Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bi85eRnAnymb5CCNgR29aORbHhg.roa
File: bi85eRnAnymb5CCNgR29aORbHhg.roa (raw, json)
Hash identifier: C8fROLjqHdm4HazQRjIr5IGDikQPWSdm21fm415dox4=
Subject key identifier: 6E:2F:39:79:19:C0:9F:29:9B:E4:20:8D:81:1D:BD:68:E4:5B:1E:18
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191D6E8875550C069EE0E0BD0ED99E241D3
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bi85eRnAnymb5CCNgR29aORbHhg.roa
Signing time: Mon 09 Sep 2024 13:10:48 +0000
ROA not before: Mon 09 Sep 2024 13:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 09 Sep 2024 14:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:e8:87:55:50:c0:69:ee:0e:0b:d0:ed:99:e2:41:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 9 13:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e2f397919c09f299be4208d811dbd68e45b1e18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b0:5b:e9:2f:d2:cc:ae:a5:cc:3a:43:a5:c5:
69:fa:ee:05:57:34:5e:dc:54:05:29:80:5d:49:6e:
1c:24:a2:e8:bc:b5:c4:dd:84:27:0d:2b:6a:68:db:
89:b7:82:a2:df:c1:3c:b4:1a:ed:5e:55:50:ff:b2:
a6:5e:48:da:e7:9d:fc:77:2a:42:31:cf:bc:87:75:
0e:35:1c:ab:d6:8d:de:d0:90:04:e4:46:8e:22:9c:
23:4e:86:aa:44:c9:01:fd:49:ab:3d:9f:79:8b:c0:
2a:a3:08:95:b7:37:e0:4c:61:1d:65:15:7c:99:cb:
63:50:4d:d4:98:c6:38:72:ff:22:d4:09:c1:da:07:
5b:cd:30:0e:50:ee:fc:42:98:f5:d7:7c:de:bf:f1:
d9:ac:2c:e3:87:83:7f:f8:01:ac:39:19:3b:f6:a4:
de:cd:f4:1a:7a:ec:ae:26:5a:8b:1e:01:5a:3f:2e:
c8:e9:60:6b:a4:43:b9:6d:8f:b1:38:53:2f:33:0c:
9c:33:22:f7:de:17:37:36:74:cd:4b:03:3a:33:06:
df:e6:da:d4:7d:7a:aa:69:5e:5c:a7:7e:4a:1b:d8:
f6:73:10:9e:cf:f1:55:77:24:03:c8:32:c2:c8:ba:
57:c9:19:1c:1e:91:14:a3:45:fa:3b:c6:fa:41:18:
34:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:2F:39:79:19:C0:9F:29:9B:E4:20:8D:81:1D:BD:68:E4:5B:1E:18
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bi85eRnAnymb5CCNgR29aORbHhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
Signature Algorithm: sha256WithRSAEncryption
1d:a8:20:37:d5:74:96:78:be:20:39:1b:5f:7e:91:82:e1:25:
39:28:57:6e:ff:ad:dc:69:ed:91:85:36:2a:e4:39:6d:60:22:
b3:83:e8:e8:73:ac:38:ba:dc:7e:80:41:e9:e0:67:0f:87:78:
e4:56:03:ef:a5:e6:16:07:02:15:c9:83:2e:dc:d3:b2:88:e1:
f8:f4:fd:3c:fb:55:8e:4c:81:1e:4b:a6:3f:a5:25:1d:39:cd:
d5:2a:76:9d:fd:16:ee:b2:e6:ea:ef:c9:80:1e:81:78:0a:41:
d2:80:d8:ba:bf:7c:af:af:a4:18:a1:30:6d:8e:bf:ea:b6:eb:
73:5f:41:c7:74:4d:9f:07:be:98:3b:fc:20:60:13:37:4c:cb:
61:c2:ff:d6:eb:2e:a0:98:6f:af:f6:d2:95:7e:ca:c0:17:23:
5a:c5:e8:c8:1e:69:6f:d2:72:fc:6c:44:27:60:9b:4d:a6:45:
e5:b0:eb:5a:91:07:21:1a:e6:fd:bf:d5:84:3b:1f:08:2a:69:
7f:7d:5f:ba:47:f5:13:df:61:78:f1:2d:c6:ce:27:38:9a:3a:
7d:9e:8b:0e:df:8a:fe:36:98:b8:5c:de:f5:90:90:32:c9:48:
11:61:09:89:32:da:99:b2:a4:17:40:f8:22:1c:d2:c7:14:49:
a8:ed:ea:f9
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZHW6IdVUMBp7g4L0O2Z4kHTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA5MTMxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTJmMzk3OTE5YzA5ZjI5OWJlNDIwOGQ4MTFkYmQ2OGU0NWIxZTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bBb6S/SzK6lzDpDpcVp+u4FVzRe
3FQFKYBdSW4cJKLovLXE3YQnDStqaNuJt4Ki38E8tBrtXlVQ/7KmXkja5538dypC
Mc+8h3UONRyr1o3e0JAE5EaOIpwjToaqRMkB/UmrPZ95i8AqowiVtzfgTGEdZRV8
mctjUE3UmMY4cv8i1AnB2gdbzTAOUO78Qpj113zev/HZrCzjh4N/+AGsORk79qTe
zfQaeuyuJlqLHgFaPy7I6WBrpEO5bY+xOFMvMwycMyL33hc3NnTNSwM6Mwbf5trU
fXqqaV5cp35KG9j2cxCez/FVdyQDyDLCyLpXyRkcHpEUo0X6O8b6QRg0nwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFG4vOXkZwJ8pm+QgjYEdvWjkWx4YMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYmk4NWVSbkFueW1iNUNDTmdSMjlhT1JiSGhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wwDQYJKoZIhvcNAQELBQADggEB
AB2oIDfVdJZ4viA5G19+kYLhJTkoV27/rdxp7ZGFNirkOW1gIrOD6OhzrDi63H6A
QengZw+HeORWA++l5hYHAhXJgy7c07KI4fj0/Tz7VY5MgR5Lpj+lJR05zdUqdp39
Fu6y5urvyYAegXgKQdKA2Lq/fK+vpBihMG2Ov+q263NfQcd0TZ8Hvpg7/CBgEzdM
y2HC/9brLqCYb6/20pV+ysAXI1rF6MgeaW/ScvxsRCdgm02mReWw61qRByEa5v2/
1YQ7HwgqaX99X7pH9RPfYXjxLcbOJziaOn2eiw7fiv42mLhc3vWQkDLJSBFhCYky
2pmypBdA+CIc0scUSajt6vk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:18:31 2025 by rpki-client