Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lTwOz0FgeN7x1WN1MNNaC28o1ho.roa
File: lTwOz0FgeN7x1WN1MNNaC28o1ho.roa (raw, json)
Hash identifier: 8yt4e9mFhM62LXsGqyLwAqeIU4f5Afhh0YC7nFsvLl8=
Subject key identifier: 95:3C:0E:CF:41:60:78:DE:F1:D5:63:75:30:D3:5A:0B:6F:28:D6:1A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019100F9ED2BF06B057B13F8183E2CEA5870
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lTwOz0FgeN7x1WN1MNNaC28o1ho.roa
Signing time: Tue 30 Jul 2024 00:11:04 +0000
ROA not before: Tue 30 Jul 2024 00:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 30 Jul 2024 01:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:00:f9:ed:2b:f0:6b:05:7b:13:f8:18:3e:2c:ea:58:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 30 00:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=953c0ecf416078def1d5637530d35a0b6f28d61a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ba:5d:d2:71:9a:56:69:d7:6c:a0:3c:31:b3:
f0:23:e5:e5:72:58:26:f2:22:31:a0:0e:ee:38:ab:
ce:ed:c7:34:da:8f:27:0e:2d:24:bd:53:37:cf:bb:
f0:ce:e9:2a:57:e5:de:73:58:13:bc:bb:da:bc:f7:
7d:16:ef:64:b6:83:b6:67:6d:4b:0f:68:f0:47:e3:
11:6a:e7:67:48:1b:f9:1e:3e:1f:db:5b:ce:d1:30:
18:94:99:10:e6:af:52:4f:f6:ef:34:68:d8:53:1d:
58:0b:4e:5a:51:13:e3:ef:a3:26:b9:a9:48:86:47:
58:24:c3:a9:05:f1:c2:bb:1c:5d:00:e7:3b:e3:24:
e4:a2:d6:48:68:98:76:cf:37:9a:50:ca:27:02:ce:
eb:73:1e:2c:7f:a0:8b:d3:9b:d0:b1:a9:29:15:53:
50:95:23:5e:a5:ef:41:96:1c:5b:05:2d:28:f5:52:
d8:a2:42:6d:d3:29:29:b0:4e:d0:a5:41:44:70:66:
9f:75:00:61:dd:17:af:00:15:cd:b7:d4:5f:23:df:
c0:27:10:36:21:5b:3d:bb:d0:76:07:9e:58:47:4c:
0d:70:a3:c1:3e:eb:f1:a2:52:66:79:7a:82:fc:a0:
6e:b7:72:a8:98:18:49:09:27:d2:73:2b:b0:13:28:
16:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:3C:0E:CF:41:60:78:DE:F1:D5:63:75:30:D3:5A:0B:6F:28:D6:1A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lTwOz0FgeN7x1WN1MNNaC28o1ho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
58:34:88:0b:6d:d4:35:f1:82:84:0d:35:6e:8d:e1:9d:56:6b:
81:b7:fc:85:38:00:1c:66:94:d6:49:dd:6f:a3:86:65:68:75:
45:e6:d2:67:52:ed:dd:47:19:76:43:80:7c:ef:c6:75:f2:9b:
ed:a1:9c:ea:7a:f2:f9:74:08:e4:be:c9:eb:23:52:21:39:d8:
15:3f:9b:a2:53:91:8a:b0:2d:16:3c:3c:62:d6:99:74:09:04:
d1:53:f0:df:b2:1d:81:6e:97:a0:5a:a2:b7:88:31:bf:b7:f4:
79:c3:3f:cb:b3:59:3d:ed:66:8f:d5:f2:01:5f:9b:b8:6d:a4:
ff:45:b0:b9:94:d7:84:3b:d5:ad:ed:3d:73:bb:fb:07:d7:e5:
05:1a:69:23:55:dd:ec:69:14:df:ff:ba:60:a5:96:86:ba:0f:
55:22:a9:69:b5:d5:4c:68:b1:33:98:2b:3a:f3:40:a1:41:59:
4c:13:9f:e2:59:03:a2:a2:a0:a1:8e:1b:03:3f:46:c7:0f:98:
29:ac:30:d2:d4:4b:2b:86:a5:69:74:56:0f:ce:27:eb:90:a0:
8b:1c:3e:4b:26:8b:e4:34:23:b3:a5:e5:57:3e:db:a2:e6:c6:
f6:7b:06:7f:21:3f:30:67:2a:c1:30:ac:46:f7:dd:01:5e:73:
93:ba:31:46
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEA+e0r8GsFexP4GD4s6lhwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzMwMDAxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTNjMGVjZjQxNjA3OGRlZjFkNTYzNzUzMGQzNWEwYjZmMjhkNjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3bpd0nGaVmnXbKA8MbPwI+Xlclgm
8iIxoA7uOKvO7cc02o8nDi0kvVM3z7vwzukqV+Xec1gTvLvavPd9Fu9ktoO2Z21L
D2jwR+MRaudnSBv5Hj4f21vO0TAYlJkQ5q9ST/bvNGjYUx1YC05aURPj76MmualI
hkdYJMOpBfHCuxxdAOc74yTkotZIaJh2zzeaUMonAs7rcx4sf6CL05vQsakpFVNQ
lSNepe9BlhxbBS0o9VLYokJt0ykpsE7QpUFEcGafdQBh3RevABXNt9RfI9/AJxA2
IVs9u9B2B55YR0wNcKPBPuvxolJmeXqC/KBut3KomBhJCSfScyuwEygWSwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJU8Ds9BYHje8dVjdTDTWgtvKNYaMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbFR3T3owRmdlTjd4MVdOMU1OTmFDMjhvMWhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAWDSIC23UNfGChA01bo3hnVZr
gbf8hTgAHGaU1kndb6OGZWh1RebSZ1Lt3UcZdkOAfO/GdfKb7aGc6nry+XQI5L7J
6yNSITnYFT+bolORirAtFjw8YtaZdAkE0VPw37IdgW6XoFqit4gxv7f0ecM/y7NZ
Pe1mj9XyAV+buG2k/0WwuZTXhDvVre09c7v7B9flBRppI1Xd7GkU3/+6YKWWhroP
VSKpabXVTGixM5grOvNAoUFZTBOf4lkDoqKgoY4bAz9Gxw+YKaww0tRLK4alaXRW
D84n65Cgixw+SyaL5DQjs6XlVz7boubG9nsGfyE/MGcqwTCsRvfdAV5zk7oxRg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:22:22 2025 by rpki-client