9C:53
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019132F8FF5CF4AA5D7F7917289FF65BE77E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YFRg7c8WK0k0Pm2CkrNJleq0nFM.roa
Signing time: Thu 08 Aug 2024 17:11:04 +0000
ROA not before: Thu 08 Aug 2024 17:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 08 Aug 2024 18:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:32:f8:ff:5c:f4:aa:5d:7f:79:17:28:9f:f6:5b:e7:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 8 17:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=605460edcf162b49343e6d8292b34995eab49c53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3a:6a:a3:f1:3b:31:4a:35:50:15:22:3a:89:
44:0c:e7:22:f9:0c:ea:32:62:08:a0:f6:9c:5e:25:
a2:db:85:1e:24:8f:ec:6b:ce:11:bb:02:64:c0:8f:
30:f7:42:3e:2a:df:24:6e:1c:86:99:42:ca:dd:9f:
a3:c8:1a:2a:ec:43:74:ae:06:97:3a:a1:7d:ce:dd:
4f:b8:ff:b4:c9:c1:bd:26:17:c9:57:af:b8:53:ca:
65:91:05:dd:a9:d7:51:ad:8c:e5:34:6a:2b:07:30:
58:f1:87:77:d5:40:65:de:20:63:79:4f:3f:ff:83:
c3:5c:90:6e:db:dd:b4:c8:3b:74:fe:cc:84:ad:a5:
67:9c:cd:99:fd:05:2b:84:dc:af:a3:fa:cd:7c:46:
71:e5:2c:50:52:a9:6a:33:d0:7b:5a:be:fb:ea:fe:
fb:0e:56:d7:6c:69:1a:f7:1b:9b:9f:f1:6c:b7:34:
ad:0f:14:22:d7:70:c9:ba:6f:ce:ab:01:07:9d:98:
ef:ec:68:53:17:5a:d8:b7:96:16:9d:7c:55:65:ea:
59:1b:b9:66:e7:6f:12:4c:30:20:f1:20:08:e1:52:
ed:6c:03:e1:b2:4a:1a:10:ec:81:f3:31:cc:94:30:
5b:e6:5c:55:dc:f6:f4:c9:92:a6:c0:8f:8b:97:3e:
90:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:54:60:ED:CF:16:2B:49:34:3E:6D:82:92:B3:49:95:EA:B4:9C:53
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YFRg7c8WK0k0Pm2CkrNJleq0nFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
25:aa:3c:59:f7:4b:a1:79:fa:66:43:54:23:dc:ca:96:60:55:
bf:6c:ac:08:f8:d9:09:70:d3:80:b4:7a:fa:b2:53:b0:ef:5d:
ff:d3:eb:af:8d:36:98:1f:ee:b7:97:ed:89:01:d1:56:32:3f:
2a:9e:39:b2:c8:f8:92:84:4a:64:19:2a:bc:9a:9c:53:d6:4f:
a2:b2:4c:10:70:a1:ba:3b:f9:84:bc:68:77:bb:b8:31:20:6b:
60:53:fd:84:27:75:97:30:fb:8a:85:dc:04:67:2c:b2:ba:f9:
b1:47:f7:00:66:74:f2:c0:76:fc:1a:98:4c:85:50:21:b5:d7:
ed:6b:4c:cf:d3:88:b1:81:15:8d:b3:77:81:8f:d1:8c:e5:66:
a5:3a:7a:e0:48:27:d5:f8:f7:d7:38:15:ec:8d:e4:29:21:13:
e1:cb:e9:89:a8:a7:58:64:c2:aa:9d:e8:12:d3:4f:81:82:1e:
21:37:4c:f2:ca:9d:b9:c3:d7:34:e5:4a:0f:c1:08:f5:a0:6f:
c9:fe:db:52:8e:72:5b:c0:19:5b:a5:84:08:cb:33:14:c5:9d:
c2:19:38:d4:5b:57:e9:1d:e2:c2:72:e0:2c:42:68:1e:f4:8e:
5e:9f:8e:f6:ea:ae:b7:04:32:be:c0:fd:46:fa:ec:77:34:d0:
12:c8:32:ae
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEy+P9c9Kpdf3kXKJ/2W+d+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA4MTcxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDU0NjBlZGNmMTYyYjQ5MzQzZTZkODI5MmIzNDk5NWVhYjQ5YzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjpqo/E7MUo1UBUiOolEDOci+Qzq
MmIIoPacXiWi24UeJI/sa84RuwJkwI8w90I+Kt8kbhyGmULK3Z+jyBoq7EN0rgaX
OqF9zt1PuP+0ycG9JhfJV6+4U8plkQXdqddRrYzlNGorBzBY8Yd31UBl3iBjeU8/
/4PDXJBu2920yDt0/syEraVnnM2Z/QUrhNyvo/rNfEZx5SxQUqlqM9B7Wr776v77
DlbXbGka9xubn/FstzStDxQi13DJum/OqwEHnZjv7GhTF1rYt5YWnXxVZepZG7lm
528STDAg8SAI4VLtbAPhskoaEOyB8zHMlDBb5lxV3Pb0yZKmwI+Llz6QHwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGBUYO3PFitJND5tgpKzSZXqtJxTMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWUZSZzdjOFdLMGswUG0yQ2tyTkpsZXEwbkZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAJao8WfdLoXn6ZkNUI9zKlmBV
v2ysCPjZCXDTgLR6+rJTsO9d/9Prr402mB/ut5ftiQHRVjI/Kp45ssj4koRKZBkq
vJqcU9ZPorJMEHChujv5hLxod7u4MSBrYFP9hCd1lzD7ioXcBGcssrr5sUf3AGZ0
8sB2/BqYTIVQIbXX7WtMz9OIsYEVjbN3gY/RjOVmpTp64Egn1fj31zgV7I3kKSET
4cvpiainWGTCqp3oEtNPgYIeITdM8sqducPXNOVKD8EI9aBvyf7bUo5yW8AZW6WE
CMszFMWdwhk41FtX6R3iwnLgLEJoHvSOXp+O9uqutwQyvsD9RvrsdzTQEsgyrg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:40 2025 by rpki-client