Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hc1w0BYO1C_7JzwWoMhqhDTrNaY.roa
File: hc1w0BYO1C_7JzwWoMhqhDTrNaY.roa (raw, json)
Hash identifier: oDdqmF0Eacj0ADEXKWbJQzb6YxbuJSAE8Gx9EacE4eA=
Subject key identifier: 85:CD:70:D0:16:0E:D4:2F:FB:27:3C:16:A0:C8:6A:84:34:EB:35:A6
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191C0994D89B6A0B4730BBD0362C797B6FB
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hc1w0BYO1C_7JzwWoMhqhDTrNaY.roa
Signing time: Thu 05 Sep 2024 05:12:37 +0000
ROA not before: Thu 05 Sep 2024 05:12:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 05 Sep 2024 06:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c0:99:4d:89:b6:a0:b4:73:0b:bd:03:62:c7:97:b6:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 5 05:12:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85cd70d0160ed42ffb273c16a0c86a8434eb35a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4c:4b:e9:57:22:0c:11:35:b5:9e:b1:a0:33:
37:7c:0f:df:8e:71:59:05:eb:89:b5:30:40:98:32:
54:75:00:df:a9:72:8f:0e:a5:be:29:fa:a4:c9:98:
dc:dd:3e:37:ba:f4:db:5c:6a:3a:4f:2c:45:f3:56:
c0:ac:d6:ee:a0:39:1f:eb:23:5d:bc:ef:77:d8:9e:
30:56:ba:43:a1:d7:d4:54:be:61:bd:fb:47:ba:f0:
61:9c:ba:d3:d1:01:59:c5:e0:fc:64:37:ec:e1:85:
08:e6:40:e8:94:4a:4b:f0:56:1d:f8:9a:95:ea:74:
bd:bf:be:22:44:04:42:61:5d:df:b3:8c:45:fb:4e:
c8:b3:c5:bf:a3:e3:fb:fb:ed:b8:2f:55:bb:bd:6e:
64:20:ec:b2:e5:d3:fe:62:64:b4:a2:90:b8:2f:a5:
e4:51:25:cd:d9:f6:a0:2a:57:6a:b8:06:a4:60:20:
31:98:f6:72:85:0e:a9:22:0c:da:46:d6:e7:75:1a:
9e:0b:15:36:41:4f:7b:4d:68:0e:eb:c1:d2:1d:f6:
ed:37:bc:1a:b7:6f:f4:b3:38:73:bc:54:9a:07:c8:
16:a0:8b:28:fc:d3:23:2c:9d:52:e6:79:7e:ed:13:
08:57:d7:fb:88:ea:61:8d:0f:2f:d8:f0:48:0b:d8:
e1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:CD:70:D0:16:0E:D4:2F:FB:27:3C:16:A0:C8:6A:84:34:EB:35:A6
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hc1w0BYO1C_7JzwWoMhqhDTrNaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
87:66:76:8a:9f:0f:55:00:63:0c:ef:57:dd:cd:36:95:66:62:
c7:22:d1:07:3d:7d:8c:87:31:1f:bb:2c:48:55:5d:39:ff:b3:
15:ff:51:b4:d5:e4:bc:38:b4:1f:f3:ec:4b:44:96:ca:88:30:
c8:97:86:41:1f:1b:aa:07:4e:f5:db:d0:a1:12:ba:48:92:b3:
ad:16:ab:3e:d7:09:28:6e:6e:80:ff:a5:3c:e4:54:f0:f2:5c:
a9:84:c1:bf:a8:50:47:4e:f8:5f:75:31:01:aa:b1:5f:73:e1:
b2:68:ce:fc:a2:af:37:84:af:dd:ba:9a:0d:c0:21:08:16:78:
59:ff:c5:a1:da:06:7b:e2:15:b2:da:aa:31:93:81:35:82:47:
2f:b2:33:18:e0:e3:d0:84:01:52:ba:5c:66:c1:f4:d5:2d:66:
e2:a3:e3:62:bd:9d:82:26:42:0e:74:c3:d7:75:01:40:de:7c:
fd:ed:97:44:cf:71:f0:64:fe:c7:1b:2f:29:a5:b2:23:c9:b6:
a0:46:46:16:86:88:56:9f:f5:da:45:e6:11:89:e1:22:b8:e0:
82:7d:a7:d8:99:8b:2e:79:b7:b1:42:8c:5d:9e:35:9f:34:9a:
87:b5:4f:3c:58:7f:02:93:11:5a:e8:6a:33:d2:2a:98:1f:c1:
e1:59:f5:3e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZHAmU2JtqC0cwu9A2LHl7b7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA1MDUxMjM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWNkNzBkMDE2MGVkNDJmZmIyNzNjMTZhMGM4NmE4NDM0ZWIzNWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UxL6VciDBE1tZ6xoDM3fA/fjnFZ
BeuJtTBAmDJUdQDfqXKPDqW+KfqkyZjc3T43uvTbXGo6TyxF81bArNbuoDkf6yNd
vO932J4wVrpDodfUVL5hvftHuvBhnLrT0QFZxeD8ZDfs4YUI5kDolEpL8FYd+JqV
6nS9v74iRARCYV3fs4xF+07Is8W/o+P7++24L1W7vW5kIOyy5dP+YmS0opC4L6Xk
USXN2fagKldquAakYCAxmPZyhQ6pIgzaRtbndRqeCxU2QU97TWgO68HSHfbtN7wa
t2/0szhzvFSaB8gWoIso/NMjLJ1S5nl+7RMIV9f7iOphjQ8v2PBIC9jhEwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIXNcNAWDtQv+yc8FqDIaoQ06zWmMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaGMxdzBCWU8xQ183Snp3V29NaHFoRFRyTmFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAh2Z2ip8PVQBjDO9X3c02lWZi
xyLRBz19jIcxH7ssSFVdOf+zFf9RtNXkvDi0H/PsS0SWyogwyJeGQR8bqgdO9dvQ
oRK6SJKzrRarPtcJKG5ugP+lPORU8PJcqYTBv6hQR074X3UxAaqxX3PhsmjO/KKv
N4Sv3bqaDcAhCBZ4Wf/FodoGe+IVstqqMZOBNYJHL7IzGODj0IQBUrpcZsH01S1m
4qPjYr2dgiZCDnTD13UBQN58/e2XRM9x8GT+xxsvKaWyI8m2oEZGFoaIVp/12kXm
EYnhIrjggn2n2JmLLnm3sUKMXZ41nzSah7VPPFh/ApMRWuhqM9IqmB/B4Vn1Pg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:23:17 2025 by rpki-client