Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kIi5IinuSKWUF6C6O3zoLT4wZ8c.roa
File: kIi5IinuSKWUF6C6O3zoLT4wZ8c.roa (raw, json)
Hash identifier: 9bc99L580pS3W7EEiWTiyYnmvf2dX8oiXKzBwjlSkwI=
Subject key identifier: 90:88:B9:22:29:EE:48:A5:94:17:A0:BA:3B:7C:E8:2D:3E:30:67:C7
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191388BB173CF20564D857165F7AAF6E7D7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kIi5IinuSKWUF6C6O3zoLT4wZ8c.roa
Signing time: Fri 09 Aug 2024 19:09:24 +0000
ROA not before: Fri 09 Aug 2024 19:09:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 09 Aug 2024 20:04:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:38:8b:b1:73:cf:20:56:4d:85:71:65:f7:aa:f6:e7:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 9 19:09:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9088b92229ee48a59417a0ba3b7ce82d3e3067c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:29:04:c5:63:62:54:6e:a9:23:73:aa:28:6d:
07:c3:db:01:53:be:f5:a7:e3:e1:10:fc:ab:f1:93:
ed:05:dd:71:f4:81:d0:fa:eb:54:c0:41:a5:64:98:
0f:1e:6a:52:e4:fc:67:97:7f:9c:7e:6f:07:4e:6f:
fc:de:3d:86:23:61:e2:66:8f:d5:2c:fc:ae:f3:da:
d5:a1:bf:93:20:15:08:e5:5c:1d:46:28:ba:5d:3f:
18:65:dc:e5:81:b1:a9:ed:54:11:31:90:2b:81:15:
88:ed:5f:4b:4a:42:22:ab:d3:03:89:d0:2e:1e:7f:
c3:31:f9:0e:7b:f9:15:9e:ec:2f:b9:20:75:1b:1e:
7f:c6:af:9b:f4:0b:d2:98:d2:3a:f7:8b:29:64:14:
30:a3:41:5f:15:92:8b:15:1b:0d:ec:1d:f3:af:99:
51:b1:23:01:38:b5:9b:1c:f3:b8:30:24:64:af:da:
71:03:60:e5:3d:17:a0:5b:77:4b:21:9e:9a:ab:f8:
50:bc:7f:14:d3:c6:a6:16:92:af:7e:12:3c:6c:a2:
fc:5b:5c:24:a8:fd:c2:69:0a:a5:ef:98:ef:54:f4:
f6:04:8a:09:aa:50:3e:17:6f:10:35:67:08:f2:3f:
db:7c:e7:9f:9e:2e:6f:0e:b2:11:b4:50:00:0c:b9:
e2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:88:B9:22:29:EE:48:A5:94:17:A0:BA:3B:7C:E8:2D:3E:30:67:C7
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kIi5IinuSKWUF6C6O3zoLT4wZ8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
5d:61:ae:77:9f:21:5d:df:6d:0f:04:42:9c:13:fb:33:71:ef:
63:c3:e9:a2:fe:53:4c:56:ee:d6:58:d0:a4:f3:07:e3:21:7b:
6c:40:dc:1e:1f:45:42:a0:00:78:53:b5:ad:f7:e5:fe:97:da:
5d:3a:99:93:46:d4:65:9b:b7:a0:78:35:ff:56:2b:b3:ab:4a:
67:69:b6:1b:44:48:36:f0:c5:2f:a8:4f:d0:bf:fc:ab:dc:21:
f3:a0:aa:0b:d8:35:69:62:0b:37:3e:51:2b:3f:54:f5:0c:0e:
89:0e:45:53:eb:fa:de:8d:10:73:4a:50:b5:12:4d:a5:38:bb:
4a:35:66:e4:8a:50:09:80:87:0a:63:b8:09:7b:8d:78:d8:e4:
82:a6:91:b7:3f:cf:91:ef:b6:a7:a2:1e:71:80:18:aa:f8:26:
b0:a5:56:19:8d:69:30:b0:43:2c:db:42:b7:5b:c3:5c:7a:66:
54:bb:28:7a:ed:ff:4a:92:d4:1c:9c:9f:66:ae:79:fb:f4:33:
f9:9f:50:ad:7d:3a:03:91:12:e7:79:9f:87:6c:7d:ea:30:ac:
75:95:8c:15:dd:5e:8f:cc:32:ca:08:76:44:72:6e:cc:25:e1:
62:08:d5:48:fe:1b:b4:65:a1:c9:f9:a8:25:8c:2a:5f:5a:a7:
94:9f:58:65
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZE4i7FzzyBWTYVxZfeq9ufXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA5MTkwOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDg4YjkyMjI5ZWU0OGE1OTQxN2EwYmEzYjdjZTgyZDNlMzA2N2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApykExWNiVG6pI3OqKG0Hw9sBU771
p+PhEPyr8ZPtBd1x9IHQ+utUwEGlZJgPHmpS5Pxnl3+cfm8HTm/83j2GI2HiZo/V
LPyu89rVob+TIBUI5VwdRii6XT8YZdzlgbGp7VQRMZArgRWI7V9LSkIiq9MDidAu
Hn/DMfkOe/kVnuwvuSB1Gx5/xq+b9AvSmNI694spZBQwo0FfFZKLFRsN7B3zr5lR
sSMBOLWbHPO4MCRkr9pxA2DlPRegW3dLIZ6aq/hQvH8U08amFpKvfhI8bKL8W1wk
qP3CaQql75jvVPT2BIoJqlA+F28QNWcI8j/bfOefni5vDrIRtFAADLnigQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJCIuSIp7killBegujt86C0+MGfHMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEva0lpNUlpbnVTS1dVRjZDNk8zem9MVDR3WjhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAXWGud58hXd9tDwRCnBP7M3Hv
Y8Ppov5TTFbu1ljQpPMH4yF7bEDcHh9FQqAAeFO1rffl/pfaXTqZk0bUZZu3oHg1
/1Yrs6tKZ2m2G0RINvDFL6hP0L/8q9wh86CqC9g1aWILNz5RKz9U9QwOiQ5FU+v6
3o0Qc0pQtRJNpTi7SjVm5IpQCYCHCmO4CXuNeNjkgqaRtz/Pke+2p6IecYAYqvgm
sKVWGY1pMLBDLNtCt1vDXHpmVLsoeu3/SpLUHJyfZq55+/Qz+Z9QrX06A5ES53mf
h2x96jCsdZWMFd1ej8wyygh2RHJuzCXhYgjVSP4btGWhyfmoJYwqX1qnlJ9YZQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:13 2025 by rpki-client