Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/awWp0pnYIFKfzwQuk2dX8q3BqNs.roa
File: awWp0pnYIFKfzwQuk2dX8q3BqNs.roa (raw, json)
Hash identifier: nNJZFSf5IweppNu3ojyuzsN+8Ts5dh7d9BCpZUWDJ2U=
Subject key identifier: 6B:05:A9:D2:99:D8:20:52:9F:CF:04:2E:93:67:57:F2:AD:C1:A8:DB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191C3D0209CE35C7FDAE342DC1E4800A3D2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/awWp0pnYIFKfzwQuk2dX8q3BqNs.roa
Signing time: Thu 05 Sep 2024 20:11:22 +0000
ROA not before: Thu 05 Sep 2024 20:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 05 Sep 2024 21:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c3:d0:20:9c:e3:5c:7f:da:e3:42:dc:1e:48:00:a3:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 5 20:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b05a9d299d820529fcf042e936757f2adc1a8db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6a:b0:82:03:b8:e9:fc:32:d8:3e:c0:50:7c:
20:27:e4:85:ae:29:21:1e:57:66:d8:f5:af:d1:56:
3e:33:4b:e0:4f:d0:55:af:1f:76:68:bc:aa:51:36:
a1:77:65:5d:30:83:9d:89:4f:4d:d1:1e:5a:5e:96:
9a:34:73:fb:21:59:8d:bf:9a:40:0d:b2:c5:3e:19:
7f:0d:df:9d:ed:b7:69:a8:0d:bb:99:bd:63:42:52:
44:7c:ba:3a:8f:aa:43:7b:98:95:e5:d8:58:9f:4a:
29:44:01:ad:ae:45:dc:a4:88:46:9d:10:8b:c5:b9:
65:8d:ec:eb:3c:df:de:7d:60:7d:41:fc:52:c6:a6:
9b:6a:d2:9a:2e:8b:42:f0:26:4b:1e:f9:22:aa:b5:
e2:54:33:63:04:43:5a:55:f5:b3:cf:e5:f0:f1:f1:
37:c1:ed:ef:ed:9f:9b:58:36:a1:5a:4a:e5:63:8c:
b0:f9:36:bc:1e:dc:0b:18:cd:2a:76:ad:29:ae:53:
32:e8:80:21:4e:ce:76:57:74:5d:81:9f:7f:74:7c:
3a:3d:ea:76:8f:ba:26:bf:aa:6f:6e:2d:82:75:15:
35:98:a5:d4:bc:d6:8d:65:b9:08:e3:19:af:c2:4d:
f3:30:87:b8:0b:9a:65:07:21:98:cd:f7:fb:d9:f4:
4a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:05:A9:D2:99:D8:20:52:9F:CF:04:2E:93:67:57:F2:AD:C1:A8:DB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/awWp0pnYIFKfzwQuk2dX8q3BqNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
70:ae:cf:8a:4d:6e:5c:82:08:50:be:46:60:cd:78:cb:f4:81:
ea:c0:42:63:ee:ed:7d:9e:c3:34:12:5f:ba:44:e2:4d:f9:32:
c5:0d:3d:ae:a5:8d:e5:a7:f6:05:5a:6b:c7:db:56:17:a4:c5:
73:a6:ef:01:73:c4:0d:e9:d4:72:4a:bd:1d:2e:c6:90:e5:1d:
b3:c5:68:89:9b:c9:0c:16:6c:0a:90:36:40:22:89:43:65:ff:
1b:40:45:27:22:19:26:44:6a:cc:8d:2f:af:59:b6:c6:91:25:
e7:59:d1:a8:a7:e2:2d:cf:69:28:46:8a:2f:98:84:77:3a:38:
63:4c:16:6d:49:08:c2:62:ef:74:ae:31:9a:28:58:cd:e4:82:
c5:d9:13:04:37:6e:37:ee:23:fc:22:25:48:66:ef:51:17:41:
52:62:66:01:0a:49:27:95:f7:1f:1a:a3:3a:14:c1:78:3c:b0:
db:c0:ff:57:78:2d:cd:bb:d9:12:62:ec:95:8d:5d:a7:c6:76:
de:b3:d5:f2:c3:4e:23:2f:57:ce:57:d8:df:6f:2b:38:49:00:
d6:74:8f:0e:1e:b9:12:c1:1b:d0:54:29:92:46:64:cb:3b:bd:
32:dd:d3:aa:37:a8:c4:89:a7:e5:9a:9f:a4:d9:af:ff:58:22:
57:a1:f0:ac
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZHD0CCc41x/2uNC3B5IAKPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA1MjAxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjA1YTlkMjk5ZDgyMDUyOWZjZjA0MmU5MzY3NTdmMmFkYzFhOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2qwggO46fwy2D7AUHwgJ+SFrikh
Hldm2PWv0VY+M0vgT9BVrx92aLyqUTahd2VdMIOdiU9N0R5aXpaaNHP7IVmNv5pA
DbLFPhl/Dd+d7bdpqA27mb1jQlJEfLo6j6pDe5iV5dhYn0opRAGtrkXcpIhGnRCL
xblljezrPN/efWB9QfxSxqabatKaLotC8CZLHvkiqrXiVDNjBENaVfWzz+Xw8fE3
we3v7Z+bWDahWkrlY4yw+Ta8HtwLGM0qdq0prlMy6IAhTs52V3RdgZ9/dHw6Pep2
j7omv6pvbi2CdRU1mKXUvNaNZbkI4xmvwk3zMIe4C5plByGYzff72fRKVwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGsFqdKZ2CBSn88ELpNnV/KtwajbMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYXdXcDBwbllJRktmendRdWsyZFg4cTNCcU5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAcK7Pik1uXIIIUL5GYM14y/SB
6sBCY+7tfZ7DNBJfukTiTfkyxQ09rqWN5af2BVprx9tWF6TFc6bvAXPEDenUckq9
HS7GkOUds8VoiZvJDBZsCpA2QCKJQ2X/G0BFJyIZJkRqzI0vr1m2xpEl51nRqKfi
Lc9pKEaKL5iEdzo4Y0wWbUkIwmLvdK4xmihYzeSCxdkTBDduN+4j/CIlSGbvURdB
UmJmAQpJJ5X3HxqjOhTBeDyw28D/V3gtzbvZEmLslY1dp8Z23rPV8sNOIy9XzlfY
328rOEkA1nSPDh65EsEb0FQpkkZkyzu9Mt3TqjeoxImn5ZqfpNmv/1giV6HwrA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:53 2025 by rpki-client