Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oS7HGO44vk4QxUVpo3U1mrStQug.roa
File: oS7HGO44vk4QxUVpo3U1mrStQug.roa (raw, json)
Hash identifier: uH+b53KBmhXQQj2n6lGDtEaM9J2ZsHymZQrQxN2GMWo=
Subject key identifier: A1:2E:C7:18:EE:38:BE:4E:10:C5:45:69:A3:75:35:9A:B4:AD:42:E8
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01917511576E27866276B29B963ECA8B9200
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oS7HGO44vk4QxUVpo3U1mrStQug.roa
Signing time: Wed 21 Aug 2024 13:12:36 +0000
ROA not before: Wed 21 Aug 2024 13:12:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 21 Aug 2024 14:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:75:11:57:6e:27:86:62:76:b2:9b:96:3e:ca:8b:92:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 21 13:12:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a12ec718ee38be4e10c54569a375359ab4ad42e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ec:0b:46:15:47:cf:f1:81:ac:d5:2c:9a:3e:
ce:05:b6:36:b5:76:37:91:d1:cb:d6:c5:48:00:38:
bc:c2:74:97:a5:e6:27:e0:2a:4f:7c:b6:3a:fc:51:
54:95:bf:45:07:87:74:10:0b:35:c3:c7:3b:e8:fb:
07:51:94:5c:46:ea:34:7e:18:db:e4:6d:76:12:a4:
84:e3:84:31:95:ba:8b:b1:41:f0:1a:be:ec:83:85:
df:aa:77:fe:b0:17:20:e7:3b:e9:dd:50:fe:f1:14:
0a:3e:08:fc:a2:f1:72:dc:dd:e9:d1:07:85:a8:0f:
a6:cd:ed:1f:09:c5:3b:cc:13:e6:e1:c0:b2:ce:2a:
89:ee:ba:17:62:b3:d6:18:2d:85:ea:f7:2d:09:50:
10:48:74:df:04:59:8d:0e:41:0b:b1:50:e7:59:15:
bf:d5:3a:aa:6b:79:84:41:4f:8f:c2:aa:00:71:3f:
fd:09:af:d6:48:6f:d6:b7:b2:77:8a:fe:11:04:b5:
2b:74:72:28:68:f0:de:03:17:32:39:6b:ad:48:80:
e2:e0:ea:60:91:bc:b1:21:b4:a6:a8:29:87:ea:8b:
85:05:0c:f8:e3:e0:16:6c:14:a0:be:53:cd:99:b8:
a0:4c:4e:f8:1a:38:b8:54:7c:2c:81:6a:34:03:6a:
ad:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:2E:C7:18:EE:38:BE:4E:10:C5:45:69:A3:75:35:9A:B4:AD:42:E8
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oS7HGO44vk4QxUVpo3U1mrStQug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
4a:cc:6a:ea:2f:8b:78:6b:e7:d7:8d:01:cd:6b:6c:8a:bc:8a:
a0:b9:7d:19:66:64:a9:69:ca:24:a5:b1:0e:a0:49:6e:b2:f0:
28:80:b1:c3:a3:67:8a:fa:9e:7b:45:f1:89:5e:8f:0e:55:0e:
1f:d2:49:f4:89:a3:34:ec:d5:d2:8d:0f:4a:4f:b6:09:64:f8:
e8:17:5f:d1:e9:8d:1d:d1:21:3d:30:f0:c7:11:31:22:fb:36:
29:cb:aa:71:91:f5:cf:3c:a3:c8:3b:0a:59:82:0c:e6:05:bd:
e2:b9:39:bf:cf:36:76:b9:59:89:ab:11:9e:c7:e0:c6:a7:52:
20:00:72:77:f1:ad:8f:65:1f:ee:e0:e4:9d:9b:1a:91:7c:cf:
eb:b1:71:2e:84:a1:ad:76:8f:bb:2d:8d:de:f2:f6:42:a2:1e:
cf:d8:ab:fd:a8:b9:21:03:db:6b:ad:6e:a0:23:4d:f1:a5:46:
ea:6e:22:4b:c9:c0:e8:8b:43:30:5a:1b:43:52:00:f8:55:67:
be:e6:32:9e:20:70:bf:7b:41:02:a5:ea:b1:86:3c:35:fb:40:
6a:59:70:eb:be:3b:18:36:cf:57:7b:42:76:ca:7e:a9:e3:3d:
f9:b3:ca:50:6e:fa:85:6e:5d:c3:22:de:2d:1e:c9:e7:95:d2:
46:ca:e9:7a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZF1EVduJ4ZidrKblj7Ki5IAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODIxMTMxMjM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTJlYzcxOGVlMzhiZTRlMTBjNTQ1NjlhMzc1MzU5YWI0YWQ0MmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOwLRhVHz/GBrNUsmj7OBbY2tXY3
kdHL1sVIADi8wnSXpeYn4CpPfLY6/FFUlb9FB4d0EAs1w8c76PsHUZRcRuo0fhjb
5G12EqSE44QxlbqLsUHwGr7sg4Xfqnf+sBcg5zvp3VD+8RQKPgj8ovFy3N3p0QeF
qA+mze0fCcU7zBPm4cCyziqJ7roXYrPWGC2F6vctCVAQSHTfBFmNDkELsVDnWRW/
1Tqqa3mEQU+PwqoAcT/9Ca/WSG/Wt7J3iv4RBLUrdHIoaPDeAxcyOWutSIDi4Opg
kbyxIbSmqCmH6ouFBQz44+AWbBSgvlPNmbigTE74Gji4VHwsgWo0A2qtzQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKEuxxjuOL5OEMVFaaN1NZq0rULoMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvb1M3SEdPNDR2azRReFVWcG8zVTFtclN0UXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEASsxq6i+LeGvn140BzWtsiryK
oLl9GWZkqWnKJKWxDqBJbrLwKICxw6Nnivqee0XxiV6PDlUOH9JJ9ImjNOzV0o0P
Sk+2CWT46Bdf0emNHdEhPTDwxxExIvs2KcuqcZH1zzyjyDsKWYIM5gW94rk5v882
drlZiasRnsfgxqdSIAByd/Gtj2Uf7uDknZsakXzP67FxLoShrXaPuy2N3vL2QqIe
z9ir/ai5IQPba61uoCNN8aVG6m4iS8nA6ItDMFobQ1IA+FVnvuYyniBwv3tBAqXq
sYY8NftAallw6747GDbPV3tCdsp+qeM9+bPKUG76hW5dwyLeLR7J55XSRsrpeg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:36:45 2025 by rpki-client