Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lzNsvDhhctPa2A0jfXVmMcTGROs.roa
File: lzNsvDhhctPa2A0jfXVmMcTGROs.roa (raw, json)
Hash identifier: vVLYXqvh3I/Howt1yrYhByotKwvKieXhLrrPOmo1PVo=
Subject key identifier: 97:33:6C:BC:38:61:72:D3:DA:D8:0D:23:7D:75:66:31:C4:C6:44:EB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019346AC30623209319362789707CFA2DEF3
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lzNsvDhhctPa2A0jfXVmMcTGROs.roa
Signing time: Tue 19 Nov 2024 23:05:09 +0000
ROA not before: Tue 19 Nov 2024 23:05:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:193:46ab:8c95/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 19 Nov 2024 23:11:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:46:ac:30:62:32:09:31:93:62:78:97:07:cf:a2:de:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Nov 19 23:05:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97336cbc386172d3dad80d237d756631c4c644eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f2:c2:ba:c4:e9:ab:d5:c9:cc:62:66:45:7d:
ed:91:32:43:51:68:88:72:fb:d5:19:f1:9d:24:0c:
7b:1e:fd:1d:b6:62:71:bb:c9:4c:88:7b:6e:2a:a8:
ac:d6:6b:0c:31:a1:04:37:58:d4:8a:af:de:89:92:
25:ac:10:09:d6:6d:be:f6:bb:6d:85:81:7b:b0:e4:
37:4b:04:c0:8b:5e:65:8d:40:70:31:b8:51:ea:3a:
07:f5:70:1d:2d:eb:25:50:4f:7c:b4:76:8c:de:9c:
63:28:46:87:f6:44:55:be:54:75:b7:aa:a4:69:3b:
46:e3:2f:0e:0e:23:76:48:6e:f7:7e:72:4f:32:2e:
b6:9b:3d:ff:f2:c3:c1:51:5c:2b:35:26:91:d3:5d:
72:18:30:95:0c:aa:43:d7:b6:e7:5b:00:00:44:3f:
73:0d:19:11:3b:0f:25:64:a2:ea:71:9a:44:27:96:
2c:4b:eb:c0:c0:29:f9:23:ce:49:d0:b8:41:98:ad:
8e:29:7d:a3:23:cc:c6:de:94:da:68:a8:c6:90:5f:
11:e6:15:ed:e7:af:bb:79:56:69:83:0f:2c:05:b3:
34:f6:7c:1c:4c:3f:14:92:71:71:82:d1:b1:2e:8a:
d0:a6:02:3c:3e:81:20:ec:bf:c9:a8:2e:c0:37:68:
6f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:33:6C:BC:38:61:72:D3:DA:D8:0D:23:7D:75:66:31:C4:C6:44:EB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lzNsvDhhctPa2A0jfXVmMcTGROs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:193:46ab:8c95/128
Signature Algorithm: sha256WithRSAEncryption
90:15:05:e7:90:3f:58:99:ff:7b:34:0c:5f:37:c4:5f:dc:59:
42:39:77:02:52:be:ad:79:8a:e8:16:72:27:e7:6c:04:0b:fe:
14:1c:5c:7c:12:6d:21:79:79:92:6d:53:57:5c:8c:c3:93:7c:
b5:be:e5:25:4c:8e:6f:b8:57:e2:7d:70:57:c6:ed:d1:47:ad:
64:c4:24:84:2d:8a:3a:51:51:de:1c:a4:a9:c2:a2:f6:5c:a7:
81:74:13:01:46:ec:f6:85:2c:bd:40:9b:47:e3:cd:c1:d7:7f:
18:13:f9:98:f8:1d:f8:b6:76:4c:92:ed:57:08:02:7b:f6:d7:
3c:d6:d4:f3:d3:42:d5:d6:87:a8:fa:85:c5:81:65:5f:4b:14:
ce:8d:f4:11:53:f9:b4:55:c3:1f:03:99:1c:69:15:82:5f:fb:
5d:b4:4f:24:3e:52:1a:88:ee:80:f3:86:68:e9:13:39:f2:2f:
9e:f8:53:d0:47:6f:07:d7:0b:df:9a:28:94:0d:d7:2b:4e:31:
6b:ad:86:71:7f:29:20:0c:6a:d5:00:6e:77:ab:30:0e:74:e0:
90:df:4e:74:fe:41:d0:7a:71:ce:94:88:57:8c:81:15:b3:d7:
1b:81:f0:24:b0:b2:36:51:d1:e7:f2:a4:9d:83:d8:d8:c8:e0:
49:8d:63:26
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZNGrDBiMgkxk2J4lwfPot7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMTE5MjMwNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzMzNmNiYzM4NjE3MmQzZGFkODBkMjM3ZDc1NjYzMWM0YzY0NGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfLCusTpq9XJzGJmRX3tkTJDUWiI
cvvVGfGdJAx7Hv0dtmJxu8lMiHtuKqis1msMMaEEN1jUiq/eiZIlrBAJ1m2+9rtt
hYF7sOQ3SwTAi15ljUBwMbhR6joH9XAdLeslUE98tHaM3pxjKEaH9kRVvlR1t6qk
aTtG4y8ODiN2SG73fnJPMi62mz3/8sPBUVwrNSaR011yGDCVDKpD17bnWwAARD9z
DRkROw8lZKLqcZpEJ5YsS+vAwCn5I85J0LhBmK2OKX2jI8zG3pTaaKjGkF8R5hXt
56+7eVZpgw8sBbM09nwcTD8UknFxgtGxLorQpgI8PoEg7L/JqC7AN2hvmwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJczbLw4YXLT2tgNI311ZjHExkTrMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbHpOc3ZEaGhjdFBhMkEwamZYVm1NY1RHUk9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGTRquMlTANBgkqhkiG9w0BAQsFAAOCAQEAkBUF55A/WJn/ezQMXzfEX9xZ
Qjl3AlK+rXmK6BZyJ+dsBAv+FBxcfBJtIXl5km1TV1yMw5N8tb7lJUyOb7hX4n1w
V8bt0UetZMQkhC2KOlFR3hykqcKi9lyngXQTAUbs9oUsvUCbR+PNwdd/GBP5mPgd
+LZ2TJLtVwgCe/bXPNbU89NC1daHqPqFxYFlX0sUzo30EVP5tFXDHwOZHGkVgl/7
XbRPJD5SGojugPOGaOkTOfIvnvhT0EdvB9cL35oolA3XK04xa62GcX8pIAxq1QBu
d6swDnTgkN9OdP5B0HpxzpSIV4yBFbPXG4HwJLCyNlHR5/KknYPY2MjgSY1jJg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:06 2025 by rpki-client