Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mMIucjqUx5ZW6iDnaVKbXVg6C1k.roa
File: mMIucjqUx5ZW6iDnaVKbXVg6C1k.roa (raw, json)
Hash identifier: ihOE9cKwpux8F3zWvM7koi2lK57CNlPOu/Gh9vm7oUg=
Subject key identifier: 98:C2:2E:72:3A:94:C7:96:56:EA:20:E7:69:52:9B:5D:58:3A:0B:59
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191404625B37DACCC51C12D5FDCB96B3F35
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mMIucjqUx5ZW6iDnaVKbXVg6C1k.roa
Signing time: Sun 11 Aug 2024 07:10:24 +0000
ROA not before: Sun 11 Aug 2024 07:10:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 11 Aug 2024 08:04:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:40:46:25:b3:7d:ac:cc:51:c1:2d:5f:dc:b9:6b:3f:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 11 07:10:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98c22e723a94c79656ea20e769529b5d583a0b59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c3:17:6d:df:f2:85:00:59:18:cf:a5:42:88:
c7:7a:b4:e8:3d:ca:6c:06:f4:fc:9c:29:b6:8e:22:
d1:3d:f2:ef:10:43:f5:0c:c8:f6:43:46:43:ac:93:
d4:29:49:5c:e7:02:53:4a:93:e7:06:c5:26:88:8b:
c4:b9:ed:cf:71:8e:b6:64:f7:57:f5:80:82:81:75:
f9:c5:02:11:e2:cf:24:ec:65:7e:fa:2a:a4:00:b8:
8e:a1:bd:31:0b:4f:42:69:24:d9:6d:ad:4b:f7:da:
ea:6a:9f:60:30:89:d3:42:a4:13:15:35:ba:6c:38:
57:31:f5:d9:40:1b:b4:c3:2d:7c:28:7a:d1:5c:b1:
30:d4:95:af:ab:69:97:b9:bb:6c:0c:f7:87:5d:20:
f8:bb:19:bf:ad:0f:1a:1b:3b:46:dd:90:44:31:6a:
63:60:42:f0:b1:fe:6e:bf:47:71:d0:af:14:75:01:
b6:99:c6:58:f7:68:d6:1d:40:7d:d2:57:a0:0e:0a:
51:be:50:bf:22:04:24:8a:0d:11:40:8b:5f:54:98:
fe:87:15:01:07:7f:97:25:60:dd:02:ca:da:45:0d:
a8:ee:6d:c4:31:ec:c2:ba:05:70:1d:9a:49:d3:4e:
34:65:39:06:39:5e:af:d4:d3:93:5e:93:97:cb:10:
0f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C2:2E:72:3A:94:C7:96:56:EA:20:E7:69:52:9B:5D:58:3A:0B:59
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mMIucjqUx5ZW6iDnaVKbXVg6C1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
00:67:ae:fe:41:d3:be:13:a6:f3:45:43:d9:c7:8a:b6:d6:ac:
ea:2b:78:45:96:03:f2:f5:5f:57:9d:4c:96:06:bf:99:1c:dc:
e5:b2:a6:b3:14:ca:1e:2d:c6:9f:3c:84:e7:93:cd:7e:98:61:
52:a8:0a:d6:90:72:05:3f:5e:e3:51:a9:ae:f3:09:ec:0f:e9:
6f:32:c5:b5:bc:d4:9d:d4:c5:a2:2e:42:6a:d8:34:f4:64:71:
c2:09:61:82:33:2f:40:a3:31:a6:2f:d9:53:e2:bf:d1:74:77:
12:0f:6b:87:21:7c:62:97:64:c0:c8:30:91:be:7c:31:a7:32:
09:ec:3c:39:ff:72:27:94:4b:f0:a9:4f:3a:3e:d0:55:8b:91:
f4:8c:c4:43:81:45:b7:8a:61:22:93:dc:1d:13:f2:e8:9f:fd:
1e:cc:e9:70:2c:8d:f5:cf:c9:46:bf:45:0a:4f:aa:2a:22:cb:
4a:31:a9:27:cb:2b:21:ac:2d:df:90:75:61:3f:08:ef:31:76:
75:16:cf:10:5c:1e:43:8b:be:75:01:64:69:84:b7:2d:15:ef:
88:70:3b:95:41:d0:99:40:3d:5f:96:cc:9f:40:7e:3c:fc:a8:
a6:ca:3f:6b:75:9e:7c:4d:27:88:cd:1f:97:05:f0:85:51:a5:
87:fe:16:ed
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFARiWzfazMUcEtX9y5az81MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODExMDcxMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGMyMmU3MjNhOTRjNzk2NTZlYTIwZTc2OTUyOWI1ZDU4M2EwYjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8MXbd/yhQBZGM+lQojHerToPcps
BvT8nCm2jiLRPfLvEEP1DMj2Q0ZDrJPUKUlc5wJTSpPnBsUmiIvEue3PcY62ZPdX
9YCCgXX5xQIR4s8k7GV++iqkALiOob0xC09CaSTZba1L99rqap9gMInTQqQTFTW6
bDhXMfXZQBu0wy18KHrRXLEw1JWvq2mXubtsDPeHXSD4uxm/rQ8aGztG3ZBEMWpj
YELwsf5uv0dx0K8UdQG2mcZY92jWHUB90legDgpRvlC/IgQkig0RQItfVJj+hxUB
B3+XJWDdAsraRQ2o7m3EMezCugVwHZpJ0040ZTkGOV6v1NOTXpOXyxAPwwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJjCLnI6lMeWVuog52lSm11YOgtZMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbU1JdWNqcVV4NVpXNmlEbmFWS2JYVmc2QzFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAAGeu/kHTvhOm80VD2ceKttas
6it4RZYD8vVfV51Mlga/mRzc5bKmsxTKHi3GnzyE55PNfphhUqgK1pByBT9e41Gp
rvMJ7A/pbzLFtbzUndTFoi5Catg09GRxwglhgjMvQKMxpi/ZU+K/0XR3Eg9rhyF8
YpdkwMgwkb58MacyCew8Of9yJ5RL8KlPOj7QVYuR9IzEQ4FFt4phIpPcHRPy6J/9
HszpcCyN9c/JRr9FCk+qKiLLSjGpJ8srIawt35B1YT8I7zF2dRbPEFweQ4u+dQFk
aYS3LRXviHA7lUHQmUA9X5bMn0B+PPyopso/a3WefE0niM0flwXwhVGlh/4W7Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:01 2025 by rpki-client