Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/j3MiMNDKnHa5ZGtQoHObLmQacUo.roa
File: j3MiMNDKnHa5ZGtQoHObLmQacUo.roa (raw, json)
Hash identifier: y2TOAMvpTxgRv1gGSlvH8LMzCWgVSYgCf2+vfyTndv4=
Subject key identifier: 8F:73:22:30:D0:CA:9C:76:B9:64:6B:50:A0:73:9B:2E:64:1A:71:4A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019116A087432CAE2C3171BF21544D225532
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/j3MiMNDKnHa5ZGtQoHObLmQacUo.roa
Signing time: Sat 03 Aug 2024 05:05:04 +0000
ROA not before: Sat 03 Aug 2024 05:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:169f:c24d/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 03 Aug 2024 05:12:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:16:a0:87:43:2c:ae:2c:31:71:bf:21:54:4d:22:55:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 3 05:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f732230d0ca9c76b9646b50a0739b2e641a714a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e6:b7:78:6c:b3:c3:50:a4:18:62:18:06:73:
1c:5e:2a:cd:33:9a:18:42:3f:f3:25:af:ac:31:aa:
bc:6e:68:81:0f:bf:20:73:02:83:91:86:3b:8b:6b:
2d:bd:9b:bd:37:3f:d3:ca:fd:9d:6c:cb:57:d1:fa:
c6:07:7b:ff:cd:76:19:c0:6d:5f:85:3d:8a:fb:e8:
77:b9:25:4a:39:04:9d:41:33:55:b1:5e:be:50:30:
ae:b7:7c:9e:95:84:d9:6a:c2:92:18:c0:e7:32:ec:
86:d7:88:f7:d4:e3:da:d6:32:de:e5:41:f1:bf:c4:
bc:68:4e:10:b8:51:5b:95:76:73:8f:db:7a:21:5e:
c5:92:8e:9a:6c:c0:53:f4:60:fe:79:a9:e5:05:69:
e9:bc:8f:64:b1:67:ea:95:f3:66:fa:0f:53:bb:ba:
67:63:10:41:1f:81:e4:ab:0f:67:ad:39:41:91:99:
3e:cb:f4:ec:d1:ca:ac:fe:1d:cb:d8:36:aa:35:76:
60:3e:88:af:af:3f:6e:71:64:2f:99:22:ef:97:02:
bb:38:1d:5c:da:3e:d8:e7:74:2f:d1:b2:75:fa:06:
aa:84:95:c8:1e:ff:90:61:f5:80:a2:de:e3:f2:67:
49:f7:7f:6f:c4:94:62:ca:af:36:74:15:c5:f9:a6:
52:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:73:22:30:D0:CA:9C:76:B9:64:6B:50:A0:73:9B:2E:64:1A:71:4A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/j3MiMNDKnHa5ZGtQoHObLmQacUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:169f:c24d/128
Signature Algorithm: sha256WithRSAEncryption
39:1b:b4:9b:68:22:e1:db:68:a4:cf:4a:4f:85:42:d2:53:66:
a2:37:1e:c9:b5:8b:5c:70:4f:c1:49:0d:d6:20:52:6f:2c:5b:
63:1e:8c:1f:88:9c:3c:b3:8d:a5:b9:f2:bf:02:b5:05:8b:f4:
48:4a:4f:ef:d9:78:bc:b2:65:03:69:bf:03:91:d4:15:41:ad:
a6:ad:1a:96:11:90:76:cb:82:40:9b:55:73:20:22:1e:b0:15:
f8:b3:b6:13:17:17:c9:5a:de:bf:34:be:55:e4:59:e4:95:8a:
53:57:5a:ee:f7:0f:f8:1e:8f:4f:c9:03:6c:57:48:df:99:72:
55:2d:97:bb:15:84:23:a7:95:18:91:c3:0c:40:f7:bc:cb:82:
82:14:b8:e0:40:98:54:67:9f:75:ca:a1:f3:e0:f1:49:36:7b:
63:13:d9:fd:ff:e1:bc:87:a9:f2:1c:80:dd:80:d5:f7:5e:54:
58:3c:42:6b:27:e0:14:71:41:0e:a8:d8:95:f4:d0:40:df:be:
f8:5a:65:13:05:df:8f:c1:08:40:0c:f9:7c:35:40:c0:dc:1f:
02:79:80:a9:44:fb:59:28:8e:4c:b2:82:42:00:ab:ab:87:6e:
e0:fe:83:af:7b:42:fd:79:d5:e3:17:9b:63:11:bf:b2:3d:a2:
1c:14:98:ab
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZEWoIdDLK4sMXG/IVRNIlUyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODAzMDUwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjczMjIzMGQwY2E5Yzc2Yjk2NDZiNTBhMDczOWIyZTY0MWE3MTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOa3eGyzw1CkGGIYBnMcXirNM5oY
Qj/zJa+sMaq8bmiBD78gcwKDkYY7i2stvZu9Nz/Tyv2dbMtX0frGB3v/zXYZwG1f
hT2K++h3uSVKOQSdQTNVsV6+UDCut3yelYTZasKSGMDnMuyG14j31OPa1jLe5UHx
v8S8aE4QuFFblXZzj9t6IV7Fko6abMBT9GD+eanlBWnpvI9ksWfqlfNm+g9Tu7pn
YxBBH4Hkqw9nrTlBkZk+y/Ts0cqs/h3L2DaqNXZgPoivrz9ucWQvmSLvlwK7OB1c
2j7Y53Qv0bJ1+gaqhJXIHv+QYfWAot7j8mdJ939vxJRiyq82dBXF+aZSnQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFI9zIjDQypx2uWRrUKBzmy5kGnFKMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvajNNaU1OREtuSGE1Wkd0UW9IT2JMbVFhY1VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkRafwk0wDQYJKoZIhvcNAQELBQADggEB
ADkbtJtoIuHbaKTPSk+FQtJTZqI3Hsm1i1xwT8FJDdYgUm8sW2MejB+InDyzjaW5
8r8CtQWL9EhKT+/ZeLyyZQNpvwOR1BVBraatGpYRkHbLgkCbVXMgIh6wFfizthMX
F8la3r80vlXkWeSVilNXWu73D/gej0/JA2xXSN+ZclUtl7sVhCOnlRiRwwxA97zL
goIUuOBAmFRnn3XKofPg8Uk2e2MT2f3/4byHqfIcgN2A1fdeVFg8Qmsn4BRxQQ6o
2JX00EDfvvhaZRMF34/BCEAM+Xw1QMDcHwJ5gKlE+1kojkyygkIAq6uHbuD+g697
Qv151eMXm2MRv7I9ohwUmKs=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:34 2025 by rpki-client