Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rMjH3dR53qop2BOTzjqx16Wf9eo.roa
File: rMjH3dR53qop2BOTzjqx16Wf9eo.roa (raw, json)
Hash identifier: FPt/EOdjwfW/uU61hnunAY8N9HNhHrqcx/O9O9sG10o=
Subject key identifier: AC:C8:C7:DD:D4:79:DE:AA:29:D8:13:93:CE:3A:B1:D7:A5:9F:F5:EA
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01929914385C2C97ED41E1770693F0DB2F68
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rMjH3dR53qop2BOTzjqx16Wf9eo.roa
Signing time: Thu 17 Oct 2024 06:04:52 +0000
ROA not before: Thu 17 Oct 2024 06:04:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:192:9913:ab64/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 17 Oct 2024 06:10:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:99:14:38:5c:2c:97:ed:41:e1:77:06:93:f0:db:2f:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Oct 17 06:04:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acc8c7ddd479deaa29d81393ce3ab1d7a59ff5ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:db:70:c5:f2:00:b0:35:be:45:e5:45:1e:99:
2d:a9:ff:b6:89:7b:2f:62:b6:41:35:95:a8:3d:87:
ea:fb:63:f6:92:96:07:f1:b3:90:7b:3c:74:27:3d:
06:fa:00:ec:b7:a3:d6:de:0a:9e:0f:50:66:c5:55:
18:a9:52:1d:f8:5b:4d:89:9e:cb:ff:c0:79:b0:db:
8e:b3:65:6b:c7:31:49:35:08:fd:eb:c2:be:86:13:
fe:c3:d9:5a:93:3a:15:2f:a2:ed:24:7d:a6:ef:28:
d1:65:ff:cf:84:64:f2:71:2b:f1:9d:88:29:d6:bc:
df:1c:45:fc:a2:b0:81:66:f4:af:13:ec:77:4b:ae:
9b:5d:51:6b:36:48:0a:60:f9:1c:0d:c9:8d:73:23:
dd:7e:45:29:3f:4e:e7:0c:07:be:d4:7d:9d:8f:11:
73:89:81:be:69:da:03:14:e8:89:9e:f1:1b:c9:16:
54:14:52:e6:21:88:54:9b:f6:e1:b1:84:75:e2:89:
55:7a:5d:ec:e5:71:75:49:d5:26:13:47:18:b2:75:
3e:7d:cc:01:b4:5f:87:54:51:0e:32:e3:84:3d:37:
cd:e0:b2:e7:9f:37:fd:ab:7a:18:c2:e2:95:be:84:
6a:ca:99:7c:ff:c3:d4:ac:0d:17:a2:01:10:aa:b9:
3a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C8:C7:DD:D4:79:DE:AA:29:D8:13:93:CE:3A:B1:D7:A5:9F:F5:EA
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rMjH3dR53qop2BOTzjqx16Wf9eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:192:9913:ab64/128
Signature Algorithm: sha256WithRSAEncryption
76:2b:a2:d5:ee:a3:53:21:c8:9a:69:e9:f7:01:06:09:fe:b3:
50:80:3f:be:7a:3a:d3:d7:64:68:47:b8:58:16:50:85:46:74:
f8:39:9f:8c:47:64:f2:a5:8b:87:a9:e9:65:34:62:95:be:9f:
98:05:54:c6:3e:d7:70:02:1e:26:a8:08:55:6e:8d:4e:9b:cf:
80:a9:20:59:d2:dc:01:6f:a0:ff:d6:f9:fd:e8:0b:a6:fa:6d:
83:ae:0f:42:01:0b:71:a9:30:f2:68:cc:7e:90:78:55:0c:9c:
c8:a7:bd:a2:e6:84:fe:c5:69:12:60:5d:10:4b:93:ef:f7:2f:
6a:b1:e7:b6:ab:e8:5f:a1:60:2c:03:8e:76:89:12:34:8c:68:
8b:65:d1:dc:29:98:f2:d8:13:cf:e4:3e:13:23:99:0c:ea:f6:
bb:69:28:1c:ec:0e:34:4d:7b:f7:32:b5:d1:a2:21:68:0e:03:
67:8b:91:a3:01:3c:b0:6f:aa:bf:c9:d3:ed:bb:b1:f1:33:72:
be:f2:c6:45:32:80:07:e2:87:8f:68:c0:3e:dd:e0:63:ee:d0:
df:b9:ea:cc:33:6a:73:1d:68:e6:03:db:2e:40:df:47:03:ca:
38:d5:82:27:8d:8c:81:b5:bf:a5:4d:7e:3e:02:e2:b9:56:1a:
f9:5c:a6:36
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZKZFDhcLJftQeF3BpPw2y9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMDE3MDYwNDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2M4YzdkZGQ0NzlkZWFhMjlkODEzOTNjZTNhYjFkN2E1OWZmNWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgttwxfIAsDW+ReVFHpktqf+2iXsv
YrZBNZWoPYfq+2P2kpYH8bOQezx0Jz0G+gDst6PW3gqeD1BmxVUYqVId+FtNiZ7L
/8B5sNuOs2VrxzFJNQj968K+hhP+w9lakzoVL6LtJH2m7yjRZf/PhGTycSvxnYgp
1rzfHEX8orCBZvSvE+x3S66bXVFrNkgKYPkcDcmNcyPdfkUpP07nDAe+1H2djxFz
iYG+adoDFOiJnvEbyRZUFFLmIYhUm/bhsYR14olVel3s5XF1SdUmE0cYsnU+fcwB
tF+HVFEOMuOEPTfN4LLnnzf9q3oYwuKVvoRqypl8/8PUrA0XogEQqrk6lQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKzIx93Ued6qKdgTk846sdeln/XqMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvck1qSDNkUjUzcW9wMkJPVHpqcXgxNldmOWVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGSmROrZDANBgkqhkiG9w0BAQsFAAOCAQEAdiui1e6jUyHImmnp9wEGCf6z
UIA/vno609dkaEe4WBZQhUZ0+DmfjEdk8qWLh6npZTRilb6fmAVUxj7XcAIeJqgI
VW6NTpvPgKkgWdLcAW+g/9b5/egLpvptg64PQgELcakw8mjMfpB4VQycyKe9ouaE
/sVpEmBdEEuT7/cvarHntqvoX6FgLAOOdokSNIxoi2XR3CmY8tgTz+Q+EyOZDOr2
u2koHOwONE179zK10aIhaA4DZ4uRowE8sG+qv8nT7bux8TNyvvLGRTKAB+KHj2jA
Pt3gY+7Q37nqzDNqcx1o5gPbLkDfRwPKONWCJ42MgbW/pU1+PgLiuVYa+VymNg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:43:25 2025 by rpki-client