Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/qO3q-V2XT6SpGFzT2OjJY-oOTTY.roa
File: qO3q-V2XT6SpGFzT2OjJY-oOTTY.roa (raw, json)
Hash identifier: 6kr1GDBw/Abtr8QQhU+L22g4em+Lr6OIBqIwQMLWG54=
Subject key identifier: A8:ED:EA:F9:5D:97:4F:A4:A9:18:5C:D3:D8:E8:C9:63:EA:0E:4D:36
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191400AA3F428EB92D385DAE60A87052AB8
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/qO3q-V2XT6SpGFzT2OjJY-oOTTY.roa
Signing time: Sun 11 Aug 2024 06:05:24 +0000
ROA not before: Sun 11 Aug 2024 06:05:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:4009:cad1/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 11 Aug 2024 06:14:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:40:0a:a3:f4:28:eb:92:d3:85:da:e6:0a:87:05:2a:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 11 06:05:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8edeaf95d974fa4a9185cd3d8e8c963ea0e4d36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b6:e2:3d:8e:88:0e:04:9f:9f:64:e8:52:d0:
f3:96:cb:3a:f2:5e:6e:5c:77:c3:b7:b7:b5:24:c0:
f9:57:9b:86:1b:f5:c9:24:63:63:c4:50:8c:6b:6f:
ac:46:18:8d:1f:48:c1:51:18:2b:ce:c9:a5:5a:82:
14:5e:62:4c:86:d2:66:04:a1:01:63:ab:0c:25:b9:
eb:9b:85:05:c8:77:a0:3f:9e:f3:c2:b2:b5:6a:c4:
96:7a:d3:56:e3:fc:a4:e9:4e:b3:1a:22:60:5c:39:
04:5b:32:17:e3:9c:c5:11:15:09:45:0d:59:91:54:
ea:ec:0f:65:33:c4:7d:e8:b7:8f:49:be:72:f1:17:
09:2b:9f:be:24:7b:5a:67:59:bf:ba:f7:b6:7a:3d:
1c:e5:e6:be:b8:45:76:be:84:cc:df:8f:96:f4:11:
39:ce:e6:79:e5:ab:92:47:37:32:89:76:f7:f1:1d:
07:59:07:ca:4d:3a:68:90:7c:64:fd:fa:4f:dd:3a:
a2:17:58:04:83:ad:c3:ff:b3:f9:3a:a3:83:ce:9c:
e5:0d:e0:6b:bb:3b:cf:36:dc:80:4b:fd:5c:3c:5e:
86:31:64:cc:ba:3b:a8:d6:90:61:36:03:1b:44:39:
ea:df:2b:ba:dd:96:ad:26:71:ac:b2:ea:52:47:18:
58:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:ED:EA:F9:5D:97:4F:A4:A9:18:5C:D3:D8:E8:C9:63:EA:0E:4D:36
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/qO3q-V2XT6SpGFzT2OjJY-oOTTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:4009:cad1/128
Signature Algorithm: sha256WithRSAEncryption
54:5e:d3:6e:66:3b:8f:c4:df:fa:4e:c5:da:24:0f:ca:43:86:
5b:0a:98:b7:c3:9c:71:6d:f7:aa:1d:8a:1a:c1:dd:ee:da:ee:
2a:7f:90:67:91:84:c7:fa:0c:e8:e7:5b:23:15:1e:ee:1e:38:
3f:22:82:ef:ac:ba:ee:f9:87:e1:5c:04:7e:e1:86:a6:7a:ce:
de:38:3a:2c:a0:50:67:10:ca:a4:7f:7b:9d:67:7a:e9:53:84:
82:21:90:38:48:92:5a:fc:2b:4a:80:88:0f:01:86:fe:b3:58:
be:22:3e:a9:e6:ac:b0:72:b0:53:83:bc:33:87:c6:a3:ab:6c:
0a:2d:fd:b8:ba:11:a6:f0:a3:9d:db:6c:4f:c0:10:8b:68:f2:
c6:f8:2c:ec:ba:54:ce:62:12:b7:41:b2:81:36:80:86:3e:16:
b3:98:89:64:73:03:ea:19:a7:16:8a:10:02:18:7f:e7:23:e3:
35:5d:7e:88:44:f9:11:88:cd:e7:56:3e:0d:72:1f:fd:cb:eb:
f5:c0:af:3a:f4:31:1d:23:69:ce:2c:bc:10:83:23:08:e7:b7:
26:24:0c:d0:fe:11:b7:d6:26:d7:86:b7:94:80:ea:9f:c4:a5:
78:05:c7:e6:65:7c:96:47:db:fa:4b:1d:07:d5:99:f5:c9:df:
07:85:e1:b9
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZFACqP0KOuS04Xa5gqHBSq4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODExMDYwNTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGVkZWFmOTVkOTc0ZmE0YTkxODVjZDNkOGU4Yzk2M2VhMGU0ZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbbiPY6IDgSfn2ToUtDzlss68l5u
XHfDt7e1JMD5V5uGG/XJJGNjxFCMa2+sRhiNH0jBURgrzsmlWoIUXmJMhtJmBKEB
Y6sMJbnrm4UFyHegP57zwrK1asSWetNW4/yk6U6zGiJgXDkEWzIX45zFERUJRQ1Z
kVTq7A9lM8R96LePSb5y8RcJK5++JHtaZ1m/uve2ej0c5ea+uEV2voTM34+W9BE5
zuZ55auSRzcyiXb38R0HWQfKTTpokHxk/fpP3TqiF1gEg63D/7P5OqODzpzlDeBr
uzvPNtyAS/1cPF6GMWTMujuo1pBhNgMbRDnq3yu63ZatJnGssupSRxhYRQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKjt6vldl0+kqRhc09joyWPqDk02MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcU8zcS1WMlhUNlNwR0Z6VDJPakpZLW9PVFRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkUAJytEwDQYJKoZIhvcNAQELBQADggEB
AFRe025mO4/E3/pOxdokD8pDhlsKmLfDnHFt96odihrB3e7a7ip/kGeRhMf6DOjn
WyMVHu4eOD8igu+suu75h+FcBH7hhqZ6zt44OiygUGcQyqR/e51neulThIIhkDhI
klr8K0qAiA8Bhv6zWL4iPqnmrLBysFODvDOHxqOrbAot/bi6Eabwo53bbE/AEIto
8sb4LOy6VM5iErdBsoE2gIY+FrOYiWRzA+oZpxaKEAIYf+cj4zVdfohE+RGIzedW
Pg1yH/3L6/XArzr0MR0jac4svBCDIwjntyYkDND+EbfWJteGt5SA6p/EpXgFx+Zl
fJZH2/pLHQfVmfXJ3weF4bk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:36 2025 by rpki-client