Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/enh7vB3km5I4niyOKj9Ig39nQrY.roa
File: enh7vB3km5I4niyOKj9Ig39nQrY.roa (raw, json)
Hash identifier: AtfO7jgrCjZYFUqEorXNBLYev7e3f0moOosIunAYcY4=
Subject key identifier: 7A:78:7B:BC:1D:E4:9B:92:38:9E:2C:8E:2A:3F:48:83:7F:67:42:B6
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01912429CBFF267190C79FF9AA3D6D39AFD5
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/enh7vB3km5I4niyOKj9Ig39nQrY.roa
Signing time: Mon 05 Aug 2024 20:10:04 +0000
ROA not before: Mon 05 Aug 2024 20:10:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 05 Aug 2024 21:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:24:29:cb:ff:26:71:90:c7:9f:f9:aa:3d:6d:39:af:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 5 20:10:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a787bbc1de49b92389e2c8e2a3f48837f6742b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:78:d3:2a:73:2b:96:bd:65:fe:89:a4:a8:95:
1b:f7:73:c0:d4:1e:62:f1:82:b7:12:57:3c:e6:49:
02:27:d2:7b:4b:2a:31:48:0d:52:2f:e8:c5:ae:26:
20:25:58:62:7c:cc:19:18:bb:99:a6:e6:02:a2:09:
93:6d:87:1c:ce:b5:b2:8c:a1:7b:67:b1:78:03:ab:
34:4c:b8:02:a9:8b:c3:65:33:fb:d8:30:96:73:75:
63:03:67:a7:32:fc:1d:6d:e1:d9:cb:a4:4a:3c:40:
b0:f2:8b:2b:4c:82:83:79:71:12:05:5b:51:a2:0d:
5d:c2:3a:bf:86:1e:12:df:42:b2:36:93:c7:4f:2b:
24:d2:54:f9:7b:f5:c0:ec:dd:fc:af:a1:6c:6b:b1:
94:fc:9e:7b:d4:ed:43:ed:a5:31:8d:eb:8c:15:25:
cb:42:12:6e:8a:24:66:15:4c:97:96:ee:cf:fb:ad:
c0:0e:ee:2f:43:c0:a6:e5:72:9e:92:47:c1:b5:fb:
25:ce:95:8a:a3:34:a8:81:c1:f9:a7:f4:28:bb:e1:
01:4e:ed:11:a3:cf:b9:9f:89:83:31:17:c7:d3:84:
24:ec:89:89:58:4a:a6:a4:1a:fa:ab:fe:c5:1b:c5:
47:e7:21:36:a8:f0:d0:7c:e6:ed:4f:1f:d5:51:cc:
95:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:78:7B:BC:1D:E4:9B:92:38:9E:2C:8E:2A:3F:48:83:7F:67:42:B6
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/enh7vB3km5I4niyOKj9Ig39nQrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
7b:86:87:85:a2:90:88:04:64:ff:94:78:5b:a4:30:f1:c9:7d:
98:57:80:2f:80:4e:3f:93:1d:ca:b3:9c:2a:d8:fb:de:b8:16:
42:76:31:50:f5:19:11:ee:51:ef:e8:10:81:e4:88:4e:13:31:
38:49:7d:62:be:72:84:2b:09:90:a8:5e:de:a5:96:4e:57:05:
96:ad:92:86:66:dd:1b:c7:f3:53:0b:7c:65:64:68:90:ad:10:
e8:58:b6:12:a6:47:a5:e9:36:c7:c6:58:05:cb:47:b6:0d:46:
86:08:38:4d:d2:29:69:4b:67:f6:26:67:d5:a6:eb:3f:8a:c3:
98:20:d4:ea:4b:46:bb:e6:58:54:77:bc:88:7c:63:54:c5:5e:
1d:89:0f:f3:d3:2e:d2:b9:86:ec:b8:4f:15:67:15:81:da:9c:
f1:fc:4c:12:1f:ab:6f:d7:5f:95:88:ac:06:da:ea:e0:08:e6:
ed:c3:b3:51:16:bc:fc:5f:cf:e7:44:d0:e7:4e:54:fe:d5:45:
53:a4:dc:58:fa:7e:33:fd:a1:d2:92:3c:bd:2d:95:8a:55:c7:
a6:9d:6a:55:aa:5b:95:cc:86:8f:f5:73:90:ac:86:2d:da:82:
7b:48:f0:50:54:28:be:f7:02:d6:14:85:1e:7d:19:2c:d2:c1:
c2:5c:7d:d7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEkKcv/JnGQx5/5qj1tOa/VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA1MjAxMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTc4N2JiYzFkZTQ5YjkyMzg5ZTJjOGUyYTNmNDg4MzdmNjc0MmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnjTKnMrlr1l/omkqJUb93PA1B5i
8YK3Elc85kkCJ9J7SyoxSA1SL+jFriYgJVhifMwZGLuZpuYCogmTbYcczrWyjKF7
Z7F4A6s0TLgCqYvDZTP72DCWc3VjA2enMvwdbeHZy6RKPECw8osrTIKDeXESBVtR
og1dwjq/hh4S30KyNpPHTysk0lT5e/XA7N38r6Fsa7GU/J571O1D7aUxjeuMFSXL
QhJuiiRmFUyXlu7P+63ADu4vQ8Cm5XKekkfBtfslzpWKozSogcH5p/Qou+EBTu0R
o8+5n4mDMRfH04Qk7ImJWEqmpBr6q/7FG8VH5yE2qPDQfObtTx/VUcyVgQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHp4e7wd5JuSOJ4sjio/SIN/Z0K2MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZW5oN3ZCM2ttNUk0bml5T0tqOUlnMzluUXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAe4aHhaKQiARk/5R4W6Qw8cl9
mFeAL4BOP5MdyrOcKtj73rgWQnYxUPUZEe5R7+gQgeSIThMxOEl9Yr5yhCsJkKhe
3qWWTlcFlq2ShmbdG8fzUwt8ZWRokK0Q6Fi2EqZHpek2x8ZYBctHtg1Ghgg4TdIp
aUtn9iZn1abrP4rDmCDU6ktGu+ZYVHe8iHxjVMVeHYkP89Mu0rmG7LhPFWcVgdqc
8fxMEh+rb9dflYisBtrq4Ajm7cOzURa8/F/P50TQ505U/tVFU6TcWPp+M/2h0pI8
vS2VilXHpp1qVapblcyGj/VzkKyGLdqCe0jwUFQovvcC1hSFHn0ZLNLBwlx91w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:39 2025 by rpki-client