Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nzYMvQz5nH3uyXKR8JHf2acByZI.roa
File: nzYMvQz5nH3uyXKR8JHf2acByZI.roa (raw, json)
Hash identifier: DyxRfVTa85SyMHbC1tKjK+Oc/YdjciEa+PGpyPsUQOQ=
Subject key identifier: 9F:36:0C:BD:0C:F9:9C:7D:EE:C9:72:91:F0:91:DF:D9:A7:01:C9:92
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191C8BA0FF1138CB68EA3851B866AC017B5
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nzYMvQz5nH3uyXKR8JHf2acByZI.roa
Signing time: Fri 06 Sep 2024 19:05:22 +0000
ROA not before: Fri 06 Sep 2024 19:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:c8b9:2e25/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 06 Sep 2024 19:12:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c8:ba:0f:f1:13:8c:b6:8e:a3:85:1b:86:6a:c0:17:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 6 19:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f360cbd0cf99c7deec97291f091dfd9a701c992
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:03:e0:47:80:74:1d:60:22:f0:85:ef:47:71:
79:a5:a1:e4:f1:ad:49:50:cf:ed:0c:ae:b7:a6:9b:
de:27:33:a3:6e:39:29:f3:0c:04:33:b1:95:7d:a1:
3f:4a:5e:12:14:fc:ce:1c:42:38:19:86:3c:b0:e0:
2d:d6:bb:37:8e:5c:ac:2a:5c:99:b4:79:34:ca:e6:
c0:51:64:43:97:06:c4:5c:7a:63:c9:b2:24:b9:52:
ca:e2:ee:34:68:b7:ed:48:ec:1f:79:2c:2d:f4:10:
d6:15:66:fe:f8:26:4f:a4:25:0a:d4:4c:0a:57:32:
7c:70:67:a7:31:48:26:cd:30:e9:56:f7:53:e9:39:
2d:6c:5b:be:b0:3a:28:ae:9c:eb:27:7e:97:95:18:
1e:d9:1a:a2:93:8c:59:df:ef:d9:c3:79:23:4a:85:
a9:14:59:af:6f:30:4d:4f:d2:8c:4a:58:e4:7e:37:
34:f8:f2:58:7c:80:4d:cb:52:97:93:d4:04:b1:11:
41:9d:8d:3e:4a:ab:12:eb:b7:78:3b:ee:f2:f6:9b:
b7:c3:d8:bf:fe:8a:89:ab:d0:93:d4:5f:a7:c3:48:
50:6d:06:bc:56:68:18:3c:5f:c8:6f:19:7e:34:71:
e5:3a:c9:76:71:30:93:d8:8b:e8:0a:7a:de:91:84:
71:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:36:0C:BD:0C:F9:9C:7D:EE:C9:72:91:F0:91:DF:D9:A7:01:C9:92
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nzYMvQz5nH3uyXKR8JHf2acByZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:c8b9:2e25/128
Signature Algorithm: sha256WithRSAEncryption
04:ff:9a:32:22:fa:0b:c6:09:4b:ce:9f:bf:10:4e:91:09:5b:
f9:7f:f9:96:b0:e3:a2:d0:b7:3e:97:f5:ec:7e:8e:9a:02:a7:
f0:57:ef:ad:3c:15:e8:68:8f:94:7e:b3:08:ad:b5:30:11:bf:
99:15:b7:39:aa:aa:be:55:b3:eb:0c:e8:bb:54:d1:d6:e1:dc:
b4:2f:e9:7c:7b:dd:49:9b:91:e7:d7:42:80:28:e2:8e:78:20:
d3:30:d5:f2:6d:28:6a:40:08:c0:7e:b2:94:87:25:bf:bb:f3:
54:d3:ca:a6:9d:c3:2a:30:dd:fa:6f:59:da:b2:a6:f5:7c:d7:
a7:d4:02:8f:4b:58:7d:72:e0:08:da:ca:32:dd:35:56:1a:c7:
02:f6:93:40:10:61:1a:8e:71:21:0b:c9:f4:95:af:1b:90:57:
05:be:35:81:f7:0e:1b:01:9e:c5:2e:8a:89:78:57:0b:48:0a:
84:08:48:dc:09:3a:cf:0d:63:c1:73:20:a0:07:69:16:d8:cf:
de:96:69:15:6d:d2:3d:21:b5:3f:18:40:07:98:5e:9e:83:e5:
3f:7e:40:6b:22:91:77:ca:34:c6:dd:b9:83:9e:47:11:d6:b1:
9d:dc:ea:69:a9:bb:06:b9:3b:a1:2a:bc:b4:7e:2f:d0:e5:2e:
a4:e8:a8:56
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZHIug/xE4y2jqOFG4ZqwBe1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA2MTkwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjM2MGNiZDBjZjk5YzdkZWVjOTcyOTFmMDkxZGZkOWE3MDFjOTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgPgR4B0HWAi8IXvR3F5paHk8a1J
UM/tDK63ppveJzOjbjkp8wwEM7GVfaE/Sl4SFPzOHEI4GYY8sOAt1rs3jlysKlyZ
tHk0yubAUWRDlwbEXHpjybIkuVLK4u40aLftSOwfeSwt9BDWFWb++CZPpCUK1EwK
VzJ8cGenMUgmzTDpVvdT6TktbFu+sDoorpzrJ36XlRge2Rqik4xZ3+/Zw3kjSoWp
FFmvbzBNT9KMSljkfjc0+PJYfIBNy1KXk9QEsRFBnY0+SqsS67d4O+7y9pu3w9i/
/oqJq9CT1F+nw0hQbQa8VmgYPF/Ibxl+NHHlOsl2cTCT2IvoCnrekYRx8QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJ82DL0M+Zx97slykfCR39mnAcmSMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbnpZTXZRejVuSDN1eVhLUjhKSGYyYWNCeVpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkci5LiUwDQYJKoZIhvcNAQELBQADggEB
AAT/mjIi+gvGCUvOn78QTpEJW/l/+Zaw46LQtz6X9ex+jpoCp/BX7608Fehoj5R+
swittTARv5kVtzmqqr5Vs+sM6LtU0dbh3LQv6Xx73UmbkefXQoAo4o54INMw1fJt
KGpACMB+spSHJb+781TTyqadwyow3fpvWdqypvV816fUAo9LWH1y4AjayjLdNVYa
xwL2k0AQYRqOcSELyfSVrxuQVwW+NYH3DhsBnsUuiol4VwtICoQISNwJOs8NY8Fz
IKAHaRbYz96WaRVt0j0htT8YQAeYXp6D5T9+QGsikXfKNMbduYOeRxHWsZ3c6mmp
uwa5O6EqvLR+L9DlLqToqFY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:58:49 2025 by rpki-client