Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/fswH9DFgRM0kHvuamPusciT4WJg.roa
File: fswH9DFgRM0kHvuamPusciT4WJg.roa (raw, json)
Hash identifier: reLo3ane2zOYrH4gUHbGhCG3yzOF2yZ3XMkQR+w6lm0=
Subject key identifier: 7E:CC:07:F4:31:60:44:CD:24:1E:FB:9A:98:FB:AC:72:24:F8:58:98
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191DB6A175EEFAE467B6CDB3372531ED55E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/fswH9DFgRM0kHvuamPusciT4WJg.roa
Signing time: Tue 10 Sep 2024 10:10:48 +0000
ROA not before: Tue 10 Sep 2024 10:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 10 Sep 2024 11:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:db:6a:17:5e:ef:ae:46:7b:6c:db:33:72:53:1e:d5:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 10 10:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ecc07f4316044cd241efb9a98fbac7224f85898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:23:d8:ae:50:16:0c:64:00:56:5a:3a:9c:38:
1e:92:45:1f:19:0d:7c:fd:99:57:3b:18:4c:89:8e:
c8:33:67:79:50:d8:50:5f:05:28:1f:60:e7:64:6d:
8e:75:99:a6:d0:3e:86:8b:52:59:01:02:f9:77:7e:
f8:8f:ce:84:1e:dc:2f:5f:96:0b:25:ca:35:1e:16:
eb:fd:90:cd:87:6d:2d:53:2f:29:38:16:ac:89:86:
fe:69:96:6f:98:d7:6f:97:b8:91:fa:b6:84:90:3c:
16:f4:2f:19:28:86:e3:68:49:a5:56:d2:e8:5d:d4:
b5:68:e5:09:44:68:4c:bf:aa:8e:88:d1:b1:f4:79:
11:f3:3b:e5:90:ae:44:33:a1:8d:a7:70:9b:3c:1c:
4c:8b:98:03:19:89:99:21:1f:22:94:a4:78:c5:71:
fd:c2:d2:88:08:8d:a4:f2:d3:be:f4:c7:df:c9:b1:
0f:8e:f5:e0:cc:0f:71:42:91:3c:c8:fc:75:27:9d:
ac:db:fc:a9:2e:00:40:d3:a1:3f:cc:5a:69:c3:65:
b4:d1:5a:08:9f:d1:11:40:77:05:28:79:ff:77:e6:
aa:a3:b7:29:80:d0:41:37:8a:92:7c:43:e7:2c:dd:
38:5f:d1:2d:21:c4:84:10:9e:3b:03:be:3c:6c:54:
f6:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:CC:07:F4:31:60:44:CD:24:1E:FB:9A:98:FB:AC:72:24:F8:58:98
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/fswH9DFgRM0kHvuamPusciT4WJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
78:30:9f:a8:90:6d:a9:29:6e:fe:b8:52:9c:dd:06:9a:3d:17:
38:90:50:f5:02:4b:25:3e:ab:28:a5:d6:9a:68:88:5b:88:a7:
c2:a9:2e:ad:3c:72:96:e1:a9:2f:c8:7e:bf:8b:ad:83:26:a9:
64:3a:ec:39:80:37:3e:b1:3a:be:fe:d6:6e:ae:23:1a:d9:33:
45:3f:b7:14:3c:bc:0c:84:d9:fd:c7:48:9b:02:8a:ad:86:2a:
cd:06:6d:15:1d:79:7f:cb:a0:87:c0:e0:ab:b0:ad:21:d1:1b:
4f:e0:30:75:24:05:98:ce:e2:61:d2:1c:2e:77:1b:d0:7a:9f:
df:39:38:03:cf:94:d0:e2:32:27:91:75:a8:d7:01:a0:66:a3:
aa:5f:2c:64:cc:36:d2:00:c6:74:34:a2:15:a7:66:2b:4a:25:
ae:0f:f6:fb:32:8f:e0:f3:a9:23:42:88:b5:12:7a:71:fa:4e:
2b:29:52:7c:22:9d:33:fa:36:9f:05:b2:86:d4:aa:58:39:a2:
fb:f6:c8:d4:a9:5d:7f:89:b2:af:a1:b2:6a:f5:17:8c:7a:6f:
bc:bc:79:2e:69:fd:47:6d:da:0e:e1:e2:24:aa:ed:b7:f8:9f:
e4:b6:1a:ef:7d:8e:fc:1c:e6:a8:95:14:36:b0:0e:32:3f:2e:
19:d2:10:9e
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHbahde765Ge2zbM3JTHtVeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTEwMTAxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWNjMDdmNDMxNjA0NGNkMjQxZWZiOWE5OGZiYWM3MjI0Zjg1ODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiPYrlAWDGQAVlo6nDgekkUfGQ18
/ZlXOxhMiY7IM2d5UNhQXwUoH2DnZG2OdZmm0D6Gi1JZAQL5d374j86EHtwvX5YL
Jco1Hhbr/ZDNh20tUy8pOBasiYb+aZZvmNdvl7iR+raEkDwW9C8ZKIbjaEmlVtLo
XdS1aOUJRGhMv6qOiNGx9HkR8zvlkK5EM6GNp3CbPBxMi5gDGYmZIR8ilKR4xXH9
wtKICI2k8tO+9MffybEPjvXgzA9xQpE8yPx1J52s2/ypLgBA06E/zFppw2W00VoI
n9ERQHcFKHn/d+aqo7cpgNBBN4qSfEPnLN04X9EtIcSEEJ47A748bFT2NQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFH7MB/QxYETNJB77mpj7rHIk+FiYMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZnN3SDlERmdSTTBrSHZ1YW1QdXNjaVQ0V0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wDEQAgAQZ8AGT//wAAAZHYLDcb
MA0GCSqGSIb3DQEBCwUAA4IBAQB4MJ+okG2pKW7+uFKc3QaaPRc4kFD1AkslPqso
pdaaaIhbiKfCqS6tPHKW4akvyH6/i62DJqlkOuw5gDc+sTq+/tZuriMa2TNFP7cU
PLwMhNn9x0ibAoqthirNBm0VHXl/y6CHwOCrsK0h0RtP4DB1JAWYzuJh0hwudxvQ
ep/fOTgDz5TQ4jInkXWo1wGgZqOqXyxkzDbSAMZ0NKIVp2YrSiWuD/b7Mo/g86kj
Qoi1Enpx+k4rKVJ8Ip0z+jafBbKG1KpYOaL79sjUqV1/ibKvobJq9ReMem+8vHku
af1HbdoO4eIkqu23+J/kthrvfY78HOaolRQ2sA4yPy4Z0hCe
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:35 2025 by rpki-client