Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rS5QduukGOIj4imTQCyImcJMtgk.roa
File: rS5QduukGOIj4imTQCyImcJMtgk.roa (raw, json)
Hash identifier: J9so3SM0J/NiQ/rssTiU4GShObU2CrAPOw5HfSe8p6M=
Subject key identifier: AD:2E:50:76:EB:A4:18:E2:23:E2:29:93:40:2C:88:99:C2:4C:B6:09
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191B4CBD3B093A64F38AFB3375252A82126
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rS5QduukGOIj4imTQCyImcJMtgk.roa
Signing time: Mon 02 Sep 2024 22:12:22 +0000
ROA not before: Mon 02 Sep 2024 22:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 02 Sep 2024 23:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b4:cb:d3:b0:93:a6:4f:38:af:b3:37:52:52:a8:21:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 2 22:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad2e5076eba418e223e22993402c8899c24cb609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1f:8a:7f:2e:88:83:0b:46:48:69:aa:1d:46:
26:de:9b:f7:ae:8b:ba:b4:bb:cc:1e:4c:0c:55:1e:
44:19:ab:e6:6c:1b:26:96:26:fc:ae:13:41:af:61:
f0:7c:9a:15:d8:b3:01:d1:4a:16:f2:4a:40:55:4d:
85:49:3c:43:18:fb:6c:3b:14:f6:44:dd:ee:c0:fb:
06:66:9f:30:5f:eb:dd:5f:0c:3e:fb:f2:49:4c:1c:
41:d6:52:e3:5e:0d:3b:6c:63:e2:a0:d1:35:53:92:
09:a2:d2:7e:fa:94:82:ca:93:c6:f5:3f:f2:53:a7:
0b:17:15:ed:fa:aa:11:bd:93:84:4f:9f:2c:29:9b:
dc:54:31:00:29:ee:40:56:56:f2:97:67:67:3d:a7:
cc:be:3c:8d:e8:00:85:20:26:ab:92:89:90:4e:5e:
91:f1:2c:b4:a8:10:da:c9:a7:5d:9e:22:67:49:4c:
45:aa:db:bd:c2:bc:2b:12:14:e5:cf:41:21:17:ec:
39:c0:6a:2f:e2:6b:c6:ef:3e:85:3f:a4:a6:b7:4d:
6b:f4:e7:3f:a3:83:b7:fc:fb:15:5b:d9:93:c7:cd:
ea:7e:44:2e:17:2f:aa:06:4a:89:64:2d:a6:14:4c:
1a:5a:88:2e:2b:a9:68:75:46:50:83:0a:7d:a2:06:
8c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:2E:50:76:EB:A4:18:E2:23:E2:29:93:40:2C:88:99:C2:4C:B6:09
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rS5QduukGOIj4imTQCyImcJMtgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
8b:c7:0d:7e:26:c5:35:24:15:ba:71:43:f0:1e:9c:b9:c0:42:
0b:53:38:5c:65:fd:23:ee:41:4e:99:a6:41:e3:84:ea:83:3a:
22:85:a5:8e:84:35:f0:8d:45:9c:4a:ea:1a:99:89:e3:ae:85:
65:6a:30:0b:b1:65:ff:ac:b0:c8:58:ad:2a:2f:63:10:c8:50:
32:4a:f1:77:d7:34:5b:ef:1d:f7:c4:45:ea:0e:a2:63:de:27:
58:fa:72:05:83:31:4c:ce:ab:dc:ec:81:93:41:cf:7d:e4:c7:
d0:f7:e9:6e:92:23:c4:68:a1:5d:9d:73:92:ee:dc:46:65:8a:
9a:55:59:70:26:2e:5d:e5:68:30:a4:e1:50:1d:a7:c0:9f:ac:
e0:20:7c:d8:28:82:92:e0:b4:8e:be:e6:20:8f:68:90:3c:12:
6b:35:fb:82:ab:a8:af:6f:23:3e:8e:bb:2e:06:a1:e8:18:dd:
1d:cb:54:50:26:d9:d9:2b:7c:4d:00:aa:80:c9:17:73:bf:80:
f0:07:aa:8e:ca:ff:75:7f:c9:39:89:bb:75:0e:dd:af:fb:76:
3c:bd:00:15:06:c7:5e:8a:73:ab:a6:f2:28:c6:ef:95:3e:ba:
7d:74:f2:5c:70:69:2f:11:d0:2b:9a:11:99:7e:9b:7f:ff:0c:
ad:04:c6:a8
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZG0y9Owk6ZPOK+zN1JSqCEmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAyMjIxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDJlNTA3NmViYTQxOGUyMjNlMjI5OTM0MDJjODg5OWMyNGNiNjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtx+Kfy6IgwtGSGmqHUYm3pv3rou6
tLvMHkwMVR5EGavmbBsmlib8rhNBr2HwfJoV2LMB0UoW8kpAVU2FSTxDGPtsOxT2
RN3uwPsGZp8wX+vdXww++/JJTBxB1lLjXg07bGPioNE1U5IJotJ++pSCypPG9T/y
U6cLFxXt+qoRvZOET58sKZvcVDEAKe5AVlbyl2dnPafMvjyN6ACFICarkomQTl6R
8Sy0qBDayaddniJnSUxFqtu9wrwrEhTlz0EhF+w5wGov4mvG7z6FP6Smt01r9Oc/
o4O3/PsVW9mTx83qfkQuFy+qBkqJZC2mFEwaWoguK6lodUZQgwp9ogaM2wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFK0uUHbrpBjiI+Ipk0AsiJnCTLYJMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvclM1UWR1dWtHT0lqNGltVFFDeUltY0pNdGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAi8cNfibFNSQVunFD8B6cucBC
C1M4XGX9I+5BTpmmQeOE6oM6IoWljoQ18I1FnErqGpmJ466FZWowC7Fl/6ywyFit
Ki9jEMhQMkrxd9c0W+8d98RF6g6iY94nWPpyBYMxTM6r3OyBk0HPfeTH0PfpbpIj
xGihXZ1zku7cRmWKmlVZcCYuXeVoMKThUB2nwJ+s4CB82CiCkuC0jr7mII9okDwS
azX7gquor28jPo67Lgah6BjdHctUUCbZ2St8TQCqgMkXc7+A8Aeqjsr/dX/JOYm7
dQ7dr/t2PL0AFQbHXopzq6byKMbvlT66fXTyXHBpLxHQK5oRmX6bf/8MrQTGqA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:31 2025 by rpki-client