Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/inezrmabicHQWkk_NFMEw2UMzNI.roa
File: inezrmabicHQWkk_NFMEw2UMzNI.roa (raw, json)
Hash identifier: 8e2uE7YlhOLro4UlveQpIAdN5TBcyreT7zoJPORdsps=
Subject key identifier: 8A:77:B3:AE:66:9B:89:C1:D0:5A:49:3F:34:53:04:C3:65:0C:CC:D2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019129BFD9DECA658A1B75BD70F5C1F6BAD0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/inezrmabicHQWkk_NFMEw2UMzNI.roa
Signing time: Tue 06 Aug 2024 22:12:04 +0000
ROA not before: Tue 06 Aug 2024 22:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 06 Aug 2024 23:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:29:bf:d9:de:ca:65:8a:1b:75:bd:70:f5:c1:f6:ba:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 6 22:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a77b3ae669b89c1d05a493f345304c3650cccd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:23:01:35:05:83:d4:e8:d6:8d:9f:1b:29:dc:
a9:7c:4a:a1:d6:14:a4:4a:a9:f3:c7:1b:4f:66:29:
08:dc:7c:50:e8:68:30:91:ea:7f:6d:2e:40:a9:cf:
d6:66:7b:51:7e:1c:f2:17:cc:03:0f:81:36:57:09:
57:90:05:18:ce:c9:7a:cc:31:d3:be:69:78:d9:62:
67:dd:15:5f:b5:53:7f:72:04:23:8d:f5:c1:ae:21:
5f:52:8c:52:29:bc:a2:84:9b:86:ee:cb:be:8f:5b:
c6:d9:a6:cf:7e:92:10:51:ca:98:af:0c:d9:a2:25:
a8:e4:fd:07:09:53:fa:b7:3f:4f:72:6e:57:f1:bb:
f1:27:bf:5d:6e:b1:e1:f5:73:dd:ad:ac:24:74:82:
f3:9b:13:58:30:e0:25:2a:15:a0:14:92:63:23:58:
60:a5:f4:98:db:ca:5c:d5:24:b5:6f:34:bc:e7:2f:
10:07:89:d6:92:bd:6b:66:93:0e:cb:a4:47:b5:33:
69:6d:3f:49:d9:ee:ab:0f:48:c1:db:26:6f:d2:03:
3f:69:74:f6:d7:2b:8a:c8:dc:a4:d4:00:4e:60:f4:
b9:cf:5b:ca:f3:28:25:49:5d:e9:0d:78:d1:30:fd:
de:36:f3:ed:55:13:bd:86:95:58:ab:68:b0:f8:7d:
ea:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:77:B3:AE:66:9B:89:C1:D0:5A:49:3F:34:53:04:C3:65:0C:CC:D2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/inezrmabicHQWkk_NFMEw2UMzNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
84:a9:1c:be:4f:34:47:8e:b8:f0:07:c0:a3:01:df:04:fc:4b:
79:b4:64:5f:92:a1:23:3b:3e:69:65:0c:35:4b:3d:e1:f2:b4:
a5:f0:21:1d:69:e9:2f:3a:6d:2d:0d:c1:47:97:c1:58:c4:83:
c6:61:12:1c:26:9e:29:a6:21:42:ac:2a:e0:5e:2a:d8:38:b1:
68:2c:4a:8a:e9:35:e1:1f:5e:ce:a1:e3:c7:86:b3:d1:cd:9b:
2f:78:18:ea:d1:00:cb:f1:d0:0a:af:5e:c3:2b:67:f4:ea:2d:
0e:18:1c:e3:ed:ed:f5:8b:7d:98:fb:88:d0:87:0d:44:51:66:
b7:08:58:e9:bf:dd:ae:5e:83:02:16:69:79:55:f5:e8:cb:2b:
47:5a:7a:b2:17:d4:d9:8f:df:a7:ea:08:f9:62:ca:c5:f4:6d:
6d:84:bd:15:74:ae:5a:6b:d8:5e:ef:e7:0f:3f:12:40:22:5c:
d2:2c:f3:d4:ec:ae:23:d8:87:29:d2:04:13:99:af:ea:df:a0:
a5:48:a6:b5:3d:14:44:8a:2a:b8:a7:d1:10:12:ef:7b:f9:30:
92:1c:b9:24:4e:35:e8:88:d1:45:c8:48:55:36:c8:d5:c5:eb:
8f:7e:ed:24:a5:65:4d:87:1e:d2:86:d2:ef:97:0c:2d:88:13:
9d:60:ba:0b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEpv9neymWKG3W9cPXB9rrQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA2MjIxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTc3YjNhZTY2OWI4OWMxZDA1YTQ5M2YzNDUzMDRjMzY1MGNjY2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCMBNQWD1OjWjZ8bKdypfEqh1hSk
SqnzxxtPZikI3HxQ6Ggwkep/bS5Aqc/WZntRfhzyF8wDD4E2VwlXkAUYzsl6zDHT
vml42WJn3RVftVN/cgQjjfXBriFfUoxSKbyihJuG7su+j1vG2abPfpIQUcqYrwzZ
oiWo5P0HCVP6tz9Pcm5X8bvxJ79dbrHh9XPdrawkdILzmxNYMOAlKhWgFJJjI1hg
pfSY28pc1SS1bzS85y8QB4nWkr1rZpMOy6RHtTNpbT9J2e6rD0jB2yZv0gM/aXT2
1yuKyNyk1ABOYPS5z1vK8yglSV3pDXjRMP3eNvPtVRO9hpVYq2iw+H3qBQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIp3s65mm4nB0FpJPzRTBMNlDMzSMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaW5lenJtYWJpY0hRV2trX05GTUV3MlVNek5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAhKkcvk80R4648AfAowHfBPxL
ebRkX5KhIzs+aWUMNUs94fK0pfAhHWnpLzptLQ3BR5fBWMSDxmESHCaeKaYhQqwq
4F4q2DixaCxKiuk14R9ezqHjx4az0c2bL3gY6tEAy/HQCq9ewytn9OotDhgc4+3t
9Yt9mPuI0IcNRFFmtwhY6b/drl6DAhZpeVX16MsrR1p6shfU2Y/fp+oI+WLKxfRt
bYS9FXSuWmvYXu/nDz8SQCJc0izz1OyuI9iHKdIEE5mv6t+gpUimtT0URIoquKfR
EBLve/kwkhy5JE416IjRRchIVTbI1cXrj37tJKVlTYce0obS75cMLYgTnWC6Cw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:10 2025 by rpki-client