Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/akH8kSBNmG9wJxSVwI-LGeqoJFQ.roa
File: akH8kSBNmG9wJxSVwI-LGeqoJFQ.roa (raw, json)
Hash identifier: XGHu/LJf+NiPfJ87Y1c/YbP0lGRPuj8HhsuF7NrJ57w=
Subject key identifier: 6A:41:FC:91:20:4D:98:6F:70:27:14:95:C0:8F:8B:19:EA:A8:24:54
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019176FE9A9451177A737504A5CF133890E2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/akH8kSBNmG9wJxSVwI-LGeqoJFQ.roa
Signing time: Wed 21 Aug 2024 22:11:22 +0000
ROA not before: Wed 21 Aug 2024 22:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 21 Aug 2024 23:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:76:fe:9a:94:51:17:7a:73:75:04:a5:cf:13:38:90:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 21 22:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a41fc91204d986f70271495c08f8b19eaa82454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:00:06:b1:f4:c9:02:22:9d:ee:1c:8f:28:21:
7a:0e:3f:19:6c:36:0e:63:55:47:14:7e:14:1e:99:
05:e5:a2:e7:5a:58:54:8f:f3:ee:74:3b:49:a1:94:
87:59:0f:03:53:03:5b:d0:d0:af:9f:4a:ea:19:88:
3d:34:3f:63:a2:2c:dd:34:32:13:06:f8:50:48:bc:
fd:4f:54:4d:1d:ae:d0:e9:32:52:d6:b3:3f:72:bb:
4d:34:8f:00:e5:c9:d5:cc:4d:40:b3:bf:27:5f:a2:
e7:66:de:db:97:e8:66:b5:4c:65:b8:10:e3:e8:1b:
85:a5:6d:82:53:c5:07:c8:a3:fc:a7:9f:09:8c:73:
74:df:6a:6c:fb:5f:13:47:90:2b:78:c5:bb:00:fe:
04:c9:32:a7:9d:7f:5e:0d:5f:f8:90:9b:a3:c3:53:
bc:45:70:61:6e:d7:55:f8:e6:2b:f3:67:59:02:4b:
42:59:8d:6d:bd:bf:70:70:8f:3b:27:f4:3c:a0:6e:
6a:0d:67:cb:b5:3d:93:dc:05:15:94:ff:36:56:44:
39:10:d2:19:33:7c:61:cc:f3:21:4e:4c:69:4f:41:
a0:9d:0b:02:18:e5:12:d7:00:a3:e1:b7:4e:3e:44:
70:77:4b:96:e4:47:ab:30:4d:05:65:cd:87:42:51:
fd:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:41:FC:91:20:4D:98:6F:70:27:14:95:C0:8F:8B:19:EA:A8:24:54
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/akH8kSBNmG9wJxSVwI-LGeqoJFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
80:26:da:83:37:ab:e6:9c:b0:d8:ee:45:2f:c1:56:29:6a:6d:
2f:8c:7a:c6:89:dc:80:e0:5e:8f:87:52:de:a5:49:b5:dd:2f:
7c:bf:36:53:f3:d5:d9:f9:6c:77:08:9c:57:dc:2f:58:65:d3:
cb:4a:31:94:08:27:39:21:9e:5f:6c:3a:97:8c:22:bd:9d:24:
4e:43:bd:52:58:97:3a:c9:53:f8:46:4f:34:03:96:fe:57:1a:
a5:ca:df:f3:22:08:6f:84:28:1c:c9:39:fc:02:76:1f:10:3e:
8f:50:45:ae:dc:1e:48:f0:60:10:e8:46:81:e7:6c:d8:c2:6a:
e7:76:a5:ac:79:66:4c:ed:b3:e1:6f:e6:c1:ff:e5:5d:b4:55:
2f:60:89:5b:11:e9:27:bd:cd:bc:53:75:be:78:ae:02:b0:d1:
43:9f:e7:f1:c6:16:a3:3c:e0:4e:f3:74:b9:82:5f:2c:65:fb:
e7:7a:0e:a9:3e:86:f3:4b:52:8e:a5:93:ac:d4:41:7d:4b:88:
65:cf:2d:8c:cf:e5:20:4e:ad:72:2c:d4:10:6b:8e:5a:b2:04:
62:80:bc:70:ea:b8:e3:c8:8a:fa:4b:18:59:e0:67:d0:c3:20:
4a:20:32:57:42:b7:44:5a:ec:eb:d7:20:53:bf:5d:42:f0:e1:
21:51:27:45
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZF2/pqUURd6c3UEpc8TOJDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODIxMjIxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTQxZmM5MTIwNGQ5ODZmNzAyNzE0OTVjMDhmOGIxOWVhYTgyNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwAGsfTJAiKd7hyPKCF6Dj8ZbDYO
Y1VHFH4UHpkF5aLnWlhUj/PudDtJoZSHWQ8DUwNb0NCvn0rqGYg9ND9joizdNDIT
BvhQSLz9T1RNHa7Q6TJS1rM/crtNNI8A5cnVzE1As78nX6LnZt7bl+hmtUxluBDj
6BuFpW2CU8UHyKP8p58JjHN032ps+18TR5AreMW7AP4EyTKnnX9eDV/4kJujw1O8
RXBhbtdV+OYr82dZAktCWY1tvb9wcI87J/Q8oG5qDWfLtT2T3AUVlP82VkQ5ENIZ
M3xhzPMhTkxpT0GgnQsCGOUS1wCj4bdOPkRwd0uW5EerME0FZc2HQlH9YQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGpB/JEgTZhvcCcUlcCPixnqqCRUMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYWtIOGtTQk5tRzl3SnhTVndJLUxHZXFvSkZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAgCbagzer5pyw2O5FL8FWKWpt
L4x6xoncgOBej4dS3qVJtd0vfL82U/PV2flsdwicV9wvWGXTy0oxlAgnOSGeX2w6
l4wivZ0kTkO9UliXOslT+EZPNAOW/lcapcrf8yIIb4QoHMk5/AJ2HxA+j1BFrtwe
SPBgEOhGgeds2MJq53alrHlmTO2z4W/mwf/lXbRVL2CJWxHpJ73NvFN1vniuArDR
Q5/n8cYWozzgTvN0uYJfLGX753oOqT6G80tSjqWTrNRBfUuIZc8tjM/lIE6tcizU
EGuOWrIEYoC8cOq448iK+ksYWeBn0MMgSiAyV0K3RFrs69cgU79dQvDhIVEnRQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:06 2025 by rpki-client