Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/r4GOyu0gy3H-3Rsi-jqneZBogLE.roa
File: r4GOyu0gy3H-3Rsi-jqneZBogLE.roa (raw, json)
Hash identifier: UtO3QjWfBSW/Lil6yPaSYD6fWSxpfj6OXTNi0PNAS0o=
Subject key identifier: AF:81:8E:CA:ED:20:CB:71:FE:DD:1B:22:FA:3A:A7:79:90:68:80:B1
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019190F8FE102101ACAED54D88F8F1646D81
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/r4GOyu0gy3H-3Rsi-jqneZBogLE.roa
Signing time: Mon 26 Aug 2024 23:15:22 +0000
ROA not before: Mon 26 Aug 2024 23:15:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 27 Aug 2024 00:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:90:f8:fe:10:21:01:ac:ae:d5:4d:88:f8:f1:64:6d:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 26 23:15:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af818ecaed20cb71fedd1b22fa3aa779906880b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a3:7e:cb:71:7a:06:5d:c6:e8:73:6d:81:3b:
12:61:0e:24:ae:95:d1:3e:fa:b5:46:2f:d2:bc:79:
0f:cd:2e:19:1d:cb:1c:c1:d4:b0:05:26:3d:a7:75:
ae:55:fe:e9:e4:82:6f:7e:43:1c:e3:5d:ca:2a:6e:
b7:ef:20:61:ba:e1:83:7f:d9:5e:44:ad:bc:35:d6:
1f:fd:d9:fb:55:0a:68:14:53:9f:c0:5f:29:1c:30:
f8:04:b2:8a:69:45:c7:de:dd:bc:bc:19:8d:d5:9c:
ce:21:68:da:36:1e:04:df:fa:85:7c:59:46:5f:d7:
0c:21:0e:90:b6:d7:6d:67:54:16:3d:21:68:ec:b2:
1c:3e:ce:2c:a4:65:a0:a6:cd:33:3f:19:9f:ac:6c:
a2:a9:3b:5b:0e:ce:6a:cf:dd:47:07:e5:58:54:8c:
c7:11:7e:38:cb:76:d9:94:09:e0:b8:a1:79:d0:6b:
5e:6d:b8:a1:ca:c0:81:cf:d7:7c:35:3e:f4:0c:b6:
c2:35:3d:00:85:1c:3c:c6:7c:5c:74:a8:68:90:10:
dc:ea:ea:b5:3d:5c:dc:a2:73:24:62:09:8a:a1:0b:
fe:4d:c3:50:44:25:c1:e5:96:b1:a0:a1:bc:d7:e1:
4d:4d:9c:77:89:71:04:b6:e0:5e:3b:db:42:9e:3b:
df:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:81:8E:CA:ED:20:CB:71:FE:DD:1B:22:FA:3A:A7:79:90:68:80:B1
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/r4GOyu0gy3H-3Rsi-jqneZBogLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
10:c4:e1:e8:ca:82:43:31:48:cf:8b:86:f2:74:2f:2a:79:d0:
f3:22:1a:83:39:10:12:c4:a9:be:6c:fa:61:ec:13:1a:e8:3e:
2c:76:bb:e3:0c:15:15:3f:07:fe:94:ab:d7:26:c1:4b:2e:b1:
94:b6:5a:97:55:9f:0d:a4:eb:32:f4:35:e1:54:b8:a7:eb:e5:
16:4a:92:49:58:3a:9c:99:97:3b:71:29:63:08:b1:96:11:04:
41:7d:43:a2:ce:fd:9d:e3:87:a5:a7:a2:b9:40:32:89:8d:ec:
c4:b2:0e:f2:de:c0:f0:41:22:81:9e:6c:33:2e:df:3f:a1:bf:
ad:99:07:ec:52:d4:fb:be:57:1e:3b:10:71:e2:8e:c8:e8:5c:
3a:19:a9:de:f7:c0:c6:48:6e:a8:f9:15:f0:d4:02:9b:03:ec:
e1:bd:87:e9:47:1d:dc:f4:48:06:76:ca:17:7a:2d:35:31:3a:
b8:98:16:c7:34:2d:de:8c:37:a0:91:63:b0:99:42:34:c9:b3:
c7:01:ba:8f:77:2f:6b:5d:b1:ab:cf:5c:07:64:de:af:ac:30:
14:fb:15:07:68:e3:9d:43:56:19:3c:51:e9:a3:91:20:72:91:
a3:9d:13:df:59:3c:55:14:18:9a:e9:aa:6c:7d:c3:02:16:0b:
f3:95:47:b3
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGQ+P4QIQGsrtVNiPjxZG2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI2MjMxNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjgxOGVjYWVkMjBjYjcxZmVkZDFiMjJmYTNhYTc3OTkwNjg4MGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6N+y3F6Bl3G6HNtgTsSYQ4krpXR
Pvq1Ri/SvHkPzS4ZHcscwdSwBSY9p3WuVf7p5IJvfkMc413KKm637yBhuuGDf9le
RK28NdYf/dn7VQpoFFOfwF8pHDD4BLKKaUXH3t28vBmN1ZzOIWjaNh4E3/qFfFlG
X9cMIQ6QttdtZ1QWPSFo7LIcPs4spGWgps0zPxmfrGyiqTtbDs5qz91HB+VYVIzH
EX44y3bZlAnguKF50GtebbihysCBz9d8NT70DLbCNT0AhRw8xnxcdKhokBDc6uq1
PVzconMkYgmKoQv+TcNQRCXB5ZaxoKG81+FNTZx3iXEEtuBeO9tCnjvfXwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFK+BjsrtIMtx/t0bIvo6p3mQaICxMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcjRHT3l1MGd5M0gtM1JzaS1qcW5lWkJvZ0xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAEMTh6MqCQzFIz4uG8nQvKnnQ
8yIagzkQEsSpvmz6YewTGug+LHa74wwVFT8H/pSr1ybBSy6xlLZal1WfDaTrMvQ1
4VS4p+vlFkqSSVg6nJmXO3EpYwixlhEEQX1Dos79neOHpaeiuUAyiY3sxLIO8t7A
8EEigZ5sMy7fP6G/rZkH7FLU+75XHjsQceKOyOhcOhmp3vfAxkhuqPkV8NQCmwPs
4b2H6Ucd3PRIBnbKF3otNTE6uJgWxzQt3ow3oJFjsJlCNMmzxwG6j3cva12xq89c
B2Ter6wwFPsVB2jjnUNWGTxR6aORIHKRo50T31k8VRQYmumqbH3DAhYL85VHsw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:51 2025 by rpki-client