Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/aOKmrEdV39E5xUFBSQagGK9ovA0.roa
File: aOKmrEdV39E5xUFBSQagGK9ovA0.roa (raw, json)
Hash identifier: J9nzXgq8bk5qjP2LZ3cPfzIPCzsHtTm7dYJCOTTKUns=
Subject key identifier: 68:E2:A6:AC:47:55:DF:D1:39:C5:41:41:49:06:A0:18:AF:68:BC:0D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019340AA1A673AB912F86580D5D69E86A4E2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/aOKmrEdV39E5xUFBSQagGK9ovA0.roa
Signing time: Mon 18 Nov 2024 19:05:09 +0000
ROA not before: Mon 18 Nov 2024 19:05:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:193:40a9:55bb/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 18 Nov 2024 19:13:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:40:aa:1a:67:3a:b9:12:f8:65:80:d5:d6:9e:86:a4:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Nov 18 19:05:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68e2a6ac4755dfd139c541414906a018af68bc0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:70:4b:8e:96:60:93:83:fc:04:6a:29:9f:45:
e8:aa:72:59:c4:1c:08:8d:7d:b9:0f:fd:5d:c3:aa:
2d:ff:ac:a7:3b:54:d5:65:94:ef:97:fb:07:f3:ef:
8c:00:3a:f6:09:60:c3:49:89:8a:23:54:6e:a6:26:
8f:c9:d0:70:b1:af:8b:b8:03:65:b8:36:9c:4d:db:
f8:00:81:5f:47:b0:20:00:12:38:7a:a1:df:87:f8:
be:1f:ad:9f:b6:80:18:6e:a6:87:33:7d:dc:43:2b:
e7:e4:3d:09:37:28:89:dd:c0:fc:ed:56:b3:81:25:
ff:03:06:29:18:92:86:e6:4d:9a:6a:38:78:d2:e3:
67:b0:6f:0b:de:58:eb:5b:af:c1:b1:a8:a1:f0:3a:
cd:79:02:87:4a:98:d0:04:7d:4f:66:4f:62:10:19:
b5:5a:91:ac:8e:c3:ea:ef:b3:4e:c5:56:88:e5:e9:
26:f2:bb:30:d6:15:e8:be:da:33:5c:6c:c8:80:61:
4c:7f:e1:c9:15:0e:a5:b1:35:b5:cc:11:62:d7:9c:
b0:0e:2e:a9:44:4f:c9:cc:10:ea:3b:a6:3e:8c:fa:
7d:c4:d1:54:df:d7:f6:13:d2:ee:d2:20:4c:22:71:
63:d2:7d:cb:5f:35:7c:15:5e:e1:12:85:55:51:36:
d4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E2:A6:AC:47:55:DF:D1:39:C5:41:41:49:06:A0:18:AF:68:BC:0D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/aOKmrEdV39E5xUFBSQagGK9ovA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:193:40a9:55bb/128
Signature Algorithm: sha256WithRSAEncryption
07:95:8b:1c:c4:e8:ac:2c:e0:5f:12:7a:fc:c3:de:1d:0a:7f:
78:91:88:02:55:da:01:0a:85:f3:ee:4a:d5:ba:ec:f3:8a:7f:
34:56:75:f7:61:91:ad:08:56:1e:f0:74:bf:3a:d2:f8:0f:ca:
57:8c:1e:88:7e:d8:94:21:55:28:77:17:4d:c1:01:f5:1d:f9:
67:bd:09:2f:b1:08:26:86:a6:bf:79:ce:55:dd:af:75:a9:7e:
80:c1:33:25:24:f8:8b:e9:f6:21:5c:c1:cf:98:50:e4:23:47:
18:62:da:39:69:a8:a8:2e:0d:a1:56:6e:7b:e1:ad:bd:b6:c9:
8f:23:13:42:db:2f:50:63:a5:21:21:80:65:f5:ea:d2:ef:b1:
c7:a5:93:cb:92:98:15:c3:92:38:a3:43:ed:5a:13:3f:89:43:
e7:62:ac:13:d9:7f:a6:0d:9f:5b:45:d0:74:ae:f8:9c:f4:40:
d3:0e:08:fc:b8:24:ed:16:d2:d2:a7:57:5d:14:de:a5:14:49:
c8:90:c4:7e:7c:1a:98:68:35:c1:b5:9b:86:e0:42:27:ff:d5:
13:60:cf:ff:04:e6:f0:e5:64:15:df:4d:e1:a6:2b:f1:a9:84:
77:99:2e:3e:f7:f7:93:c5:56:ce:90:21:6c:33:47:b9:0d:30:
80:01:ad:6e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZNAqhpnOrkS+GWA1daehqTiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMTE4MTkwNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGUyYTZhYzQ3NTVkZmQxMzljNTQxNDE0OTA2YTAxOGFmNjhiYzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHBLjpZgk4P8BGopn0XoqnJZxBwI
jX25D/1dw6ot/6ynO1TVZZTvl/sH8++MADr2CWDDSYmKI1RupiaPydBwsa+LuANl
uDacTdv4AIFfR7AgABI4eqHfh/i+H62ftoAYbqaHM33cQyvn5D0JNyiJ3cD87Vaz
gSX/AwYpGJKG5k2aajh40uNnsG8L3ljrW6/Bsaih8DrNeQKHSpjQBH1PZk9iEBm1
WpGsjsPq77NOxVaI5ekm8rsw1hXovtozXGzIgGFMf+HJFQ6lsTW1zBFi15ywDi6p
RE/JzBDqO6Y+jPp9xNFU39f2E9Lu0iBMInFj0n3LXzV8FV7hEoVVUTbU4wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGjipqxHVd/ROcVBQUkGoBivaLwNMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYU9LbXJFZFYzOUU1eFVGQlNRYWdHSzlvdkEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGTQKlVuzANBgkqhkiG9w0BAQsFAAOCAQEAB5WLHMTorCzgXxJ6/MPeHQp/
eJGIAlXaAQqF8+5K1brs84p/NFZ192GRrQhWHvB0vzrS+A/KV4weiH7YlCFVKHcX
TcEB9R35Z70JL7EIJoamv3nOVd2vdal+gMEzJST4i+n2IVzBz5hQ5CNHGGLaOWmo
qC4NoVZue+GtvbbJjyMTQtsvUGOlISGAZfXq0u+xx6WTy5KYFcOSOKND7VoTP4lD
52KsE9l/pg2fW0XQdK74nPRA0w4I/Lgk7RbS0qdXXRTepRRJyJDEfnwamGg1wbWb
huBCJ//VE2DP/wTm8OVkFd9N4aYr8amEd5kuPvf3k8VWzpAhbDNHuQ0wgAGtbg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:16 2025 by rpki-client