Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lD5WIPUhArhoVdcToOHCKC2ddy4.roa
File: lD5WIPUhArhoVdcToOHCKC2ddy4.roa (raw, json)
Hash identifier: NsczPCKH+TgMZ+BPhy/XFeRQyTCcs+fYqvSx6o/mZB4=
Subject key identifier: 94:3E:56:20:F5:21:02:B8:68:55:D7:13:A0:E1:C2:28:2D:9D:77:2E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01913BFE43A876FC092666969984EDCA2E20
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lD5WIPUhArhoVdcToOHCKC2ddy4.roa
Signing time: Sat 10 Aug 2024 11:13:24 +0000
ROA not before: Sat 10 Aug 2024 11:13:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 10 Aug 2024 12:04:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3b:fe:43:a8:76:fc:09:26:66:96:99:84:ed:ca:2e:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 10 11:13:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=943e5620f52102b86855d713a0e1c2282d9d772e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:44:99:dd:c8:21:c3:27:f0:4a:6c:66:9b:4c:
94:03:a9:d6:0b:3d:9c:54:f1:2a:35:81:b7:c3:db:
68:ab:40:c4:14:ab:17:7a:92:bb:64:8d:30:9b:9a:
e7:14:ad:9c:18:08:d4:cb:cc:4e:9e:48:ae:10:4d:
be:e6:0a:25:62:0e:4e:b3:e5:83:45:be:f4:c4:e6:
37:a9:5e:45:e6:09:2f:d5:b5:38:47:57:6c:1e:ae:
0d:1c:17:a1:80:55:a6:47:f3:39:b9:85:05:43:43:
f4:8e:2d:88:11:c7:03:98:e7:b4:74:22:d9:2f:96:
81:11:50:fd:fa:a8:57:52:6f:35:00:6f:89:88:f2:
92:7f:1d:5a:75:8c:44:70:6d:1e:8b:cc:77:a0:c6:
31:b5:5e:ed:75:dd:19:fd:11:1a:54:98:97:0c:00:
65:ff:7b:0a:6b:08:44:09:76:39:84:82:c5:62:13:
c7:e2:61:c7:6f:60:0e:02:5f:30:67:9f:db:75:4d:
19:80:c2:a3:5f:dc:bb:50:ae:94:28:d8:82:3a:1e:
e5:47:97:94:35:ec:45:c3:bc:63:4a:aa:c5:60:9a:
55:78:18:a1:dd:19:29:1a:99:99:c1:51:01:aa:3d:
36:96:b8:7a:9b:11:ad:96:00:c7:65:68:22:16:96:
3b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:3E:56:20:F5:21:02:B8:68:55:D7:13:A0:E1:C2:28:2D:9D:77:2E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lD5WIPUhArhoVdcToOHCKC2ddy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
70:32:d3:d8:cb:0b:f8:3b:f8:c2:90:fd:7a:bf:cb:25:f6:2a:
8e:e7:c0:23:c4:db:f8:80:0c:56:0f:ba:ac:db:2b:ff:77:a9:
2a:ce:b8:ba:62:6e:27:4e:1e:51:83:46:af:3e:f0:4b:12:39:
21:10:12:ab:c0:7d:96:50:1e:f1:50:0d:4f:70:ae:7a:e0:23:
4e:06:08:c7:c0:bf:9c:0b:65:72:ab:95:7e:ca:6b:34:3b:20:
3e:65:ac:5c:cd:b4:cd:31:e3:8e:2d:64:8c:d4:73:9b:32:54:
9e:ed:53:df:a6:d1:8b:9a:99:d8:34:bb:45:d6:44:aa:1d:b9:
cc:74:14:b8:2d:7f:05:46:23:96:fe:2b:2a:c6:fb:e6:cb:6c:
fd:3b:e1:8d:17:7a:9c:87:6a:5b:e6:a8:f6:42:92:02:37:6c:
c4:8e:ff:f1:8d:0d:04:81:55:c0:3a:17:4d:31:40:53:a4:c1:
73:9c:5c:fd:cd:b0:3f:76:6e:62:a7:b3:c8:88:e8:02:bf:4c:
fd:82:4e:1d:d1:8f:0a:34:cb:c6:5f:d3:b1:21:ed:51:8a:6a:
6e:1e:3f:3d:56:ee:cc:7e:fa:25:9e:68:2e:a2:98:b2:e0:58:
26:90:7d:8b:b8:c3:3a:95:66:1b:3a:ab:4b:84:37:81:85:c5:
d5:2e:05:de
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZE7/kOodvwJJmaWmYTtyi4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODEwMTExMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDNlNTYyMGY1MjEwMmI4Njg1NWQ3MTNhMGUxYzIyODJkOWQ3NzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kSZ3cghwyfwSmxmm0yUA6nWCz2c
VPEqNYG3w9toq0DEFKsXepK7ZI0wm5rnFK2cGAjUy8xOnkiuEE2+5golYg5Os+WD
Rb70xOY3qV5F5gkv1bU4R1dsHq4NHBehgFWmR/M5uYUFQ0P0ji2IEccDmOe0dCLZ
L5aBEVD9+qhXUm81AG+JiPKSfx1adYxEcG0ei8x3oMYxtV7tdd0Z/REaVJiXDABl
/3sKawhECXY5hILFYhPH4mHHb2AOAl8wZ5/bdU0ZgMKjX9y7UK6UKNiCOh7lR5eU
NexFw7xjSqrFYJpVeBih3RkpGpmZwVEBqj02lrh6mxGtlgDHZWgiFpY70wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJQ+ViD1IQK4aFXXE6DhwigtnXcuMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbEQ1V0lQVWhBcmhvVmRjVG9PSENLQzJkZHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAcDLT2MsL+Dv4wpD9er/LJfYq
jufAI8Tb+IAMVg+6rNsr/3epKs64umJuJ04eUYNGrz7wSxI5IRASq8B9llAe8VAN
T3CueuAjTgYIx8C/nAtlcquVfsprNDsgPmWsXM20zTHjji1kjNRzmzJUnu1T36bR
i5qZ2DS7RdZEqh25zHQUuC1/BUYjlv4rKsb75sts/TvhjRd6nIdqW+ao9kKSAjds
xI7/8Y0NBIFVwDoXTTFAU6TBc5xc/c2wP3ZuYqezyIjoAr9M/YJOHdGPCjTLxl/T
sSHtUYpqbh4/PVbuzH76JZ5oLqKYsuBYJpB9i7jDOpVmGzqrS4Q3gYXF1S4F3g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:10 2025 by rpki-client