Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/o3gq_cRp2Hue6UMmN9OE9yEkn4s.roa
File: o3gq_cRp2Hue6UMmN9OE9yEkn4s.roa (raw, json)
Hash identifier: nhfS2R5N40s2EVjvjkXVaKtrt+QeBrLwO9JzInwqAt0=
Subject key identifier: A3:78:2A:FD:C4:69:D8:7B:9E:E9:43:26:37:D3:84:F7:21:24:9F:8B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191ABFFDD509AD5C2B34279C0425BE5FF37
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/o3gq_cRp2Hue6UMmN9OE9yEkn4s.roa
Signing time: Sun 01 Sep 2024 05:12:37 +0000
ROA not before: Sun 01 Sep 2024 05:12:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 01 Sep 2024 06:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ab:ff:dd:50:9a:d5:c2:b3:42:79:c0:42:5b:e5:ff:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 1 05:12:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3782afdc469d87b9ee9432637d384f721249f8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:10:2a:7b:ca:fc:8e:c6:4c:3f:a2:8e:e7:75:
0a:a1:4b:ca:c2:c4:66:d2:d7:be:c0:45:a2:9e:0e:
2c:f1:59:34:bf:20:87:84:5f:e4:de:32:7b:f7:d2:
14:ce:99:aa:1a:d7:06:fa:f5:8b:42:70:50:f6:3f:
60:7b:cd:64:f1:75:c2:41:2f:b8:4f:d5:f3:e4:ce:
5f:0d:d3:fe:6d:9a:d0:a3:f7:64:02:0a:59:5d:16:
c8:f5:7d:83:9e:66:f7:37:e6:c9:69:97:78:27:ba:
ff:3f:dd:af:03:06:cf:b9:37:5f:47:d5:5e:a1:0d:
f4:47:a5:cb:2a:8c:bb:cc:25:1e:d1:3f:de:44:7b:
0b:8c:94:cb:ef:b1:fc:bc:2f:b2:e3:39:24:04:12:
30:83:60:48:79:51:b1:a9:3b:8d:1d:36:00:7b:9e:
f5:09:14:d2:d8:4f:9c:b6:66:a4:20:90:de:96:eb:
91:0e:4f:49:00:97:f2:9f:b3:9d:6d:0f:6f:17:19:
c0:20:f4:bb:77:39:e7:e0:1b:4e:6c:ba:ed:36:41:
a3:58:71:7e:2e:b4:05:41:d4:90:84:ef:4d:1b:59:
a2:15:38:f5:cb:6f:e7:23:85:17:71:ca:d3:5c:6c:
13:94:67:16:42:03:2e:9a:e1:5f:6f:61:37:e1:9b:
7e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:78:2A:FD:C4:69:D8:7B:9E:E9:43:26:37:D3:84:F7:21:24:9F:8B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/o3gq_cRp2Hue6UMmN9OE9yEkn4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
8d:8b:4f:5e:d1:bf:59:8f:f8:dc:02:17:fe:e2:83:28:49:9c:
ec:57:a5:08:8b:7c:12:89:e6:72:3b:c2:58:40:34:ef:44:62:
f0:5d:f1:2d:aa:d0:73:ec:d3:42:c7:35:9b:c1:d2:da:cb:40:
d9:2d:d9:ce:58:68:d3:34:03:0f:63:68:f4:cd:c8:f4:41:a2:
b8:c0:60:de:a0:7c:ea:cd:ca:c8:37:a3:1c:a4:44:99:4d:85:
23:36:5a:80:35:8f:57:8e:d7:66:52:7a:39:7b:73:52:0f:fd:
ac:8a:3e:75:89:74:c2:34:4b:53:c8:65:19:55:ae:d7:92:23:
35:80:6a:99:d5:fc:07:f3:7f:52:69:a4:a6:f2:59:17:0e:b7:
46:46:68:d8:0d:73:7f:5b:de:9a:03:dd:4b:49:63:3e:0e:66:
de:6d:0a:da:9b:46:0d:78:db:ad:01:f9:36:7d:ed:f9:cb:f3:
58:04:18:02:85:b7:66:cf:58:03:e4:ad:7c:df:c8:a3:99:ed:
2c:97:6f:11:3b:39:f6:08:25:79:87:b4:1f:76:65:a6:c7:63:
70:e4:c0:62:39:2b:fa:72:f0:9b:8a:79:9c:2d:2f:c0:a0:1f:
eb:d6:2f:25:26:0f:1b:96:19:0a:a1:07:4c:3e:f8:d4:82:b7:
66:7d:da:ac
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGr/91QmtXCs0J5wEJb5f83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAxMDUxMjM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzc4MmFmZGM0NjlkODdiOWVlOTQzMjYzN2QzODRmNzIxMjQ5ZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7BAqe8r8jsZMP6KO53UKoUvKwsRm
0te+wEWing4s8Vk0vyCHhF/k3jJ799IUzpmqGtcG+vWLQnBQ9j9ge81k8XXCQS+4
T9Xz5M5fDdP+bZrQo/dkAgpZXRbI9X2Dnmb3N+bJaZd4J7r/P92vAwbPuTdfR9Ve
oQ30R6XLKoy7zCUe0T/eRHsLjJTL77H8vC+y4zkkBBIwg2BIeVGxqTuNHTYAe571
CRTS2E+ctmakIJDeluuRDk9JAJfyn7OdbQ9vFxnAIPS7dznn4BtObLrtNkGjWHF+
LrQFQdSQhO9NG1miFTj1y2/nI4UXccrTXGwTlGcWQgMumuFfb2E34Zt+/wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKN4Kv3Eadh7nulDJjfThPchJJ+LMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbzNncV9jUnAySHVlNlVNbU45T0U5eUVrbjRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAjYtPXtG/WY/43AIX/uKDKEmc
7FelCIt8EonmcjvCWEA070Ri8F3xLarQc+zTQsc1m8HS2stA2S3Zzlho0zQDD2No
9M3I9EGiuMBg3qB86s3KyDejHKREmU2FIzZagDWPV47XZlJ6OXtzUg/9rIo+dYl0
wjRLU8hlGVWu15IjNYBqmdX8B/N/UmmkpvJZFw63RkZo2A1zf1vemgPdS0ljPg5m
3m0K2ptGDXjbrQH5Nn3t+cvzWAQYAoW3Zs9YA+StfN/Io5ntLJdvETs59ggleYe0
H3ZlpsdjcOTAYjkr+nLwm4p5nC0vwKAf69YvJSYPG5YZCqEHTD741IK3Zn3arA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:55 2025 by rpki-client