Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nDV9blRGvJI542Yqb449KbXB8xE.roa
File: nDV9blRGvJI542Yqb449KbXB8xE.roa (raw, json)
Hash identifier: Yn1m0eQvUE8hi9iJGoXBYcK17WEIwfyNf27ROS21ENo=
Subject key identifier: 9C:35:7D:6E:54:46:BC:92:39:E3:66:2A:6F:8E:3D:29:B5:C1:F3:11
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191C476306F7E54B83BA323E73D0EB18991
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nDV9blRGvJI542Yqb449KbXB8xE.roa
Signing time: Thu 05 Sep 2024 23:12:45 +0000
ROA not before: Thu 05 Sep 2024 23:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 06 Sep 2024 00:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c4:76:30:6f:7e:54:b8:3b:a3:23:e7:3d:0e:b1:89:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 5 23:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c357d6e5446bc9239e3662a6f8e3d29b5c1f311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2d:f2:32:a5:f9:a4:28:18:c8:0f:88:ed:3f:
c1:0f:8f:3d:fd:2f:f0:77:b9:ef:00:dc:cb:f0:91:
af:e4:d9:2a:f7:75:c5:16:bc:8e:09:47:17:be:1b:
5c:fa:10:ef:3c:f5:83:5f:f4:6d:79:2c:b4:20:e8:
6c:d7:3e:9b:05:ea:ce:ef:d7:49:3b:af:51:30:c6:
96:ba:d7:e2:c1:5d:66:f6:fb:62:26:fb:5c:44:25:
9a:56:fc:f6:69:78:86:c7:38:87:ec:d9:e3:b9:88:
19:fa:1a:e5:66:c9:8c:70:22:0f:11:2e:e3:ee:f2:
06:1b:bc:cb:48:69:dc:a3:da:a8:a1:d1:ce:b5:e5:
48:c4:d7:d2:c2:92:92:fb:2d:dc:aa:f8:82:97:d9:
7e:a3:c3:b7:ed:36:ab:9d:e7:eb:ad:2f:74:94:60:
17:b5:4d:c6:5c:ef:bb:1e:50:ff:a8:c1:e0:85:72:
1b:d3:10:11:d9:20:5a:22:8a:6e:a5:7c:29:2e:68:
24:95:67:25:72:49:a6:ee:b6:37:cb:ca:4c:eb:dc:
54:41:5e:00:2c:de:8d:5d:35:e6:b5:cb:cf:3e:54:
c0:00:e8:e1:35:9e:e1:f2:f1:dc:34:85:ca:63:f0:
dc:ab:8a:fe:40:6b:15:eb:35:9b:68:9a:ed:21:9f:
30:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:35:7D:6E:54:46:BC:92:39:E3:66:2A:6F:8E:3D:29:B5:C1:F3:11
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nDV9blRGvJI542Yqb449KbXB8xE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
2a:62:69:6a:69:69:b0:40:d0:91:a6:68:68:bf:98:92:ed:29:
2d:19:97:c9:a0:c4:1f:02:fe:50:9e:2e:7b:73:9e:ac:ba:3b:
20:4f:6b:8d:fc:d6:ab:d9:d3:7d:6d:d0:6c:f8:f0:bc:65:bd:
fa:e2:75:ee:e5:6f:1c:ed:0e:c4:08:4e:fa:aa:3c:48:ec:34:
2f:48:45:73:6a:ed:63:5a:29:ac:91:a1:bf:19:c7:39:8e:2b:
30:13:b6:ba:7b:16:45:b4:9c:02:cf:cb:1b:16:c8:73:b7:c4:
dd:80:ae:d7:ac:b1:df:08:77:09:e5:df:04:f3:ec:39:d4:09:
0e:68:39:22:70:ee:26:9f:38:43:f9:d9:ba:3f:c1:c4:e8:7b:
72:ff:a5:4f:b5:ea:f9:58:54:f2:0c:9a:7b:c1:b3:04:b1:a3:
66:5c:80:a9:bd:d0:35:cb:4f:1e:19:c5:8b:f6:76:4b:d0:e5:
a1:bf:2e:17:6b:71:e4:5c:9d:08:ad:15:ec:17:f2:3d:85:0e:
01:5e:0a:57:81:07:7c:17:9b:93:70:c2:e4:8d:f3:67:6b:78:
cd:3d:be:c5:06:0b:64:59:95:05:a7:da:ed:29:f5:f3:f4:66:
11:80:ae:16:87:35:2f:00:ed:bf:e9:9d:ba:07:e2:b2:6b:ce:
0c:05:5c:02
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZHEdjBvflS4O6Mj5z0OsYmRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA1MjMxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzM1N2Q2ZTU0NDZiYzkyMzllMzY2MmE2ZjhlM2QyOWI1YzFmMzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvi3yMqX5pCgYyA+I7T/BD489/S/w
d7nvANzL8JGv5Nkq93XFFryOCUcXvhtc+hDvPPWDX/RteSy0IOhs1z6bBerO79dJ
O69RMMaWutfiwV1m9vtiJvtcRCWaVvz2aXiGxziH7NnjuYgZ+hrlZsmMcCIPES7j
7vIGG7zLSGnco9qoodHOteVIxNfSwpKS+y3cqviCl9l+o8O37TarnefrrS90lGAX
tU3GXO+7HlD/qMHghXIb0xAR2SBaIopupXwpLmgklWclckmm7rY3y8pM69xUQV4A
LN6NXTXmtcvPPlTAAOjhNZ7h8vHcNIXKY/Dcq4r+QGsV6zWbaJrtIZ8wRwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJw1fW5URrySOeNmKm+OPSm1wfMRMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbkRWOWJsUkd2Skk1NDJZcWI0NDlLYlhCOHhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAKmJpamlpsEDQkaZoaL+Yku0p
LRmXyaDEHwL+UJ4ue3OerLo7IE9rjfzWq9nTfW3QbPjwvGW9+uJ17uVvHO0OxAhO
+qo8SOw0L0hFc2rtY1oprJGhvxnHOY4rMBO2unsWRbScAs/LGxbIc7fE3YCu16yx
3wh3CeXfBPPsOdQJDmg5InDuJp84Q/nZuj/BxOh7cv+lT7Xq+VhU8gyae8GzBLGj
ZlyAqb3QNctPHhnFi/Z2S9Dlob8uF2tx5FydCK0V7BfyPYUOAV4KV4EHfBebk3DC
5I3zZ2t4zT2+xQYLZFmVBafa7Sn18/RmEYCuFoc1LwDtv+mdugfismvODAVcAg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:27 2025 by rpki-client