Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Zq-8CczGyUgBkCf6z2tFuDy7T0M.roa
File: Zq-8CczGyUgBkCf6z2tFuDy7T0M.roa (raw, json)
Hash identifier: 5oPoPBbwESuoW8389eMUyj5/Y8n2S5IMrXxrLIerGhE=
Subject key identifier: 66:AF:BC:09:CC:C6:C9:48:01:90:27:FA:CF:6B:45:B8:3C:BB:4F:43
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0192FD4970D7F82EE12F3E41AD37C127BF68
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Zq-8CczGyUgBkCf6z2tFuDy7T0M.roa
Signing time: Tue 05 Nov 2024 17:05:01 +0000
ROA not before: Tue 05 Nov 2024 17:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:192:fd48:deda/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 05 Nov 2024 17:13:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fd:49:70:d7:f8:2e:e1:2f:3e:41:ad:37:c1:27:bf:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Nov 5 17:05:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66afbc09ccc6c948019027facf6b45b83cbb4f43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:58:f9:03:c3:b8:1c:61:bf:f7:7d:ab:95:15:
58:36:9c:05:5e:bf:1b:bb:91:d5:41:38:a8:b7:5b:
46:1e:67:a1:75:3b:06:20:bb:3d:34:19:98:06:70:
04:0b:6e:8a:17:9e:09:86:f7:36:58:60:01:5b:bb:
b5:b0:8e:d0:db:a6:08:d6:50:44:28:05:8d:c7:3e:
3b:b7:bf:71:79:40:64:94:9f:24:bb:88:94:bc:f0:
af:a3:33:b0:e3:86:5c:68:d1:c6:79:76:2b:ea:c6:
d6:00:3c:99:ae:8d:44:e4:e2:9a:2d:ce:83:9a:ad:
44:d8:ff:7b:bd:56:c9:f7:ae:fc:4a:f2:5c:47:db:
71:d4:5c:99:b9:6e:ee:9d:52:7b:38:96:53:53:10:
4e:c3:95:7a:70:8a:7a:24:26:e6:de:92:6b:b3:9a:
30:93:66:63:7a:ea:16:f1:e3:e8:7d:72:7e:3d:37:
ba:0e:67:21:e7:89:ee:95:ee:18:86:49:de:69:25:
00:ba:63:e5:7b:3a:52:1c:3d:1e:eb:ab:a4:97:b0:
6c:c6:bc:89:09:e3:98:74:ff:38:ae:48:5b:16:79:
fe:cd:a4:e2:19:86:7e:cf:35:fe:4d:de:5d:36:76:
03:38:17:fa:9e:35:07:2b:0a:38:7a:e5:3c:22:16:
6b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:AF:BC:09:CC:C6:C9:48:01:90:27:FA:CF:6B:45:B8:3C:BB:4F:43
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Zq-8CczGyUgBkCf6z2tFuDy7T0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:192:fd48:deda/128
Signature Algorithm: sha256WithRSAEncryption
54:3a:7e:90:1f:ce:eb:47:1a:8d:e4:48:25:be:b5:f0:2a:a7:
e6:f1:a6:0f:92:24:fc:74:48:57:9a:21:23:56:e7:e8:2e:41:
6f:a6:0f:6f:30:42:10:1e:39:87:b2:18:72:2c:f3:03:f8:0f:
e9:9e:dc:80:da:b5:bc:01:86:85:72:d4:0c:69:5b:66:2d:06:
5c:62:6c:6f:28:b0:61:e1:29:6d:5f:22:6c:66:f3:23:34:07:
aa:26:55:ea:1a:6a:bc:20:76:48:6b:77:72:78:c5:a3:14:00:
a9:ad:4b:89:c9:f3:9a:3e:d1:44:88:94:78:77:04:22:ac:1c:
c9:3e:ff:20:b8:7c:36:a1:e9:33:6b:48:80:79:5e:73:60:8b:
c2:da:4f:7a:22:8b:bc:b3:9f:fd:6c:89:b1:c5:c9:a8:a0:12:
96:f3:49:32:c1:29:1e:90:47:5d:ec:18:98:4d:0a:44:ca:42:
9a:75:f3:e9:ca:65:f7:92:d1:91:89:5c:43:33:f8:e4:82:6b:
69:6a:f7:9f:71:78:f0:ad:ba:4b:cb:b5:15:8f:99:5c:51:f3:
85:1d:02:5b:19:d5:69:9f:8e:11:5b:33:c9:cb:e5:fa:6a:04:
5c:64:24:6d:a0:54:07:03:8e:83:db:66:30:e0:b0:84:b5:3d:
37:9a:b7:8c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZL9SXDX+C7hLz5BrTfBJ79oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMTA1MTcwNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmFmYmMwOWNjYzZjOTQ4MDE5MDI3ZmFjZjZiNDViODNjYmI0ZjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVj5A8O4HGG/932rlRVYNpwFXr8b
u5HVQTiot1tGHmehdTsGILs9NBmYBnAEC26KF54Jhvc2WGABW7u1sI7Q26YI1lBE
KAWNxz47t79xeUBklJ8ku4iUvPCvozOw44ZcaNHGeXYr6sbWADyZro1E5OKaLc6D
mq1E2P97vVbJ9678SvJcR9tx1FyZuW7unVJ7OJZTUxBOw5V6cIp6JCbm3pJrs5ow
k2ZjeuoW8ePofXJ+PTe6Dmch54nule4YhkneaSUAumPlezpSHD0e66ukl7BsxryJ
CeOYdP84rkhbFnn+zaTiGYZ+zzX+Td5dNnYDOBf6njUHKwo4euU8IhZrewIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGavvAnMxslIAZAn+s9rRbg8u09DMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWnEtOENjekd5VWdCa0NmNnoydEZ1RHk3VDBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGS/Uje2jANBgkqhkiG9w0BAQsFAAOCAQEAVDp+kB/O60cajeRIJb618Cqn
5vGmD5Ik/HRIV5ohI1bn6C5Bb6YPbzBCEB45h7IYcizzA/gP6Z7cgNq1vAGGhXLU
DGlbZi0GXGJsbyiwYeEpbV8ibGbzIzQHqiZV6hpqvCB2SGt3cnjFoxQAqa1Licnz
mj7RRIiUeHcEIqwcyT7/ILh8NqHpM2tIgHlec2CLwtpPeiKLvLOf/WyJscXJqKAS
lvNJMsEpHpBHXewYmE0KRMpCmnXz6cpl95LRkYlcQzP45IJraWr3n3F48K26S8u1
FY+ZXFHzhR0CWxnVaZ+OEVszycvl+moEXGQkbaBUBwOOg9tmMOCwhLU9N5q3jA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:25 2025 by rpki-client