Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ascYV0WDoNtrmgwf8395oQMfgVM.roa
File: ascYV0WDoNtrmgwf8395oQMfgVM.roa (raw, json)
Hash identifier: q6BPjp1oQahnb1oq9aI+RhgIBiMq+C4LBDRpLW7udQ4=
Subject key identifier: 6A:C7:18:57:45:83:A0:DB:6B:9A:0C:1F:F3:7F:79:A1:03:1F:81:53
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191A521F0671AF82A3528569069370FE8B8
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ascYV0WDoNtrmgwf8395oQMfgVM.roa
Signing time: Fri 30 Aug 2024 21:12:30 +0000
ROA not before: Fri 30 Aug 2024 21:12:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 30 Aug 2024 22:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a5:21:f0:67:1a:f8:2a:35:28:56:90:69:37:0f:e8:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 30 21:12:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ac718574583a0db6b9a0c1ff37f79a1031f8153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e6:53:82:3d:6a:66:12:9d:1b:b2:32:de:28:
4c:56:b8:cb:ee:5a:c8:ba:30:45:e5:b2:a4:f4:94:
f8:8e:ba:24:8f:ed:4b:ab:a1:c9:67:f6:b3:82:53:
1b:03:42:4d:f3:8b:40:bb:66:85:38:9e:19:30:bc:
1e:9a:a8:3f:a3:4c:83:bf:ab:9a:f2:60:60:99:de:
d5:43:d6:b1:ec:ce:dd:29:4d:6c:35:89:f1:71:6e:
7c:6b:ce:60:01:67:07:9d:10:45:7e:1d:80:36:49:
c0:aa:5b:e0:b1:79:64:be:4e:13:33:3e:8b:3e:5e:
b4:46:c5:a2:4a:a0:6c:fa:1b:f2:38:f0:b2:c6:2b:
1e:5b:b8:e0:60:33:bd:18:1e:b8:07:bc:9d:64:03:
b1:0a:30:9e:8f:d2:d2:98:66:e3:01:ed:be:bd:64:
b1:de:e2:14:6a:66:c7:f7:58:a1:f0:62:02:f5:37:
0a:4a:a2:df:f2:8d:d5:42:bc:8d:1f:ba:49:f9:e2:
6c:42:92:a8:8f:de:f2:13:c9:f7:7d:65:4f:f9:9e:
a2:ff:49:d5:cb:df:53:77:fa:08:9a:a0:09:9c:89:
bb:48:8d:17:2c:89:b3:a4:2d:e2:a0:2f:cc:20:3a:
1e:4d:03:ae:4b:0d:0b:40:1d:fb:eb:c7:a5:ed:59:
77:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C7:18:57:45:83:A0:DB:6B:9A:0C:1F:F3:7F:79:A1:03:1F:81:53
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ascYV0WDoNtrmgwf8395oQMfgVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
54:ff:2a:ed:a7:ee:5d:74:95:02:ab:8f:d0:3f:ef:70:0a:8c:
fb:56:cd:f5:12:80:a0:3a:98:9e:a7:60:fc:15:e5:a0:b1:10:
be:e6:40:8c:16:85:56:6e:a0:74:89:b6:9d:47:c2:7e:22:a4:
49:8e:af:44:b5:a0:8b:08:e1:78:a1:88:e6:69:89:1a:ca:65:
69:39:26:32:63:1a:37:2e:e9:54:ea:12:b5:7f:47:b3:6f:63:
fe:4d:d1:f0:d3:fb:88:90:7d:20:eb:48:ae:b1:eb:fa:72:fa:
4f:56:79:a5:b0:e2:6d:4d:31:1c:58:34:f9:a9:47:73:0b:fd:
16:43:ff:2a:52:a0:e9:61:1f:cf:ae:cb:15:f6:a9:a7:28:44:
06:c4:10:78:18:bd:89:7e:aa:d0:bf:38:1b:3f:6c:68:89:ad:
cf:f0:50:ee:99:4f:61:d5:da:4a:58:de:6c:15:b6:27:df:c2:
e5:af:57:7d:5d:24:52:04:2d:1f:64:b0:ec:a2:d3:c9:2c:34:
37:cd:f0:5e:99:6a:16:72:58:80:6f:68:ea:dc:e1:f8:28:68:
51:83:38:a4:b6:74:42:d8:98:d0:48:e3:0e:c7:84:d7:d4:aa:
5d:ac:32:27:b5:b3:d8:b1:b1:dd:e8:23:51:6b:a4:89:ab:52:
ca:48:28:e9
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGlIfBnGvgqNShWkGk3D+i4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODMwMjExMjMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWM3MTg1NzQ1ODNhMGRiNmI5YTBjMWZmMzdmNzlhMTAzMWY4MTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuZTgj1qZhKdG7Iy3ihMVrjL7lrI
ujBF5bKk9JT4jrokj+1Lq6HJZ/azglMbA0JN84tAu2aFOJ4ZMLwemqg/o0yDv6ua
8mBgmd7VQ9ax7M7dKU1sNYnxcW58a85gAWcHnRBFfh2ANknAqlvgsXlkvk4TMz6L
Pl60RsWiSqBs+hvyOPCyxiseW7jgYDO9GB64B7ydZAOxCjCej9LSmGbjAe2+vWSx
3uIUambH91ih8GIC9TcKSqLf8o3VQryNH7pJ+eJsQpKoj97yE8n3fWVP+Z6i/0nV
y99Td/oImqAJnIm7SI0XLImzpC3ioC/MIDoeTQOuSw0LQB3768el7Vl3AQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGrHGFdFg6Dba5oMH/N/eaEDH4FTMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYXNjWVYwV0RvTnRybWd3ZjgzOTVvUU1mZ1ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAVP8q7afuXXSVAquP0D/vcAqM
+1bN9RKAoDqYnqdg/BXloLEQvuZAjBaFVm6gdIm2nUfCfiKkSY6vRLWgiwjheKGI
5mmJGsplaTkmMmMaNy7pVOoStX9Hs29j/k3R8NP7iJB9IOtIrrHr+nL6T1Z5pbDi
bU0xHFg0+alHcwv9FkP/KlKg6WEfz67LFfappyhEBsQQeBi9iX6q0L84Gz9saImt
z/BQ7plPYdXaSljebBW2J9/C5a9XfV0kUgQtH2Sw7KLTySw0N83wXplqFnJYgG9o
6tzh+ChoUYM4pLZ0QtiY0EjjDseE19SqXawyJ7Wz2LGx3egjUWukiatSykgo6Q==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:50 2025 by rpki-client