Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/j4GNtgilYZm8CMQISQlzgy-M-ps.roa
File: j4GNtgilYZm8CMQISQlzgy-M-ps.roa (raw, json)
Hash identifier: 5eiCzPseT91KisotZBB4biLY7bo6t6WaHDc+2ZkjcOA=
Subject key identifier: 8F:81:8D:B6:08:A5:61:99:BC:08:C4:08:49:09:73:83:2F:8C:FA:9B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191D3E1BCD9A16A377B1078AD60A21E46CD
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/j4GNtgilYZm8CMQISQlzgy-M-ps.roa
Signing time: Sun 08 Sep 2024 23:04:32 +0000
ROA not before: Sun 08 Sep 2024 23:04:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d3e1:7d60/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 08 Sep 2024 23:12:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d3:e1:bc:d9:a1:6a:37:7b:10:78:ad:60:a2:1e:46:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 8 23:04:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f818db608a56199bc08c408490973832f8cfa9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d4:d0:3d:93:28:e5:b2:8f:d4:50:ab:f2:7f:
25:69:6c:5b:b0:8d:a6:a4:52:46:65:4f:d7:7b:aa:
e0:f0:7e:72:75:64:99:5f:9b:db:0b:fb:66:9a:b5:
bf:67:9b:46:9e:c0:40:53:86:e3:f9:60:ea:50:ed:
62:95:d5:38:42:d7:2c:ae:22:37:48:e2:df:b1:b9:
03:9f:9e:9e:27:9d:7a:19:e4:73:12:cd:e1:b3:1f:
2a:22:db:a8:72:77:e1:be:47:66:e5:c6:62:0f:0a:
5e:aa:2a:26:0a:2c:bc:f0:c5:1e:1e:cb:07:60:20:
01:f2:b2:1d:af:ad:32:1b:43:bf:52:45:1a:d0:76:
eb:af:fe:d4:c5:8c:d6:b0:cb:93:14:2e:f5:40:58:
72:02:64:9f:af:04:2a:ce:4e:f8:cd:fa:43:0c:f1:
cc:b5:c3:7c:c1:4e:b3:98:94:44:fa:66:96:7e:42:
4c:fa:d6:b6:6e:55:09:de:95:11:df:1d:3f:30:a1:
67:49:f4:76:44:1f:62:44:73:d9:31:8a:82:d7:ba:
5f:d8:66:36:ac:af:47:d3:44:a4:9f:81:a2:6c:82:
53:30:08:c6:a8:1e:2b:2d:ed:76:35:6d:9b:9a:03:
f7:0f:53:82:6a:7c:31:b5:db:40:fc:03:9c:13:3a:
da:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:81:8D:B6:08:A5:61:99:BC:08:C4:08:49:09:73:83:2F:8C:FA:9B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/j4GNtgilYZm8CMQISQlzgy-M-ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d3e1:7d60/128
Signature Algorithm: sha256WithRSAEncryption
5f:3f:6b:dc:4c:fc:c4:b0:3e:1f:08:e5:c9:b1:dd:21:c9:c6:
b1:51:dd:cc:eb:f0:d9:1e:a1:f8:2f:ed:07:ad:b7:0a:73:6c:
d0:2e:4f:7c:ce:2e:bd:2a:03:19:a4:8e:29:39:ce:27:8d:0a:
f6:94:cd:18:c9:d5:b0:a0:3b:cc:56:32:aa:69:ea:ab:e2:f4:
a5:4c:7c:73:59:e8:99:b1:da:08:aa:f1:06:06:61:05:7b:6d:
54:e9:66:8f:d0:c8:b4:50:72:37:7f:3d:4e:51:38:07:4a:1e:
ff:21:62:b7:ee:d9:5c:17:9b:6d:55:5e:ed:c9:29:84:bb:13:
16:90:64:95:30:90:1e:ef:04:e7:6c:bf:d2:ac:06:a5:ed:98:
7e:98:2b:47:bf:77:ab:2c:20:8f:14:8f:b8:2e:af:38:e5:59:
22:42:a4:28:f1:50:3e:4e:d3:40:48:1d:5e:2d:2f:2b:f1:8d:
1a:44:1a:a2:0d:03:84:f9:33:f9:d1:6d:0f:46:f8:85:b9:2b:
ae:33:74:ca:84:88:d1:c5:d1:6c:ae:b3:3b:dc:6d:0d:85:03:
fd:de:8e:6a:ff:1c:b2:ce:e2:da:09:d2:89:7f:92:53:1c:9a:
ce:54:23:de:8d:69:b4:ab:44:8f:63:2e:a1:4f:b1:da:5d:28:
29:6f:07:34
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZHT4bzZoWo3exB4rWCiHkbNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA4MjMwNDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjgxOGRiNjA4YTU2MTk5YmMwOGM0MDg0OTA5NzM4MzJmOGNmYTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNTQPZMo5bKP1FCr8n8laWxbsI2m
pFJGZU/Xe6rg8H5ydWSZX5vbC/tmmrW/Z5tGnsBAU4bj+WDqUO1ildU4QtcsriI3
SOLfsbkDn56eJ516GeRzEs3hsx8qItuocnfhvkdm5cZiDwpeqiomCiy88MUeHssH
YCAB8rIdr60yG0O/UkUa0Hbrr/7UxYzWsMuTFC71QFhyAmSfrwQqzk74zfpDDPHM
tcN8wU6zmJRE+maWfkJM+ta2blUJ3pUR3x0/MKFnSfR2RB9iRHPZMYqC17pf2GY2
rK9H00Skn4GibIJTMAjGqB4rLe12NW2bmgP3D1OCanwxtdtA/AOcEzraKwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFI+BjbYIpWGZvAjECEkJc4MvjPqbMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvajRHTnRnaWxZWm04Q01RSVNRbHpneS1NLXBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdPhfWAwDQYJKoZIhvcNAQELBQADggEB
AF8/a9xM/MSwPh8I5cmx3SHJxrFR3czr8Nkeofgv7QettwpzbNAuT3zOLr0qAxmk
jik5zieNCvaUzRjJ1bCgO8xWMqpp6qvi9KVMfHNZ6Jmx2giq8QYGYQV7bVTpZo/Q
yLRQcjd/PU5ROAdKHv8hYrfu2VwXm21VXu3JKYS7ExaQZJUwkB7vBOdsv9KsBqXt
mH6YK0e/d6ssII8Uj7gurzjlWSJCpCjxUD5O00BIHV4tLyvxjRpEGqINA4T5M/nR
bQ9G+IW5K64zdMqEiNHF0WyuszvcbQ2FA/3ejmr/HLLO4toJ0ol/klMcms5UI96N
abSrRI9jLqFPsdpdKClvBzQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:35 2025 by rpki-client