Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/fZV1eR6-Nnhvl2MSRVP247l_hTc.roa
File: fZV1eR6-Nnhvl2MSRVP247l_hTc.roa (raw, json)
Hash identifier: BALEEplAgJWTDCw8jl/XPLfqBMQA6ks1qgBXGfiDa5Q=
Subject key identifier: 7D:95:75:79:1E:BE:36:78:6F:97:63:12:45:53:F6:E3:B9:7F:85:37
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191B9BC2BD1FDA3CABE46B3A55987996870
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/fZV1eR6-Nnhvl2MSRVP247l_hTc.roa
Signing time: Tue 03 Sep 2024 21:13:22 +0000
ROA not before: Tue 03 Sep 2024 21:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 03 Sep 2024 22:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b9:bc:2b:d1:fd:a3:ca:be:46:b3:a5:59:87:99:68:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 3 21:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d9575791ebe36786f9763124553f6e3b97f8537
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:dc:46:c2:36:b3:3f:92:b9:c1:b8:20:59:64:
e8:07:74:4f:ca:41:35:14:a1:34:b0:c4:92:f2:c9:
0b:d9:d8:d2:da:a8:30:1a:9b:da:28:e1:f3:38:67:
26:cc:2a:bf:e1:bf:6a:a0:0b:4c:ac:eb:ac:f7:16:
4a:e9:3d:30:0f:46:43:dd:24:94:f2:7e:04:21:87:
27:a3:f2:98:d7:74:81:84:f4:a5:86:70:f6:a2:b7:
97:3a:de:ee:74:93:39:b1:2a:d5:b5:da:f1:26:59:
04:0c:8f:e8:81:27:9b:2a:b3:45:56:e8:2b:a8:ce:
63:fc:5f:3b:c8:7c:7f:76:e9:d5:e6:a6:c9:54:c0:
c7:ba:75:62:28:72:e3:5a:54:ff:2a:78:89:c1:f3:
fe:5c:ae:57:2b:df:22:c1:88:27:9f:fa:d5:73:5b:
50:1b:e9:10:f5:a1:bd:ad:7f:59:4d:d2:37:ab:ce:
1d:aa:8b:71:91:9e:48:cd:59:08:0b:35:83:4c:9b:
b9:ec:24:ac:fd:b6:ed:c7:46:b8:e1:87:6b:00:bb:
49:74:79:df:43:75:12:62:32:99:20:ed:79:5d:0e:
b0:21:49:a4:fb:49:28:46:0a:79:59:26:5e:ce:f9:
b6:e9:ff:96:16:89:98:1c:e0:83:de:d3:47:95:2f:
15:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:95:75:79:1E:BE:36:78:6F:97:63:12:45:53:F6:E3:B9:7F:85:37
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/fZV1eR6-Nnhvl2MSRVP247l_hTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
20:d6:20:ee:3c:42:68:75:d0:2b:ad:5f:b7:d2:53:a9:4e:ad:
18:67:78:dd:09:42:8e:d5:ab:cb:58:5b:4e:02:e6:0e:d2:f8:
f2:20:de:1e:bf:c4:21:26:e3:fc:84:0b:73:90:89:88:59:b1:
51:df:45:f0:16:5b:4f:c1:6e:fd:88:f3:79:f7:e0:3c:1f:97:
0f:b0:75:95:b0:aa:fc:45:3f:29:b1:40:68:52:a5:31:f6:66:
84:b4:e7:09:01:79:04:f0:04:e3:38:cd:9d:00:8d:0f:c0:32:
af:2e:05:db:3d:cd:49:58:e1:37:60:8d:2b:64:84:fd:9b:fb:
b7:4a:79:a2:d8:6f:29:d4:dd:8d:90:2b:82:ac:6f:9c:03:3d:
24:4a:cb:02:bf:0f:f4:1b:36:c1:20:d0:25:fa:39:da:06:42:
97:bb:91:7d:ab:a9:24:22:cd:25:4e:6d:31:56:38:a2:50:c0:
18:37:a2:94:a9:a3:9b:3a:d4:70:65:1c:69:b1:64:2e:84:0d:
42:16:95:52:7f:32:10:62:d6:aa:3c:aa:06:8e:96:a1:8a:73:
9d:c0:b1:22:90:f2:0b:bd:d1:b1:e1:fa:6e:88:db:bd:cc:0b:
06:b5:36:2a:68:5f:c9:b3:dc:75:dc:ec:76:95:1f:29:bc:27:
dc:1d:93:b6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZG5vCvR/aPKvkazpVmHmWhwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAzMjExMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDk1NzU3OTFlYmUzNjc4NmY5NzYzMTI0NTUzZjZlM2I5N2Y4NTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdxGwjazP5K5wbggWWToB3RPykE1
FKE0sMSS8skL2djS2qgwGpvaKOHzOGcmzCq/4b9qoAtMrOus9xZK6T0wD0ZD3SSU
8n4EIYcno/KY13SBhPSlhnD2oreXOt7udJM5sSrVtdrxJlkEDI/ogSebKrNFVugr
qM5j/F87yHx/dunV5qbJVMDHunViKHLjWlT/KniJwfP+XK5XK98iwYgnn/rVc1tQ
G+kQ9aG9rX9ZTdI3q84dqotxkZ5IzVkICzWDTJu57CSs/bbtx0a44YdrALtJdHnf
Q3USYjKZIO15XQ6wIUmk+0koRgp5WSZezvm26f+WFomYHOCD3tNHlS8VYwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFH2VdXkevjZ4b5djEkVT9uO5f4U3MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZlpWMWVSNi1Obmh2bDJNU1JWUDI0N2xfaFRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAINYg7jxCaHXQK61ft9JTqU6t
GGd43QlCjtWry1hbTgLmDtL48iDeHr/EISbj/IQLc5CJiFmxUd9F8BZbT8Fu/Yjz
effgPB+XD7B1lbCq/EU/KbFAaFKlMfZmhLTnCQF5BPAE4zjNnQCND8Ayry4F2z3N
SVjhN2CNK2SE/Zv7t0p5othvKdTdjZArgqxvnAM9JErLAr8P9Bs2wSDQJfo52gZC
l7uRfaupJCLNJU5tMVY4olDAGDeilKmjmzrUcGUcabFkLoQNQhaVUn8yEGLWqjyq
Bo6WoYpzncCxIpDyC73RseH6bojbvcwLBrU2KmhfybPcddzsdpUfKbwn3B2Ttg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:35 2025 by rpki-client