Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/o98jCfKOcMnXfmPgx8QHcYZHtds.roa
File: o98jCfKOcMnXfmPgx8QHcYZHtds.roa (raw, json)
Hash identifier: d9eYPsOG2HAbSqrTpu7n38nFNGXsI4pFMgQtgCsIXsM=
Subject key identifier: A3:DF:23:09:F2:8E:70:C9:D7:7E:63:E0:C7:C4:07:71:86:47:B5:DB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019181B84719B16A800E24BFA828AC0E42D4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/o98jCfKOcMnXfmPgx8QHcYZHtds.roa
Signing time: Sat 24 Aug 2024 00:10:22 +0000
ROA not before: Sat 24 Aug 2024 00:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 24 Aug 2024 01:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:81:b8:47:19:b1:6a:80:0e:24:bf:a8:28:ac:0e:42:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 24 00:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3df2309f28e70c9d77e63e0c7c407718647b5db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b4:94:d8:0e:05:6a:44:ce:15:86:7a:e4:3d:
53:69:fc:c4:32:c7:d7:f2:f2:dd:aa:e9:b7:d5:d1:
d8:50:1d:a9:e8:a3:00:51:d6:e5:47:76:79:05:c2:
b3:f3:c0:ca:c4:6b:fd:e3:b4:76:d9:f2:c5:93:bb:
59:ef:12:60:1b:47:1b:0a:bf:29:df:70:5b:86:21:
82:85:71:fa:55:0e:0a:20:aa:01:6c:11:89:76:eb:
26:76:b8:d9:ec:4b:f3:44:25:2b:f4:7d:7e:d4:c4:
8b:4d:3b:0e:0b:7e:97:54:45:6b:14:d1:a5:aa:38:
db:83:fe:81:63:f8:46:ab:1b:4a:c9:c1:de:5d:45:
80:b0:99:12:64:87:8e:fc:c9:c3:6b:70:42:40:2d:
09:f3:0c:1f:c7:42:7c:8d:2c:1a:0d:3d:7e:38:af:
e4:0f:23:d5:42:9a:16:e8:67:6d:8b:99:92:44:8e:
b2:d9:e2:15:fe:7d:7a:fc:ef:bb:93:46:66:71:eb:
10:01:c8:a8:08:9c:64:0c:b5:52:d1:e2:6a:c3:71:
e1:eb:7b:92:84:d2:bb:7e:37:c5:a6:0d:94:18:59:
e6:e2:f1:88:60:a8:49:2e:49:8c:2d:57:fd:0c:dc:
19:22:44:a7:52:ef:b8:20:c7:00:57:b4:fb:10:f4:
2d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:DF:23:09:F2:8E:70:C9:D7:7E:63:E0:C7:C4:07:71:86:47:B5:DB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/o98jCfKOcMnXfmPgx8QHcYZHtds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
16:6a:7d:22:7e:52:55:39:e1:8e:e7:aa:ef:1b:90:20:41:d1:
b7:12:66:33:d5:9a:e5:c8:81:a7:b5:69:cf:00:96:7e:75:d3:
81:7c:66:90:7d:c9:5e:15:03:e2:16:eb:65:d5:16:80:91:a3:
b5:7e:1a:87:5e:cc:0c:5a:b4:f6:7d:74:3f:37:de:19:49:bc:
e6:92:bc:c9:f4:cd:4b:d4:73:99:b0:f6:a4:40:63:84:c4:af:
1d:c9:9c:9b:64:59:ba:4d:66:c2:6f:1f:08:88:10:e7:c2:1a:
eb:75:e5:e5:19:05:3d:57:af:98:71:f9:19:ab:7c:96:b5:ae:
29:ef:78:ac:d0:b4:e6:3b:64:13:6d:2f:de:a5:e0:77:20:39:
be:d2:ba:41:12:e1:d4:91:7f:87:10:98:f3:d9:e0:fc:8e:78:
16:9f:72:8e:b5:56:ba:65:9c:a4:d6:2d:76:1d:b1:3c:ef:5e:
c6:57:58:c1:f8:e4:8c:cf:88:46:98:85:d2:5f:85:b8:24:65:
64:3d:25:5a:8a:ca:ba:a2:b5:43:b9:8b:01:0c:72:1e:3c:fd:
67:5a:08:1b:b3:2e:8f:63:2a:55:06:de:a4:0d:86:e8:9c:ad:
96:f8:2c:03:a0:97:5c:35:55:a3:60:8d:35:57:d7:ea:01:bb:
38:f1:ab:8f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGBuEcZsWqADiS/qCisDkLUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI0MDAxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2RmMjMwOWYyOGU3MGM5ZDc3ZTYzZTBjN2M0MDc3MTg2NDdiNWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrSU2A4FakTOFYZ65D1TafzEMsfX
8vLdqum31dHYUB2p6KMAUdblR3Z5BcKz88DKxGv947R22fLFk7tZ7xJgG0cbCr8p
33BbhiGChXH6VQ4KIKoBbBGJdusmdrjZ7EvzRCUr9H1+1MSLTTsOC36XVEVrFNGl
qjjbg/6BY/hGqxtKycHeXUWAsJkSZIeO/MnDa3BCQC0J8wwfx0J8jSwaDT1+OK/k
DyPVQpoW6Gdti5mSRI6y2eIV/n16/O+7k0ZmcesQAcioCJxkDLVS0eJqw3Hh63uS
hNK7fjfFpg2UGFnm4vGIYKhJLkmMLVf9DNwZIkSnUu+4IMcAV7T7EPQt8wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKPfIwnyjnDJ135j4MfEB3GGR7XbMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbzk4akNmS09jTW5YZm1QZ3g4UUhjWVpIdGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAFmp9In5SVTnhjueq7xuQIEHR
txJmM9Wa5ciBp7VpzwCWfnXTgXxmkH3JXhUD4hbrZdUWgJGjtX4ah17MDFq09n10
PzfeGUm85pK8yfTNS9RzmbD2pEBjhMSvHcmcm2RZuk1mwm8fCIgQ58Ia63Xl5RkF
PVevmHH5Gat8lrWuKe94rNC05jtkE20v3qXgdyA5vtK6QRLh1JF/hxCY89ng/I54
Fp9yjrVWumWcpNYtdh2xPO9exldYwfjkjM+IRpiF0l+FuCRlZD0lWorKuqK1Q7mL
AQxyHjz9Z1oIG7Muj2MqVQbepA2G6JytlvgsA6CXXDVVo2CNNVfX6gG7OPGrjw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:07 2025 by rpki-client