Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oJ9WB1arv9mTo6JmdfxyY2w1Rv0.roa
File: oJ9WB1arv9mTo6JmdfxyY2w1Rv0.roa (raw, json)
Hash identifier: S7ovlIRXlOMYJljyfFl3VVd1xehtBPL2zng5//YZdf0=
Subject key identifier: A0:9F:56:07:56:AB:BF:D9:93:A3:A2:66:75:FC:72:63:6C:35:46:FD
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01912C1A44A22FC76C3DF9E0F38BF072B7B6
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oJ9WB1arv9mTo6JmdfxyY2w1Rv0.roa
Signing time: Wed 07 Aug 2024 09:10:04 +0000
ROA not before: Wed 07 Aug 2024 09:10:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 07 Aug 2024 10:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2c:1a:44:a2:2f:c7:6c:3d:f9:e0:f3:8b:f0:72:b7:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 7 09:10:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a09f560756abbfd993a3a26675fc72636c3546fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a9:a4:52:67:4a:b0:ba:3f:63:30:03:09:a0:
7e:51:74:ac:d8:45:31:87:53:9d:f1:e6:b3:90:53:
3e:73:38:f1:6f:91:26:61:24:1e:74:53:62:ff:65:
8e:6a:9c:89:ac:31:ee:1c:21:ec:31:50:7a:ab:06:
eb:25:fa:36:13:f9:9c:a5:a8:88:6a:94:af:06:f2:
ef:a1:51:f5:98:18:0c:8c:ad:c1:4a:3d:3b:1f:6c:
b3:68:55:56:2f:54:8b:4a:30:99:98:b6:58:21:04:
dd:49:ab:03:97:d7:6d:49:26:2c:b8:f9:8c:97:f2:
54:e2:32:46:25:7a:43:3b:cc:2e:04:11:e9:cc:eb:
10:c6:ee:3f:5c:2e:04:02:2a:cd:36:a2:ae:8d:2a:
30:b2:d1:09:6c:5f:66:04:19:b0:0d:21:b4:fb:48:
4d:4d:1e:7b:3e:40:70:cd:2d:42:8c:24:b3:7a:37:
9c:2c:3b:26:f0:3d:b2:a2:8a:3c:93:a2:aa:1f:17:
77:34:37:3c:cf:5b:1d:00:b3:52:d4:49:0f:81:ea:
59:73:e7:32:c7:e2:c1:6c:73:56:7b:f8:33:33:f2:
17:b4:0b:0d:7f:15:eb:0e:fc:eb:dd:61:a2:0f:6a:
36:b5:4b:a2:c3:54:19:4f:f8:26:72:57:0f:95:03:
fd:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:9F:56:07:56:AB:BF:D9:93:A3:A2:66:75:FC:72:63:6C:35:46:FD
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oJ9WB1arv9mTo6JmdfxyY2w1Rv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
24:b7:ba:eb:e8:92:24:da:32:a5:be:9f:97:59:16:13:4d:04:
4b:08:a9:72:1b:6a:f7:da:fd:51:9a:06:17:3b:64:5c:20:75:
70:f3:a5:36:16:be:a5:98:f9:d3:0d:18:85:8d:09:24:38:bc:
8e:cd:b1:fd:04:ab:59:fc:91:d8:f2:9b:20:a0:a1:e4:3d:4f:
00:09:bb:08:92:96:b1:15:61:54:49:fc:2e:bf:3e:9f:be:c6:
cd:40:60:da:76:29:a0:07:69:1a:63:e6:c5:97:59:64:27:7c:
8d:ed:f2:53:9d:15:9c:31:ca:d3:2c:72:f1:fc:44:dd:e4:cf:
37:9c:64:61:d3:73:50:e4:89:f7:10:07:6e:89:ba:9e:10:7b:
78:9e:28:13:ab:58:33:77:6d:fd:17:06:1a:df:1e:b0:35:fa:
3f:f4:c3:a3:48:c9:87:bf:b4:fe:0f:00:6f:42:80:60:91:09:
ce:0b:32:de:18:2b:0f:e6:29:7a:e0:68:8d:1e:ad:91:0d:0f:
83:eb:42:4e:ed:b2:ff:8e:0c:d4:b1:2b:cd:73:0b:03:3f:62:
09:8e:9b:ba:bc:a3:7a:f5:e5:23:af:92:62:c6:fe:12:70:1e:
aa:1b:aa:bc:30:ab:5a:e9:f6:46:79:ee:34:b5:55:22:f4:00:
53:35:6e:b6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEsGkSiL8dsPfng84vwcre2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA3MDkxMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDlmNTYwNzU2YWJiZmQ5OTNhM2EyNjY3NWZjNzI2MzZjMzU0NmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKmkUmdKsLo/YzADCaB+UXSs2EUx
h1Od8eazkFM+czjxb5EmYSQedFNi/2WOapyJrDHuHCHsMVB6qwbrJfo2E/mcpaiI
apSvBvLvoVH1mBgMjK3BSj07H2yzaFVWL1SLSjCZmLZYIQTdSasDl9dtSSYsuPmM
l/JU4jJGJXpDO8wuBBHpzOsQxu4/XC4EAirNNqKujSowstEJbF9mBBmwDSG0+0hN
TR57PkBwzS1CjCSzejecLDsm8D2yooo8k6KqHxd3NDc8z1sdALNS1EkPgepZc+cy
x+LBbHNWe/gzM/IXtAsNfxXrDvzr3WGiD2o2tUuiw1QZT/gmclcPlQP9wwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKCfVgdWq7/Zk6OiZnX8cmNsNUb9MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvb0o5V0IxYXJ2OW1UbzZKbWRmeHlZMncxUnYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAJLe66+iSJNoypb6fl1kWE00E
Swipchtq99r9UZoGFztkXCB1cPOlNha+pZj50w0YhY0JJDi8js2x/QSrWfyR2PKb
IKCh5D1PAAm7CJKWsRVhVEn8Lr8+n77GzUBg2nYpoAdpGmPmxZdZZCd8je3yU50V
nDHK0yxy8fxE3eTPN5xkYdNzUOSJ9xAHbom6nhB7eJ4oE6tYM3dt/RcGGt8esDX6
P/TDo0jJh7+0/g8Ab0KAYJEJzgsy3hgrD+YpeuBojR6tkQ0Pg+tCTu2y/44M1LEr
zXMLAz9iCY6buryjevXlI6+SYsb+EnAeqhuqvDCrWun2RnnuNLVVIvQAUzVutg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:02 2025 by rpki-client