Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oAa9AfkheR0HyG9IXgEyiL84HO8.roa
File: oAa9AfkheR0HyG9IXgEyiL84HO8.roa (raw, json)
Hash identifier: gI6nUrgfxvRIkRa4e4Xj27A7+KBem0e6HVbUF1GhDR4=
Subject key identifier: A0:06:BD:01:F9:21:79:1D:07:C8:6F:48:5E:01:32:88:BF:38:1C:EF
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01914B01445EB1511B848836B8A092BE4216
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oAa9AfkheR0HyG9IXgEyiL84HO8.roa
Signing time: Tue 13 Aug 2024 09:10:59 +0000
ROA not before: Tue 13 Aug 2024 09:10:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 13 Aug 2024 10:04:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4b:01:44:5e:b1:51:1b:84:88:36:b8:a0:92:be:42:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 13 09:10:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a006bd01f921791d07c86f485e013288bf381cef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:32:29:ea:4e:3a:bd:0e:59:4e:cb:c7:68:db:
28:a4:e4:e0:d3:b2:19:73:f5:79:f9:d0:3d:53:43:
75:59:a8:9a:6b:17:e4:f5:1f:61:fc:b9:8a:e4:f7:
f1:ca:a6:f4:85:cc:23:78:ff:39:23:ae:f9:c3:e1:
81:2e:29:61:25:79:04:27:72:be:dd:b0:34:dd:4d:
5b:b4:fa:c4:8a:55:c8:66:e8:47:86:da:04:35:06:
f9:aa:a9:79:e2:bf:19:7b:c4:0a:db:79:35:3b:11:
a9:96:a2:cd:9f:bc:23:d7:4d:09:a3:98:ec:ea:32:
57:45:d7:e0:13:b8:9b:86:40:63:5e:8f:72:da:10:
69:59:2f:c5:e0:af:a7:ca:71:fb:b9:51:b2:64:f1:
c7:1e:d9:c0:f2:0b:8a:19:3d:d1:de:5d:c2:35:a9:
80:7a:fe:18:a9:17:a2:e9:62:09:56:53:18:fb:0c:
b4:d3:39:7b:1c:ca:df:02:2e:ce:ad:d4:9e:b3:88:
56:74:05:6e:f2:da:02:9f:58:7c:d0:ac:66:63:0d:
b5:4f:9e:ee:ac:1c:13:db:5d:3d:85:aa:ee:4a:ca:
89:36:c2:00:9a:53:b3:e8:e3:9a:87:c7:db:d1:1f:
31:84:3e:9c:33:5d:f4:31:5c:28:bb:6a:c2:55:d0:
c9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:06:BD:01:F9:21:79:1D:07:C8:6F:48:5E:01:32:88:BF:38:1C:EF
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oAa9AfkheR0HyG9IXgEyiL84HO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
60:27:38:f9:c1:b6:42:80:c6:b0:5d:3d:4c:71:b8:5c:be:b7:
e7:47:5f:e2:69:3e:5b:c4:bc:c0:bb:b8:04:b7:26:fa:19:5f:
b0:23:d0:da:54:19:f2:ec:f1:2a:11:75:dc:81:77:55:38:2f:
48:c7:f4:85:f3:1e:c5:8d:06:ab:42:69:e4:a2:e7:1c:a4:50:
3f:16:48:3f:e0:90:6d:f4:0b:51:14:d0:3b:90:e9:51:8d:c4:
63:4b:47:87:3a:b7:60:9b:58:a0:a6:e8:f8:cb:87:2f:22:d0:
ca:d6:32:94:2d:63:79:63:9e:7f:ab:c4:f6:f4:b5:2e:cf:1d:
83:3f:05:b9:0d:44:6b:c8:be:05:21:6e:56:0e:a7:69:b5:be:
2b:cb:9f:3c:69:a9:1b:8b:97:76:67:8c:1d:4d:7a:17:af:10:
d1:9b:ba:bf:3c:05:a3:f6:28:e9:85:d4:0d:70:38:68:ce:69:
fd:29:50:90:f4:be:d4:01:90:54:39:b0:8f:09:63:40:9a:0e:
ed:bb:88:3a:05:b8:c0:a6:5d:76:2c:40:3d:f0:be:54:03:38:
fc:57:b9:66:ec:62:bd:80:04:d4:c3:fb:ef:39:82:d8:95:db:
83:7e:9b:50:52:36:92:d1:9b:72:31:88:81:23:66:e6:93:d5:
a0:3b:c0:f0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFLAUResVEbhIg2uKCSvkIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODEzMDkxMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDA2YmQwMWY5MjE3OTFkMDdjODZmNDg1ZTAxMzI4OGJmMzgxY2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7jIp6k46vQ5ZTsvHaNsopOTg07IZ
c/V5+dA9U0N1Waiaaxfk9R9h/LmK5Pfxyqb0hcwjeP85I675w+GBLilhJXkEJ3K+
3bA03U1btPrEilXIZuhHhtoENQb5qql54r8Ze8QK23k1OxGplqLNn7wj100Jo5js
6jJXRdfgE7ibhkBjXo9y2hBpWS/F4K+nynH7uVGyZPHHHtnA8guKGT3R3l3CNamA
ev4YqRei6WIJVlMY+wy00zl7HMrfAi7OrdSes4hWdAVu8toCn1h80KxmYw21T57u
rBwT2109haruSsqJNsIAmlOz6OOah8fb0R8xhD6cM130MVwou2rCVdDJwwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKAGvQH5IXkdB8hvSF4BMoi/OBzvMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvb0FhOUFma2hlUjBIeUc5SVhnRXlpTDg0SE84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAYCc4+cG2QoDGsF09THG4XL63
50df4mk+W8S8wLu4BLcm+hlfsCPQ2lQZ8uzxKhF13IF3VTgvSMf0hfMexY0Gq0Jp
5KLnHKRQPxZIP+CQbfQLURTQO5DpUY3EY0tHhzq3YJtYoKbo+MuHLyLQytYylC1j
eWOef6vE9vS1Ls8dgz8FuQ1Ea8i+BSFuVg6nabW+K8ufPGmpG4uXdmeMHU16F68Q
0Zu6vzwFo/Yo6YXUDXA4aM5p/SlQkPS+1AGQVDmwjwljQJoO7buIOgW4wKZddixA
PfC+VAM4/Fe5ZuxivYAE1MP77zmC2JXbg36bUFI2ktGbcjGIgSNm5pPVoDvA8A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:28 2025 by rpki-client