Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ghWf4nOn8ZocuviaFzw4IsM_xqg.roa
File: ghWf4nOn8ZocuviaFzw4IsM_xqg.roa (raw, json)
Hash identifier: Ke+eJI88PRNm2omszbkdgcW9G7ITcV0fxcqFmSgZwmA=
Subject key identifier: 82:15:9F:E2:73:A7:F1:9A:1C:BA:F8:9A:17:3C:38:22:C3:3F:C6:A8
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191E02296CB244D53E3049B6C924B47D7C4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ghWf4nOn8ZocuviaFzw4IsM_xqg.roa
Signing time: Wed 11 Sep 2024 08:10:48 +0000
ROA not before: Wed 11 Sep 2024 08:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 11 Sep 2024 09:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e0:22:96:cb:24:4d:53:e3:04:9b:6c:92:4b:47:d7:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 11 08:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82159fe273a7f19a1cbaf89a173c3822c33fc6a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:13:73:ad:1c:98:ba:44:42:a7:c2:2c:99:69:
c7:e1:e1:65:93:eb:af:98:58:85:c7:db:c0:2b:27:
eb:57:58:34:3d:93:ec:07:ea:ef:4d:0b:ae:85:d3:
81:d3:e9:19:95:57:d7:c3:ae:0c:9f:02:7b:bf:22:
c5:13:84:5a:75:30:94:55:e2:b3:72:eb:c2:a6:22:
64:fc:5b:58:3e:75:a5:84:f0:26:9b:50:31:e2:00:
18:5a:65:f6:2d:1a:36:a8:88:92:99:e7:d9:e6:90:
2c:4c:7e:7a:ce:6b:1a:46:d2:e7:5a:aa:e1:d1:36:
8a:f4:22:94:1a:4c:a3:fb:a8:9e:9a:72:d1:3e:36:
0e:43:c9:b1:42:d7:ff:84:58:36:25:b0:b0:67:89:
3f:e0:a9:58:ee:fa:0b:fc:99:54:d7:15:ba:bf:da:
97:9c:13:b8:5b:49:ac:7e:7c:f4:de:0d:5a:01:db:
e2:5c:70:10:54:92:b3:6a:08:31:61:1c:98:4c:b1:
f7:16:a7:c4:cb:db:26:81:24:7d:54:02:b4:14:28:
df:a9:49:93:fc:bb:01:8c:a5:fb:22:ee:e9:84:9e:
70:30:80:85:cd:8b:41:2c:ad:89:88:ff:60:67:8a:
47:43:e2:2e:c3:7b:88:d9:77:b6:ce:0b:50:7d:5d:
f2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:15:9F:E2:73:A7:F1:9A:1C:BA:F8:9A:17:3C:38:22:C3:3F:C6:A8
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ghWf4nOn8ZocuviaFzw4IsM_xqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
20:6c:c4:38:be:15:d7:28:e1:d8:99:76:71:1b:60:61:40:93:
e2:a9:b2:af:c9:05:9d:0c:21:e3:71:d4:60:15:3b:0a:8e:ae:
f2:d7:fc:0f:e6:7e:3b:2b:fb:b0:81:4c:f1:91:f0:1e:01:1e:
08:f7:17:b0:84:5b:c2:ed:a4:55:a8:c0:18:9b:88:d7:d2:c1:
9f:6f:9b:ea:88:ad:34:b4:11:12:74:58:10:5b:dc:b8:28:08:
03:85:3c:77:94:fe:62:10:7d:d3:60:59:a0:af:c5:9a:63:5a:
a1:07:2d:57:0c:a6:07:59:d5:b8:16:0d:dc:07:95:e6:42:86:
6d:cb:e8:12:0f:27:9b:72:54:aa:85:d8:0e:7f:c7:e9:26:da:
c5:03:98:b6:dc:40:00:d6:4d:39:bd:f4:b4:4e:db:32:95:93:
98:a6:ce:cc:6c:0b:ea:97:ac:6a:5f:4c:56:7d:83:f9:c6:0f:
56:a7:66:e9:8f:e5:12:8d:bf:e7:a9:83:05:30:b5:8a:d2:10:
b8:fe:a2:b6:13:3c:4e:70:86:df:07:bb:be:56:e4:88:dd:35:
3e:2e:c0:82:91:d6:3f:96:11:ce:1a:9d:06:59:88:4a:e7:28:
f2:20:bd:9e:9a:d1:45:ff:28:dd:65:42:d0:8e:b7:00:81:8e:
05:63:58:f2
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHgIpbLJE1T4wSbbJJLR9fEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTExMDgxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjE1OWZlMjczYTdmMTlhMWNiYWY4OWExNzNjMzgyMmMzM2ZjNmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhNzrRyYukRCp8IsmWnH4eFlk+uv
mFiFx9vAKyfrV1g0PZPsB+rvTQuuhdOB0+kZlVfXw64MnwJ7vyLFE4RadTCUVeKz
cuvCpiJk/FtYPnWlhPAmm1Ax4gAYWmX2LRo2qIiSmefZ5pAsTH56zmsaRtLnWqrh
0TaK9CKUGkyj+6iemnLRPjYOQ8mxQtf/hFg2JbCwZ4k/4KlY7voL/JlU1xW6v9qX
nBO4W0msfnz03g1aAdviXHAQVJKzaggxYRyYTLH3FqfEy9smgSR9VAK0FCjfqUmT
/LsBjKX7Iu7phJ5wMICFzYtBLK2JiP9gZ4pHQ+Iuw3uI2Xe2zgtQfV3yQQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFIIVn+Jzp/GaHLr4mhc8OCLDP8aoMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZ2hXZjRuT244Wm9jdXZpYUZ6dzRJc01feHFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wDEQAgAQZ8AGT//wAAAZHYLDcb
MA0GCSqGSIb3DQEBCwUAA4IBAQAgbMQ4vhXXKOHYmXZxG2BhQJPiqbKvyQWdDCHj
cdRgFTsKjq7y1/wP5n47K/uwgUzxkfAeAR4I9xewhFvC7aRVqMAYm4jX0sGfb5vq
iK00tBESdFgQW9y4KAgDhTx3lP5iEH3TYFmgr8WaY1qhBy1XDKYHWdW4Fg3cB5Xm
QoZty+gSDyebclSqhdgOf8fpJtrFA5i23EAA1k05vfS0TtsylZOYps7MbAvql6xq
X0xWfYP5xg9Wp2bpj+USjb/nqYMFMLWK0hC4/qK2EzxOcIbfB7u+VuSI3TU+LsCC
kdY/lhHOGp0GWYhK5yjyIL2emtFF/yjdZULQjrcAgY4FY1jy
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:53 2025 by rpki-client