Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/i1z27uARiqxBPocKYv5I6o128F0.roa
File: i1z27uARiqxBPocKYv5I6o128F0.roa (raw, json)
Hash identifier: OvT2DBk8YljQvHNHzRVotPYMuSs79E5e9XhEvGdNJOQ=
Subject key identifier: 8B:5C:F6:EE:E0:11:8A:AC:41:3E:87:0A:62:FE:48:EA:8D:76:F0:5D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191836FB990A123CC3402AFDAB7B50CB8C6
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/i1z27uARiqxBPocKYv5I6o128F0.roa
Signing time: Sat 24 Aug 2024 08:10:22 +0000
ROA not before: Sat 24 Aug 2024 08:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 24 Aug 2024 09:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:83:6f:b9:90:a1:23:cc:34:02:af:da:b7:b5:0c:b8:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 24 08:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b5cf6eee0118aac413e870a62fe48ea8d76f05d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4a:5d:55:af:37:66:d1:1a:2f:5e:ae:02:30:
dc:cc:ed:14:c8:79:ef:d8:05:16:a2:50:3c:85:5e:
64:7b:15:58:3e:81:37:11:f1:eb:66:a8:e1:d6:dd:
f9:02:3a:2c:25:d1:52:c2:4b:ce:1e:38:4e:46:61:
c2:42:25:af:dc:c6:4c:a6:b8:b4:7e:45:d1:20:9e:
32:2f:bd:28:04:45:f2:7b:85:15:d7:25:6a:80:1b:
ae:7b:92:53:fd:66:77:88:32:c9:91:e6:02:77:9b:
6e:42:f8:6c:02:8f:b4:0c:9f:19:d1:4c:f4:c4:57:
a2:66:9b:09:07:56:19:73:b0:d5:ac:da:c2:f4:ce:
95:49:38:3c:82:09:37:28:f9:bc:d1:1c:88:76:41:
c4:2b:96:36:3e:27:8e:59:e0:7b:e3:46:45:db:e2:
19:75:3e:4d:8f:69:a4:20:c1:85:a8:94:12:84:13:
b3:8e:a6:4a:45:7f:10:af:59:4e:3d:60:e8:d5:5d:
e7:11:7c:c1:e5:4a:a9:5f:e7:b5:f4:3e:c1:c5:56:
2c:d3:b3:66:94:ce:76:31:1e:b3:dc:5d:68:92:3a:
46:d8:87:49:05:75:a7:fe:f1:28:51:22:d5:19:04:
85:1d:29:83:fb:37:29:49:81:ce:cf:af:de:1f:36:
5e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:5C:F6:EE:E0:11:8A:AC:41:3E:87:0A:62:FE:48:EA:8D:76:F0:5D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/i1z27uARiqxBPocKYv5I6o128F0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
05:0b:f0:b4:f8:86:d9:25:a5:ef:9f:51:8a:a0:cb:cf:d6:2b:
d2:cc:4e:dd:73:92:6f:5c:c5:db:f4:05:84:4f:b2:bd:0a:61:
f6:57:3a:82:9c:52:e6:7a:67:fb:a6:04:14:34:ff:b6:c0:6e:
22:9d:97:6c:a0:ac:70:ab:20:03:ae:9b:da:50:bb:36:2b:38:
63:ed:08:0d:ef:d0:c5:bc:56:f6:48:59:c6:11:16:1b:60:d9:
45:a7:64:fa:52:db:24:06:20:35:e4:06:3f:e5:dd:05:7f:a7:
a4:c5:f5:73:d9:98:38:ab:31:25:f0:0d:67:88:a8:ab:75:ba:
a1:18:d9:78:63:0e:f8:74:b6:8d:d0:6a:ff:5e:6b:78:72:78:
30:47:99:4b:2a:76:1f:bc:ee:8d:e0:c6:4d:74:a4:06:8a:7c:
17:81:26:e7:0b:b0:63:6f:4f:e0:02:b6:a2:9d:f1:95:77:f0:
f3:71:d0:e1:29:89:2f:d1:5a:d4:11:99:fc:36:87:de:3b:35:
e6:12:b8:bf:09:bf:2b:63:8b:dd:75:a7:a3:bf:9e:aa:e7:61:
1f:27:10:bc:67:8c:ed:61:40:84:23:91:33:bc:26:9e:87:97:
9e:17:33:3b:20:71:06:ca:28:36:c2:62:c7:67:9d:48:0a:8d:
61:ef:88:0d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGDb7mQoSPMNAKv2re1DLjGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI0MDgxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjVjZjZlZWUwMTE4YWFjNDEzZTg3MGE2MmZlNDhlYThkNzZmMDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkpdVa83ZtEaL16uAjDczO0UyHnv
2AUWolA8hV5kexVYPoE3EfHrZqjh1t35AjosJdFSwkvOHjhORmHCQiWv3MZMpri0
fkXRIJ4yL70oBEXye4UV1yVqgBuue5JT/WZ3iDLJkeYCd5tuQvhsAo+0DJ8Z0Uz0
xFeiZpsJB1YZc7DVrNrC9M6VSTg8ggk3KPm80RyIdkHEK5Y2PieOWeB740ZF2+IZ
dT5Nj2mkIMGFqJQShBOzjqZKRX8Qr1lOPWDo1V3nEXzB5UqpX+e19D7BxVYs07Nm
lM52MR6z3F1okjpG2IdJBXWn/vEoUSLVGQSFHSmD+zcpSYHOz6/eHzZeQQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFItc9u7gEYqsQT6HCmL+SOqNdvBdMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaTF6Mjd1QVJpcXhCUG9jS1l2NUk2bzEyOEYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEABQvwtPiG2SWl759RiqDLz9Yr
0sxO3XOSb1zF2/QFhE+yvQph9lc6gpxS5npn+6YEFDT/tsBuIp2XbKCscKsgA66b
2lC7Nis4Y+0IDe/QxbxW9khZxhEWG2DZRadk+lLbJAYgNeQGP+XdBX+npMX1c9mY
OKsxJfANZ4ioq3W6oRjZeGMO+HS2jdBq/15reHJ4MEeZSyp2H7zujeDGTXSkBop8
F4Em5wuwY29P4AK2op3xlXfw83HQ4SmJL9Fa1BGZ/DaH3js15hK4vwm/K2OL3XWn
o7+equdhHycQvGeM7WFAhCORM7wmnoeXnhczOyBxBsooNsJix2edSAqNYe+IDQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:16:58 2025 by rpki-client