Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oiO6KcXy29R_V_psN7OcDhg5gdM.roa
File: oiO6KcXy29R_V_psN7OcDhg5gdM.roa (raw, json)
Hash identifier: EHas5FRVpu+4xn21fTSTnU62KWJ7u4FLLJ/gH3++uIc=
Subject key identifier: A2:23:BA:29:C5:F2:DB:D4:7F:57:FA:6C:37:B3:9C:0E:18:39:81:D3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191CC6564B878F5371C4F62672C9881D8A0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oiO6KcXy29R_V_psN7OcDhg5gdM.roa
Signing time: Sat 07 Sep 2024 12:11:22 +0000
ROA not before: Sat 07 Sep 2024 12:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 07 Sep 2024 13:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:cc:65:64:b8:78:f5:37:1c:4f:62:67:2c:98:81:d8:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 7 12:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a223ba29c5f2dbd47f57fa6c37b39c0e183981d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2e:a2:54:32:cc:21:4c:e5:7b:b0:d4:c7:63:
ef:35:10:00:8e:30:70:8e:0d:b3:ba:76:87:d0:b4:
d8:3c:6b:76:02:06:9a:36:38:04:40:5c:40:bf:e3:
cb:9e:6b:f3:50:68:45:8e:28:51:42:e1:db:ac:e3:
8d:bf:ac:2e:8b:dd:e6:99:24:09:f2:9a:9d:89:cf:
71:a0:5e:de:80:b5:cf:75:7b:9c:81:f6:fd:42:40:
44:21:5e:24:7a:40:62:9d:da:21:4f:e1:3b:76:34:
28:31:5a:df:de:9e:0f:87:47:63:89:4a:fb:0b:b2:
1c:70:34:33:a0:1a:a1:3c:f7:2e:8a:42:28:a4:c9:
27:86:a5:4c:64:80:67:4f:83:f7:d6:b4:cc:27:68:
69:75:11:ca:ab:ee:1e:3b:58:44:46:22:31:b1:95:
44:24:2c:14:46:15:f9:41:d0:c7:51:fb:7a:47:b8:
6e:4f:48:f8:3e:2d:63:5e:7f:6a:00:41:bd:5c:eb:
25:04:a5:a2:40:32:6f:fe:a9:dd:c4:89:36:ac:5f:
87:88:f8:bd:33:59:51:ac:cf:7a:fe:2b:02:05:49:
d9:cc:a5:e0:9f:75:69:d7:1d:09:66:8c:85:30:58:
a5:01:05:f4:2a:9c:4a:85:26:f3:7a:2a:18:c1:8c:
c3:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:23:BA:29:C5:F2:DB:D4:7F:57:FA:6C:37:B3:9C:0E:18:39:81:D3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oiO6KcXy29R_V_psN7OcDhg5gdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
3c:d9:81:48:00:75:5c:f2:08:f0:73:9d:68:29:e2:04:4c:ec:
8c:4d:ad:c1:b7:e5:fb:c9:0e:ca:c3:d4:19:9e:7a:11:88:0c:
a2:7e:00:fe:18:fc:e1:6d:72:43:aa:cc:88:35:5c:bb:b3:58:
32:c3:cf:a2:e7:71:64:c9:d1:07:2b:e2:0a:54:7e:33:e0:85:
71:e9:0a:03:ca:a4:25:29:e5:6f:87:b3:80:f2:d1:71:9a:e6:
87:1a:54:6a:d3:c9:b8:9a:4d:12:59:96:38:17:18:e1:a4:cc:
70:db:d2:20:fb:55:b7:34:46:0f:b4:bb:06:07:8c:2b:23:ed:
c1:11:1e:88:8c:11:04:47:a8:cf:47:48:0d:63:17:b1:1b:6b:
33:42:fb:af:b0:13:ae:7f:f9:b4:a1:f2:e6:e9:88:ea:b5:17:
7e:ee:d5:50:f3:26:cc:3f:2a:66:db:89:d3:c5:3d:5d:af:59:
29:51:bd:5f:f1:85:f4:6d:ba:a8:9c:79:c5:f1:67:5c:02:68:
c3:d3:f2:7c:28:29:46:ea:ba:38:c9:72:18:03:14:7d:9d:21:
a8:13:90:28:aa:d3:43:fa:ea:12:06:87:c8:c4:11:fa:d3:ab:
99:6d:fc:76:52:97:05:c2:11:a7:ad:f5:c9:66:ac:70:7a:e9:
f3:05:ab:40
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZHMZWS4ePU3HE9iZyyYgdigMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA3MTIxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjIzYmEyOWM1ZjJkYmQ0N2Y1N2ZhNmMzN2IzOWMwZTE4Mzk4MWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmi6iVDLMIUzle7DUx2PvNRAAjjBw
jg2zunaH0LTYPGt2AgaaNjgEQFxAv+PLnmvzUGhFjihRQuHbrOONv6wui93mmSQJ
8pqdic9xoF7egLXPdXucgfb9QkBEIV4kekBindohT+E7djQoMVrf3p4Ph0djiUr7
C7IccDQzoBqhPPcuikIopMknhqVMZIBnT4P31rTMJ2hpdRHKq+4eO1hERiIxsZVE
JCwURhX5QdDHUft6R7huT0j4Pi1jXn9qAEG9XOslBKWiQDJv/qndxIk2rF+HiPi9
M1lRrM96/isCBUnZzKXgn3Vp1x0JZoyFMFilAQX0KpxKhSbzeioYwYzD5QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKIjuinF8tvUf1f6bDeznA4YOYHTMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvb2lPNktjWHkyOVJfVl9wc043T2NEaGc1Z2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAPNmBSAB1XPII8HOdaCniBEzs
jE2twbfl+8kOysPUGZ56EYgMon4A/hj84W1yQ6rMiDVcu7NYMsPPoudxZMnRByvi
ClR+M+CFcekKA8qkJSnlb4ezgPLRcZrmhxpUatPJuJpNElmWOBcY4aTMcNvSIPtV
tzRGD7S7BgeMKyPtwREeiIwRBEeoz0dIDWMXsRtrM0L7r7ATrn/5tKHy5umI6rUX
fu7VUPMmzD8qZtuJ08U9Xa9ZKVG9X/GF9G26qJx5xfFnXAJow9PyfCgpRuq6OMly
GAMUfZ0hqBOQKKrTQ/rqEgaHyMQR+tOrmW38dlKXBcIRp631yWascHrp8wWrQA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:13 2025 by rpki-client