Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kEtZ2cKT4G2NKvIwgXtdWakQsnY.roa
File: kEtZ2cKT4G2NKvIwgXtdWakQsnY.roa (raw, json)
Hash identifier: yaMz502k8Rn9ovIxv2UKeq8c/ATeKCf2CQBQYEPOAZI=
Subject key identifier: 90:4B:59:D9:C2:93:E0:6D:8D:2A:F2:30:81:7B:5D:59:A9:10:B2:76
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01917D39246195D14DA95CD459E42790D756
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kEtZ2cKT4G2NKvIwgXtdWakQsnY.roa
Signing time: Fri 23 Aug 2024 03:13:02 +0000
ROA not before: Fri 23 Aug 2024 03:13:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 23 Aug 2024 04:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7d:39:24:61:95:d1:4d:a9:5c:d4:59:e4:27:90:d7:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 23 03:13:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=904b59d9c293e06d8d2af230817b5d59a910b276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:45:ea:3b:e1:a9:01:2a:5c:b8:5f:79:01:fc:
89:ac:a9:3c:11:ac:ee:cc:3e:d7:a5:eb:45:8d:05:
4e:d7:e0:4d:5a:d5:a6:88:a2:83:9c:f2:6b:74:4f:
f4:5b:30:6a:5f:bf:d9:85:03:33:7d:06:81:0f:0a:
9e:24:68:44:e1:4a:b5:f2:ee:fd:fc:40:dd:c3:de:
dd:e5:20:a6:b5:33:a8:59:e9:88:33:09:53:a6:75:
4a:2a:96:db:35:04:42:ec:31:76:23:6b:73:c1:08:
fb:a3:79:e5:b9:e4:f9:37:00:0a:28:18:ee:3d:2e:
9c:36:6a:a2:6e:26:ba:fa:cf:f7:d1:93:ba:92:7f:
d6:21:6b:1b:ec:df:a0:c0:61:13:72:7c:dc:16:10:
1d:d2:dd:58:ee:48:82:3e:73:8d:44:2c:a0:2c:52:
f0:4b:62:7c:13:e7:ec:7c:4d:5e:11:34:1f:8f:fe:
2f:2b:39:d6:92:b3:e0:a1:6f:a1:81:24:45:d6:b6:
df:de:43:20:e4:16:25:6e:ea:2d:c9:cb:87:bb:14:
32:c5:28:9d:49:dd:01:93:70:0f:c9:36:69:87:c7:
27:f9:2f:8e:c6:18:b8:59:13:57:b5:de:04:7b:75:
f7:ea:f7:ea:30:c2:e0:a0:05:dc:dc:43:61:5a:bc:
e9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:4B:59:D9:C2:93:E0:6D:8D:2A:F2:30:81:7B:5D:59:A9:10:B2:76
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kEtZ2cKT4G2NKvIwgXtdWakQsnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
85:21:10:71:ff:44:6c:07:3c:dd:27:15:4f:2d:b9:ac:da:57:
e9:19:6c:71:ed:44:dc:e6:24:66:28:9f:0c:9d:be:e4:98:68:
81:bc:04:be:37:67:65:f1:e3:00:a2:33:dd:fd:b9:7b:1e:9c:
d6:61:4a:18:82:93:f3:65:63:10:ac:c2:a7:44:6c:53:70:81:
da:2c:51:cb:5a:72:6c:93:3f:93:54:2f:0b:81:74:7f:2a:3f:
fc:1c:b7:9a:e6:3b:67:7a:3b:48:19:ba:73:d3:7d:16:4c:d1:
47:d9:c9:e8:f2:e3:f8:65:3a:40:2e:b2:22:3f:f8:a0:e5:31:
9f:9b:b6:65:7f:75:80:ab:dc:a3:4e:3a:59:59:d8:99:84:9e:
de:bb:e0:c2:50:2c:f5:e7:d6:cc:7a:75:07:e1:a8:a2:5c:c7:
dd:b4:14:9e:57:2a:4c:77:a9:06:22:b3:69:28:45:33:ca:27:
e0:fa:78:a2:83:f3:03:39:6a:fa:01:fe:fa:bd:6c:9f:e0:d5:
61:d1:11:5e:a6:3d:e7:64:4a:a4:54:47:11:08:2f:55:d3:54:
99:10:46:1d:4a:28:f4:d0:f9:0e:4b:7b:1c:fe:2a:ee:ee:26:
31:90:a9:b3:c3:d5:d9:71:d3:b3:61:76:0e:f7:5c:d2:f7:55:
18:01:76:c7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZF9OSRhldFNqVzUWeQnkNdWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODIzMDMxMzAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDRiNTlkOWMyOTNlMDZkOGQyYWYyMzA4MTdiNWQ1OWE5MTBiMjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUXqO+GpASpcuF95AfyJrKk8Eazu
zD7XpetFjQVO1+BNWtWmiKKDnPJrdE/0WzBqX7/ZhQMzfQaBDwqeJGhE4Uq18u79
/EDdw97d5SCmtTOoWemIMwlTpnVKKpbbNQRC7DF2I2tzwQj7o3nlueT5NwAKKBju
PS6cNmqibia6+s/30ZO6kn/WIWsb7N+gwGETcnzcFhAd0t1Y7kiCPnONRCygLFLw
S2J8E+fsfE1eETQfj/4vKznWkrPgoW+hgSRF1rbf3kMg5BYlbuotycuHuxQyxSid
Sd0Bk3APyTZph8cn+S+Oxhi4WRNXtd4Ee3X36vfqMMLgoAXc3ENhWrzpjwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJBLWdnCk+BtjSryMIF7XVmpELJ2MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEva0V0WjJjS1Q0RzJOS3ZJd2dYdGRXYWtRc25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAhSEQcf9EbAc83ScVTy25rNpX
6Rlsce1E3OYkZiifDJ2+5JhogbwEvjdnZfHjAKIz3f25ex6c1mFKGIKT82VjEKzC
p0RsU3CB2ixRy1pybJM/k1QvC4F0fyo//By3muY7Z3o7SBm6c9N9FkzRR9nJ6PLj
+GU6QC6yIj/4oOUxn5u2ZX91gKvco046WVnYmYSe3rvgwlAs9efWzHp1B+GoolzH
3bQUnlcqTHepBiKzaShFM8on4Pp4ooPzAzlq+gH++r1sn+DVYdERXqY952RKpFRH
EQgvVdNUmRBGHUoo9ND5Dkt7HP4q7u4mMZCps8PV2XHTs2F2Dvdc0vdVGAF2xw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:47 2025 by rpki-client