Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_bMmSZgP_3ORVMkbHps3_8cssok.roa
File: _bMmSZgP_3ORVMkbHps3_8cssok.roa (raw, json)
Hash identifier: gNAabWbX49FygYojafzQfHq2vByVQ3TWvgUOvE8QOGI=
Subject key identifier: FD:B3:26:49:98:0F:FF:73:91:54:C9:1B:1E:9B:37:FF:C7:2C:B2:89
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191340C91DEBCC408D85B066E0E6E1552C5
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_bMmSZgP_3ORVMkbHps3_8cssok.roa
Signing time: Thu 08 Aug 2024 22:12:04 +0000
ROA not before: Thu 08 Aug 2024 22:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 08 Aug 2024 23:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:34:0c:91:de:bc:c4:08:d8:5b:06:6e:0e:6e:15:52:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 8 22:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdb32649980fff739154c91b1e9b37ffc72cb289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c4:49:85:c8:2d:2e:53:89:02:de:3d:ab:60:
db:36:64:bc:9f:ec:8e:82:b4:5c:17:88:9d:10:e1:
e9:80:32:18:aa:af:45:8a:2b:a1:37:36:01:17:54:
48:3b:94:80:30:cd:cf:56:a4:4e:d2:b1:5a:1e:08:
9b:4a:24:b3:73:d3:1c:a3:86:41:a7:00:1b:8e:39:
bb:e7:7d:ee:60:c9:52:3e:da:1e:da:da:17:42:37:
f2:0b:f0:45:09:4d:c3:39:62:a5:33:f8:09:f3:dc:
2c:2b:38:a1:00:96:83:f8:94:72:72:e4:50:d6:f9:
61:60:cb:d2:a5:93:68:7b:69:80:ea:98:af:35:0e:
d5:0b:d2:34:71:cc:e5:d8:3c:dc:f8:16:51:75:bc:
0e:96:1c:09:76:cc:d1:58:90:d1:c5:73:20:a6:68:
06:16:10:45:1f:75:62:b9:36:7b:92:dd:6f:85:06:
7d:bc:2c:c5:c7:57:78:52:d4:3d:c9:d8:b2:13:26:
08:3e:16:8f:80:25:2b:ef:19:a7:af:68:33:1b:ef:
c4:69:a2:4f:0d:c3:60:13:07:b8:4d:32:3e:52:9f:
a2:98:34:db:9a:07:b1:52:7b:49:52:c2:20:d3:5e:
b3:d9:cc:a8:9b:f5:d7:66:55:bc:e1:20:7b:5b:aa:
83:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B3:26:49:98:0F:FF:73:91:54:C9:1B:1E:9B:37:FF:C7:2C:B2:89
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_bMmSZgP_3ORVMkbHps3_8cssok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
06:f4:7f:8d:31:57:85:3b:cc:99:5b:ac:a0:87:8c:70:11:18:
35:10:38:ce:d3:e2:58:9c:58:a0:55:63:a4:8d:29:33:81:42:
d0:94:e5:5f:8e:31:06:9e:36:8c:ab:1d:1a:ef:7b:83:f5:fb:
a0:48:b6:db:ee:c6:ac:dd:1e:01:39:66:43:35:00:55:50:96:
a3:7e:9d:30:40:c2:75:eb:3e:30:d0:92:2c:ac:81:43:50:33:
38:ea:d0:65:ee:98:eb:44:4d:6d:2f:e2:0b:53:ea:d7:40:9b:
1f:b9:b2:a7:eb:82:20:04:70:68:4f:e6:40:f6:a9:b0:65:ba:
0c:f7:53:6f:c6:6d:29:06:42:51:89:1b:51:21:3c:98:28:7e:
62:d9:4e:58:15:50:9b:15:34:27:b8:5f:33:17:1d:a6:39:c4:
18:0f:cd:17:e3:c0:cf:bf:23:20:dc:91:c2:c1:e0:fb:4c:5c:
a9:ab:b5:6d:34:6b:8d:62:15:5a:d7:62:23:56:4d:b1:20:08:
3d:fb:59:5c:a5:47:1e:5d:31:fb:7c:30:4c:8c:0b:d1:44:c5:
6c:ca:2f:7d:38:e6:a5:78:8b:f8:67:31:91:bf:8d:da:6b:99:
21:00:a3:27:75:a2:20:cb:f9:b7:a7:3c:00:16:4d:17:83:af:
5f:ec:18:85
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZE0DJHevMQI2FsGbg5uFVLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA4MjIxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGIzMjY0OTk4MGZmZjczOTE1NGM5MWIxZTliMzdmZmM3MmNiMjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsRJhcgtLlOJAt49q2DbNmS8n+yO
grRcF4idEOHpgDIYqq9FiiuhNzYBF1RIO5SAMM3PVqRO0rFaHgibSiSzc9Mco4ZB
pwAbjjm7533uYMlSPtoe2toXQjfyC/BFCU3DOWKlM/gJ89wsKzihAJaD+JRycuRQ
1vlhYMvSpZNoe2mA6pivNQ7VC9I0cczl2Dzc+BZRdbwOlhwJdszRWJDRxXMgpmgG
FhBFH3ViuTZ7kt1vhQZ9vCzFx1d4UtQ9ydiyEyYIPhaPgCUr7xmnr2gzG+/EaaJP
DcNgEwe4TTI+Up+imDTbmgexUntJUsIg016z2cyom/XXZlW84SB7W6qD9wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFP2zJkmYD/9zkVTJGx6bN//HLLKJMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvX2JNbVNaZ1BfM09SVk1rYkhwczNfOGNzc29rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEABvR/jTFXhTvMmVusoIeMcBEY
NRA4ztPiWJxYoFVjpI0pM4FC0JTlX44xBp42jKsdGu97g/X7oEi22+7GrN0eATlm
QzUAVVCWo36dMEDCdes+MNCSLKyBQ1AzOOrQZe6Y60RNbS/iC1Pq10CbH7myp+uC
IARwaE/mQPapsGW6DPdTb8ZtKQZCUYkbUSE8mCh+YtlOWBVQmxU0J7hfMxcdpjnE
GA/NF+PAz78jINyRwsHg+0xcqau1bTRrjWIVWtdiI1ZNsSAIPftZXKVHHl0x+3ww
TIwL0UTFbMovfTjmpXiL+Gcxkb+N2muZIQCjJ3WiIMv5t6c8ABZNF4OvX+wYhQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:32 2025 by rpki-client