Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_-GNVvohD0gvyUfXaIinY5at_es.roa
File: _-GNVvohD0gvyUfXaIinY5at_es.roa (raw, json)
Hash identifier: bfFtmDKia3aVL5C+P2bXHFavUP6+Lz5ZVSArwxkv50Q=
Subject key identifier: FF:E1:8D:56:FA:21:0F:48:2F:C9:47:D7:68:88:A7:63:96:AD:FD:EB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019100C2FEA785401A89B812DB231FE9DE89
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_-GNVvohD0gvyUfXaIinY5at_es.roa
Signing time: Mon 29 Jul 2024 23:11:04 +0000
ROA not before: Mon 29 Jul 2024 23:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 30 Jul 2024 00:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:00:c2:fe:a7:85:40:1a:89:b8:12:db:23:1f:e9:de:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 29 23:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffe18d56fa210f482fc947d76888a76396adfdeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:03:d6:d6:bd:a0:1b:96:df:ae:53:de:26:14:
cb:87:cf:04:f1:43:4a:7b:14:7b:3c:1e:53:3a:2f:
ed:a3:c0:8c:62:30:fb:c4:3c:80:8d:6e:c9:6b:15:
6e:06:cf:20:71:02:38:a3:b8:3a:57:7f:b5:29:2f:
b2:7f:bc:a4:dd:c4:53:99:74:cc:17:d4:8d:35:04:
e2:7f:1c:01:47:3b:f0:fb:56:bf:bc:aa:a9:06:a3:
c3:19:cb:42:dd:83:40:c0:23:36:dc:f8:16:1b:ae:
1d:15:5f:8c:28:db:15:bf:44:2c:7f:2a:f8:80:7a:
f5:89:cc:2c:ad:5b:86:bb:7c:22:d8:38:67:0c:6a:
5d:97:e4:e9:4a:8a:df:29:b5:55:cd:63:e0:3b:30:
d5:44:63:a1:5f:41:d7:94:fa:f6:f2:47:bf:61:85:
ca:ac:c7:53:b9:36:c5:0d:a2:f2:1b:c3:4f:4d:43:
c0:39:e1:d2:0a:72:81:32:90:22:21:6d:c6:92:57:
ea:da:9c:74:53:68:b5:89:4f:b4:a4:c8:ba:0a:ef:
ac:e1:c7:2f:90:db:1f:ca:71:bd:85:c3:5b:54:17:
0f:9f:bf:08:e1:91:1b:84:dc:71:07:a6:31:62:04:
ef:da:84:6d:33:2e:1d:4f:e9:e2:79:07:ab:1e:66:
66:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:E1:8D:56:FA:21:0F:48:2F:C9:47:D7:68:88:A7:63:96:AD:FD:EB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_-GNVvohD0gvyUfXaIinY5at_es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
1a:59:f6:da:67:2c:e3:be:33:3a:27:0f:ce:15:c0:9e:d0:4d:
73:2a:64:e8:94:a9:d8:14:2a:59:10:0a:a7:e1:d0:2b:59:14:
21:bd:9f:f8:64:2e:17:dc:02:30:bd:b3:c5:4d:8a:8d:e5:fc:
f4:4d:5a:a2:70:fd:fd:9c:c5:66:06:f4:d2:c6:10:a5:62:f3:
03:ac:c9:8b:9b:67:45:ae:27:83:33:c6:39:09:59:17:f1:0c:
20:88:9d:a2:1e:a1:ef:3f:05:3d:c4:bc:33:47:74:89:b9:9b:
ad:7c:33:00:89:53:03:de:5c:91:c8:bd:0b:6a:6b:be:44:39:
74:01:95:96:b5:2c:af:40:f5:c6:38:97:7e:1f:a2:e9:9d:92:
fa:34:84:93:3d:10:91:a5:24:8c:4b:2e:02:c0:79:cb:f5:db:
7a:1d:2a:16:a9:0b:22:cd:e5:ec:8e:54:84:64:7c:a8:8c:6b:
2b:c2:8b:0e:2d:ad:69:8c:8d:32:8a:60:67:de:61:92:f1:c2:
1d:a8:cf:93:c0:7b:e2:25:a4:ac:a2:15:ea:f9:a7:f7:a0:c2:
c3:73:ab:68:9e:9d:2f:a8:88:0f:e4:18:93:24:e5:3a:31:27:
ad:9a:d7:7f:ea:9c:70:ef:9f:d7:80:86:29:a1:6f:09:4b:22:
8a:92:3a:64
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEAwv6nhUAaibgS2yMf6d6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzI5MjMxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmUxOGQ1NmZhMjEwZjQ4MmZjOTQ3ZDc2ODg4YTc2Mzk2YWRmZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAPW1r2gG5bfrlPeJhTLh88E8UNK
exR7PB5TOi/to8CMYjD7xDyAjW7JaxVuBs8gcQI4o7g6V3+1KS+yf7yk3cRTmXTM
F9SNNQTifxwBRzvw+1a/vKqpBqPDGctC3YNAwCM23PgWG64dFV+MKNsVv0Qsfyr4
gHr1icwsrVuGu3wi2DhnDGpdl+TpSorfKbVVzWPgOzDVRGOhX0HXlPr28ke/YYXK
rMdTuTbFDaLyG8NPTUPAOeHSCnKBMpAiIW3Gklfq2px0U2i1iU+0pMi6Cu+s4ccv
kNsfynG9hcNbVBcPn78I4ZEbhNxxB6YxYgTv2oRtMy4dT+nieQerHmZmlwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFP/hjVb6IQ9IL8lH12iIp2OWrf3rMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvXy1HTlZ2b2hEMGd2eVVmWGFJaW5ZNWF0X2VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAGln22mcs474zOicPzhXAntBN
cypk6JSp2BQqWRAKp+HQK1kUIb2f+GQuF9wCML2zxU2KjeX89E1aonD9/ZzFZgb0
0sYQpWLzA6zJi5tnRa4ngzPGOQlZF/EMIIidoh6h7z8FPcS8M0d0ibmbrXwzAIlT
A95ckci9C2prvkQ5dAGVlrUsr0D1xjiXfh+i6Z2S+jSEkz0QkaUkjEsuAsB5y/Xb
eh0qFqkLIs3l7I5UhGR8qIxrK8KLDi2taYyNMopgZ95hkvHCHajPk8B74iWkrKIV
6vmn96DCw3OraJ6dL6iID+QYkyTlOjEnrZrXf+qccO+f14CGKaFvCUsiipI6ZA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:00 2025 by rpki-client