Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/piYY2FgBSZNp5Z5tngFEn3kz4Xw.roa
File: piYY2FgBSZNp5Z5tngFEn3kz4Xw.roa (raw, json)
Hash identifier: o5SIupVvQDd/hj5WUbTYbRnD6Khihh2jaCR4RPryU/A=
Subject key identifier: A6:26:18:D8:58:01:49:93:69:E5:9E:6D:9E:01:44:9F:79:33:E1:7C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191027A72A83563AE4F5451D7F1FE593550
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/piYY2FgBSZNp5Z5tngFEn3kz4Xw.roa
Signing time: Tue 30 Jul 2024 07:11:04 +0000
ROA not before: Tue 30 Jul 2024 07:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 30 Jul 2024 08:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:02:7a:72:a8:35:63:ae:4f:54:51:d7:f1:fe:59:35:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 30 07:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a62618d85801499369e59e6d9e01449f7933e17c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:11:3b:79:ed:26:55:5b:36:df:28:b6:31:3f:
ac:84:97:48:a9:30:76:88:51:4e:ed:0e:8a:a6:c7:
b4:65:90:e6:69:7f:27:14:f7:fd:9f:2d:4c:d2:e0:
9c:6d:1d:8f:fb:2f:e7:4f:92:19:c2:92:74:22:46:
cb:29:25:7a:18:ed:3d:3d:8c:ee:a0:60:5f:8b:d6:
a2:91:df:1d:d0:e2:11:56:b7:78:93:fa:78:ab:1f:
ae:70:88:d2:83:f3:93:49:12:96:f1:c1:70:11:c9:
74:0c:4a:2f:f5:c0:fe:20:34:0a:58:2d:e8:e1:f1:
de:43:1b:db:4f:9b:d8:f6:ad:a1:31:24:88:7c:2f:
0b:5d:a3:14:43:23:90:c4:c8:8f:6f:47:ba:1e:a3:
2b:df:68:9f:2d:9f:d9:eb:47:5e:da:c9:a9:bf:92:
13:fa:df:85:63:19:f1:7d:52:05:64:63:42:27:f8:
52:80:c5:69:48:17:68:47:bb:8a:07:7d:29:38:99:
3c:e8:33:1d:d6:f5:d0:5f:16:08:08:d7:84:7d:eb:
9a:84:b1:f1:2a:81:ce:ce:c7:7d:20:e0:af:f1:03:
d2:61:03:0f:60:53:da:c7:83:b3:72:22:da:85:33:
34:90:fe:d1:21:f8:72:fa:54:f0:80:8c:6f:e8:3e:
ea:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:26:18:D8:58:01:49:93:69:E5:9E:6D:9E:01:44:9F:79:33:E1:7C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/piYY2FgBSZNp5Z5tngFEn3kz4Xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
54:f1:87:e3:a7:ce:84:19:dd:ab:ab:75:9e:13:12:55:39:20:
d5:ec:61:d7:68:5a:9c:73:8a:10:cf:a4:80:59:d9:1a:52:54:
52:cb:b4:9d:9f:2b:83:9e:9f:fa:d2:0d:06:c4:b3:95:fb:87:
81:3c:b2:9e:10:1b:5d:ba:c2:0b:f0:46:c7:0a:14:25:0e:f4:
4f:3a:f9:fc:3b:8d:a9:42:a2:25:2c:23:65:3d:2b:51:d8:ae:
3c:e7:e0:f3:9b:1d:26:9e:f3:e3:e6:d6:ef:a1:df:3f:ea:0c:
13:fd:84:89:65:8a:20:00:0f:99:eb:fb:44:1c:7b:6d:e2:7f:
8a:9d:19:46:1d:25:58:2e:1a:b8:89:b6:2c:a4:fa:c7:44:cc:
86:40:ae:45:3e:2c:03:85:09:7c:42:eb:bd:f4:28:aa:f7:ee:
e0:d6:37:c7:11:6c:ff:dc:dd:e9:e7:be:01:e1:3f:99:8e:26:
19:b5:3d:0b:75:51:b5:ab:ac:d4:64:f0:e0:37:55:05:6c:71:
99:aa:3b:9b:d5:1d:7e:9a:2c:28:2e:ef:31:f2:3f:65:1d:9d:
c9:75:06:13:1a:f8:d3:d5:4f:2e:0c:14:d7:4d:09:ed:37:33:
bb:6b:10:22:af:f3:f5:b8:67:b1:e7:e5:ae:91:27:ba:72:5e:
44:6a:f1:8d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZECenKoNWOuT1RR1/H+WTVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzMwMDcxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjI2MThkODU4MDE0OTkzNjllNTllNmQ5ZTAxNDQ5Zjc5MzNlMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRE7ee0mVVs23yi2MT+shJdIqTB2
iFFO7Q6Kpse0ZZDmaX8nFPf9ny1M0uCcbR2P+y/nT5IZwpJ0IkbLKSV6GO09PYzu
oGBfi9aikd8d0OIRVrd4k/p4qx+ucIjSg/OTSRKW8cFwEcl0DEov9cD+IDQKWC3o
4fHeQxvbT5vY9q2hMSSIfC8LXaMUQyOQxMiPb0e6HqMr32ifLZ/Z60de2smpv5IT
+t+FYxnxfVIFZGNCJ/hSgMVpSBdoR7uKB30pOJk86DMd1vXQXxYICNeEfeuahLHx
KoHOzsd9IOCv8QPSYQMPYFPax4OzciLahTM0kP7RIfhy+lTwgIxv6D7qSwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKYmGNhYAUmTaeWebZ4BRJ95M+F8MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcGlZWTJGZ0JTWk5wNVo1dG5nRkVuM2t6NFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAVPGH46fOhBndq6t1nhMSVTkg
1exh12hanHOKEM+kgFnZGlJUUsu0nZ8rg56f+tINBsSzlfuHgTyynhAbXbrCC/BG
xwoUJQ70Tzr5/DuNqUKiJSwjZT0rUdiuPOfg85sdJp7z4+bW76HfP+oME/2EiWWK
IAAPmev7RBx7beJ/ip0ZRh0lWC4auIm2LKT6x0TMhkCuRT4sA4UJfELrvfQoqvfu
4NY3xxFs/9zd6ee+AeE/mY4mGbU9C3VRtaus1GTw4DdVBWxxmao7m9UdfposKC7v
MfI/ZR2dyXUGExr409VPLgwU100J7Tczu2sQIq/z9bhnseflrpEnunJeRGrxjQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:33 2025 by rpki-client