Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/haIEDbG6raCTLyEqn5smwz4qeDo.roa
File: haIEDbG6raCTLyEqn5smwz4qeDo.roa (raw, json)
Hash identifier: kecVhwuLZhTrA5pbgTmPhw3+kBMhA2J421gicnGsGQQ=
Subject key identifier: 85:A2:04:0D:B1:BA:AD:A0:93:2F:21:2A:9F:9B:26:C3:3E:2A:78:3A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019186A23389177888CD4A5C66594489AD9F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/haIEDbG6raCTLyEqn5smwz4qeDo.roa
Signing time: Sat 24 Aug 2024 23:04:22 +0000
ROA not before: Sat 24 Aug 2024 23:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:86a2:2565/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 24 Aug 2024 23:12:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:86:a2:33:89:17:78:88:cd:4a:5c:66:59:44:89:ad:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 24 23:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85a2040db1baada0932f212a9f9b26c33e2a783a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d5:28:66:bf:c8:6a:3b:83:41:5d:9f:44:cf:
5f:87:40:01:de:d7:8a:67:0c:0e:2a:59:cf:16:c4:
fc:99:f1:60:8c:be:6f:69:27:36:60:1a:63:27:03:
00:c1:92:ed:e3:0b:c2:b8:d7:11:2d:1e:b5:54:95:
25:f1:55:ea:24:85:3a:30:54:d6:ce:ad:c6:6b:bc:
4b:83:50:6a:9d:5a:4b:8c:e8:7a:06:87:d1:30:b8:
7b:72:c3:fd:a1:a1:4e:4f:af:b6:98:d5:cd:ab:a5:
0a:16:ae:7b:95:5f:73:35:df:e3:24:9d:7e:8c:3f:
96:d6:d4:46:30:f3:e7:bf:e8:6b:df:6b:2e:ab:e0:
7b:f6:23:ff:36:da:20:06:68:a8:ea:fa:a0:f9:9d:
81:51:ca:86:9b:54:88:19:02:81:e7:97:27:cd:b7:
46:c9:fe:ce:18:40:ec:fb:d0:bd:3b:16:62:2a:70:
b2:ac:e3:6a:07:21:83:d9:e4:27:12:41:45:b6:bd:
6f:4d:c5:d5:33:a6:9d:35:5a:0b:38:ee:ad:8a:3b:
07:91:ad:5b:6d:09:bf:a1:d8:2f:1d:f2:4c:f1:9b:
7a:aa:3b:c3:fb:f4:28:3d:47:09:2f:64:bf:9c:be:
c0:41:aa:b3:d7:de:d2:14:ba:d9:ab:24:f1:db:2a:
e2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A2:04:0D:B1:BA:AD:A0:93:2F:21:2A:9F:9B:26:C3:3E:2A:78:3A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/haIEDbG6raCTLyEqn5smwz4qeDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:86a2:2565/128
Signature Algorithm: sha256WithRSAEncryption
6c:f7:bd:77:6e:09:56:17:8a:10:41:e8:40:2c:22:e5:c1:ec:
5d:53:2e:7c:fb:c6:e0:77:5a:f3:49:fc:b9:2a:de:86:6d:c7:
93:9e:01:0e:7d:56:aa:91:f2:1a:e5:f8:47:08:d6:6c:af:83:
b2:73:2f:b1:7b:80:84:f7:b7:29:11:8e:d6:6a:82:42:47:98:
b8:81:fd:e2:c8:bb:86:e1:53:20:ae:3b:24:88:10:1b:66:2b:
04:ae:00:ff:4a:38:d4:fa:56:bc:54:78:fb:94:de:05:0a:93:
d1:3a:ea:b7:e8:3f:4d:13:ce:ec:15:0c:77:cf:b5:9c:cb:8f:
60:ff:d6:3f:d0:68:8d:91:c2:e3:45:dd:a5:55:b1:91:75:e9:
51:ee:fb:63:6b:5e:5f:9a:96:87:1a:ff:a2:f0:8f:e7:69:ca:
f2:08:6f:3d:81:ab:88:ea:3e:5a:36:b7:0d:65:ed:ac:a0:c5:
ef:f1:68:42:cf:a4:43:96:74:9c:f2:7d:5b:85:be:f1:38:11:
c7:8f:7e:48:7c:81:46:3f:11:e3:41:7f:3a:90:67:ba:05:3d:
08:5e:51:86:b9:7a:8b:52:9e:60:1e:f7:16:8b:dc:3e:35:00:
5d:4b:e2:a0:dc:7e:61:4f:7d:e7:45:2f:4f:d9:0d:bc:64:46:
78:9e:06:9e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZGGojOJF3iIzUpcZllEia2fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI0MjMwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWEyMDQwZGIxYmFhZGEwOTMyZjIxMmE5ZjliMjZjMzNlMmE3ODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNUoZr/IajuDQV2fRM9fh0AB3teK
ZwwOKlnPFsT8mfFgjL5vaSc2YBpjJwMAwZLt4wvCuNcRLR61VJUl8VXqJIU6MFTW
zq3Ga7xLg1BqnVpLjOh6BofRMLh7csP9oaFOT6+2mNXNq6UKFq57lV9zNd/jJJ1+
jD+W1tRGMPPnv+hr32suq+B79iP/NtogBmio6vqg+Z2BUcqGm1SIGQKB55cnzbdG
yf7OGEDs+9C9OxZiKnCyrONqByGD2eQnEkFFtr1vTcXVM6adNVoLOO6tijsHka1b
bQm/odgvHfJM8Zt6qjvD+/QoPUcJL2S/nL7AQaqz197SFLrZqyTx2yriSwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIWiBA2xuq2gky8hKp+bJsM+Kng6MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaGFJRURiRzZyYUNUTHlFcW41c213ejRxZURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkYaiJWUwDQYJKoZIhvcNAQELBQADggEB
AGz3vXduCVYXihBB6EAsIuXB7F1TLnz7xuB3WvNJ/Lkq3oZtx5OeAQ59VqqR8hrl
+EcI1myvg7JzL7F7gIT3tykRjtZqgkJHmLiB/eLIu4bhUyCuOySIEBtmKwSuAP9K
ONT6VrxUePuU3gUKk9E66rfoP00TzuwVDHfPtZzLj2D/1j/QaI2RwuNF3aVVsZF1
6VHu+2NrXl+aloca/6Lwj+dpyvIIbz2Bq4jqPlo2tw1l7aygxe/xaELPpEOWdJzy
fVuFvvE4EcePfkh8gUY/EeNBfzqQZ7oFPQheUYa5eotSnmAe9xaL3D41AF1L4qDc
fmFPfedFL0/ZDbxkRnieBp4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:00 2025 by rpki-client