Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/as-5_5yuOCacldIhWeCZ1X9g8xo.roa
File: as-5_5yuOCacldIhWeCZ1X9g8xo.roa (raw, json)
Hash identifier: ZvAwBN+8iKNdywsgavJk4NJXWtCuc5XwdMVsAHLPj2s=
Subject key identifier: 6A:CF:B9:FF:9C:AE:38:26:9C:95:D2:21:59:E0:99:D5:7F:60:F3:1A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191B41FB554964F2429C93451572DA7D146
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/as-5_5yuOCacldIhWeCZ1X9g8xo.roa
Signing time: Mon 02 Sep 2024 19:04:22 +0000
ROA not before: Mon 02 Sep 2024 19:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:b41f:7576/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 02 Sep 2024 19:12:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b4:1f:b5:54:96:4f:24:29:c9:34:51:57:2d:a7:d1:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 2 19:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6acfb9ff9cae38269c95d22159e099d57f60f31a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:24:61:1d:f3:5a:c2:ba:a9:3b:43:3b:b1:1e:
6f:69:10:b7:80:2b:9c:41:f6:ec:67:64:30:52:cc:
21:b2:13:f3:c7:5a:f0:b3:bf:0f:6f:ab:65:75:c1:
a8:06:ab:c2:a9:93:af:29:28:95:98:a0:79:33:23:
c6:64:60:9e:b4:d2:19:a5:fa:7e:7a:3d:24:0e:da:
50:e2:4f:37:1d:5b:9f:0a:b3:d9:5a:01:88:a5:59:
bc:3a:9f:aa:54:67:90:2b:c0:f9:ae:ac:68:c1:7e:
25:21:67:9d:93:7d:3a:c5:51:ea:1d:c0:2b:b3:65:
87:f5:de:dd:43:63:e6:bc:e3:8d:f2:88:ef:00:fb:
06:bd:f3:4d:ee:4b:e8:d2:f6:23:7b:2d:fe:4d:ec:
7d:cf:66:b6:53:a2:75:e2:f8:da:73:42:c8:20:4a:
82:21:fe:23:41:ef:5a:46:68:ca:72:75:4f:2e:58:
5c:b2:5b:55:9f:5d:22:6f:50:ba:66:a9:f6:5b:c5:
ad:0b:35:b7:fa:36:b7:52:ea:25:75:b1:08:e7:b4:
d4:9c:f9:dd:72:55:9e:f4:19:a6:0c:46:52:7b:aa:
36:a8:f5:7a:28:cb:94:e4:19:6c:d1:64:5e:ba:8c:
0d:5d:ce:e1:11:a5:d8:13:fc:c1:f7:4f:cb:1e:40:
af:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:CF:B9:FF:9C:AE:38:26:9C:95:D2:21:59:E0:99:D5:7F:60:F3:1A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/as-5_5yuOCacldIhWeCZ1X9g8xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:b41f:7576/128
Signature Algorithm: sha256WithRSAEncryption
0b:a0:b6:73:51:4a:7b:32:e0:24:85:d3:88:6d:86:fd:ff:f3:
17:6b:e0:14:65:4f:06:65:6d:c7:d7:05:d2:09:c7:5c:8b:92:
4f:43:a1:62:dd:e0:7a:28:2b:ba:65:f1:18:d4:b7:7e:7f:a5:
61:c7:85:0e:a4:54:7b:32:af:12:5f:04:b3:fc:57:d3:ec:82:
69:1a:96:8f:de:7f:ea:8b:59:9e:f7:fb:ef:40:0d:fa:d5:84:
9c:f9:62:e4:f7:86:c8:39:92:9c:be:43:8f:70:87:c9:09:34:
70:47:90:ce:07:a6:ef:06:a5:15:a7:72:74:5d:86:9e:51:8d:
5e:7b:ca:c2:3a:37:96:69:48:5c:43:ce:b6:5f:f5:e4:50:85:
33:32:96:fc:6a:b0:4b:2e:82:30:46:7f:6e:06:08:98:48:f0:
cc:88:32:34:25:ab:f4:50:d0:9e:e5:6f:40:18:6d:c6:81:73:
e7:d5:30:49:55:03:cc:97:4d:29:ce:5a:41:0b:93:6d:dd:e4:
29:24:89:10:b0:c5:37:3a:84:d0:2c:05:28:a7:fc:39:8b:41:
db:05:2c:05:15:94:f9:ad:73:74:f9:18:1c:b7:07:31:8e:0f:
bf:e8:63:67:bc:d0:21:7d:83:19:9b:33:b3:2a:13:3c:44:97:
46:28:1b:0f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZG0H7VUlk8kKck0UVctp9FGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAyMTkwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWNmYjlmZjljYWUzODI2OWM5NWQyMjE1OWUwOTlkNTdmNjBmMzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiRhHfNawrqpO0M7sR5vaRC3gCuc
QfbsZ2QwUswhshPzx1rws78Pb6tldcGoBqvCqZOvKSiVmKB5MyPGZGCetNIZpfp+
ej0kDtpQ4k83HVufCrPZWgGIpVm8Op+qVGeQK8D5rqxowX4lIWedk306xVHqHcAr
s2WH9d7dQ2PmvOON8ojvAPsGvfNN7kvo0vYjey3+Tex9z2a2U6J14vjac0LIIEqC
If4jQe9aRmjKcnVPLlhcsltVn10ib1C6Zqn2W8WtCzW3+ja3UuoldbEI57TUnPnd
clWe9BmmDEZSe6o2qPV6KMuU5Bls0WReuowNXc7hEaXYE/zB90/LHkCv1wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGrPuf+crjgmnJXSIVngmdV/YPMaMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYXMtNV81eXVPQ2FjbGRJaFdlQ1oxWDlnOHhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkbQfdXYwDQYJKoZIhvcNAQELBQADggEB
AAugtnNRSnsy4CSF04hthv3/8xdr4BRlTwZlbcfXBdIJx1yLkk9DoWLd4HooK7pl
8RjUt35/pWHHhQ6kVHsyrxJfBLP8V9Psgmkalo/ef+qLWZ73++9ADfrVhJz5YuT3
hsg5kpy+Q49wh8kJNHBHkM4Hpu8GpRWncnRdhp5RjV57ysI6N5ZpSFxDzrZf9eRQ
hTMylvxqsEsugjBGf24GCJhI8MyIMjQlq/RQ0J7lb0AYbcaBc+fVMElVA8yXTSnO
WkELk23d5CkkiRCwxTc6hNAsBSin/DmLQdsFLAUVlPmtc3T5GBy3BzGOD7/oY2e8
0CF9gxmbM7MqEzxEl0YoGw8=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:56 2025 by rpki-client