Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/s18hQqEylSJEzH2NwCJUgfTovoA.roa
File: s18hQqEylSJEzH2NwCJUgfTovoA.roa (raw, json)
Hash identifier: DcV3AtWoaUgpIP8R+rNZ1zajIB4cPNbDSUXij70GC2g=
Subject key identifier: B3:5F:21:42:A1:32:95:22:44:CC:7D:8D:C0:22:54:81:F4:E8:BE:80
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190E9FEBFA895B6A747999A8A9EC3267C41
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/s18hQqEylSJEzH2NwCJUgfTovoA.roa
Signing time: Thu 25 Jul 2024 13:05:04 +0000
ROA not before: Thu 25 Jul 2024 13:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:e9fe:9b2/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 25 Jul 2024 13:12:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e9:fe:bf:a8:95:b6:a7:47:99:9a:8a:9e:c3:26:7c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 25 13:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b35f2142a132952244cc7d8dc0225481f4e8be80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:59:c4:ce:35:27:f5:0d:cc:03:08:19:5e:8f:
dc:a6:86:55:2e:fc:fb:0e:73:e0:97:5e:af:ed:3c:
1f:82:d5:d5:76:e7:c8:e2:7c:5b:28:c4:67:0a:9e:
cd:d6:a0:a2:8b:45:2a:07:9b:51:da:a0:7c:06:24:
1d:10:f5:3d:de:f4:78:7b:36:24:eb:93:67:51:ec:
e4:9e:0b:da:40:fc:9d:bd:dc:b4:38:ff:e9:cc:8a:
5a:56:36:91:c7:54:22:9a:95:7b:be:ee:ab:0f:13:
a4:5d:b0:cc:2d:ff:23:8c:b2:16:61:8b:ce:96:7b:
b9:6c:be:e5:ad:86:ef:6e:a9:c0:01:e5:33:2e:bc:
7c:0b:6a:76:a5:f1:c4:96:48:a0:0e:bf:65:3b:f8:
bd:ec:49:2a:20:f5:56:be:cc:5d:2a:00:af:76:00:
e4:37:d9:00:ef:b0:93:a9:60:96:00:e4:e8:28:9f:
66:d2:96:17:c7:95:f4:3f:51:a9:e4:e1:57:1d:ea:
57:a4:88:81:57:45:27:e4:8b:ee:6d:3e:01:f0:9a:
36:60:05:76:87:82:24:ea:aa:aa:45:8a:e7:82:82:
3d:2d:b3:4a:b0:61:4c:ab:c0:b7:b2:ed:13:e4:04:
7b:69:cf:9a:38:8f:8f:ef:89:6f:21:89:77:74:e1:
b9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:5F:21:42:A1:32:95:22:44:CC:7D:8D:C0:22:54:81:F4:E8:BE:80
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/s18hQqEylSJEzH2NwCJUgfTovoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:e9fe:9b2/128
Signature Algorithm: sha256WithRSAEncryption
5a:41:75:41:5f:a2:01:0e:29:39:0f:73:c2:5e:fe:28:db:02:
dc:b6:e1:75:62:03:a4:75:37:f8:0e:c2:98:95:b5:a3:14:ba:
3f:f4:45:72:fc:44:bd:61:56:35:88:5d:48:a2:f5:65:07:db:
7c:5b:18:51:7b:af:ba:18:40:c7:b8:2d:96:74:25:ad:5e:ce:
d7:26:89:c5:25:d9:e0:98:9a:9e:00:70:1f:06:d2:03:52:6a:
dc:90:d8:da:3d:a4:e6:0b:4b:b2:8c:f7:0d:c3:2d:fc:91:76:
2b:46:a6:3b:ad:ae:69:49:08:6a:d3:3f:f2:8f:62:5b:b9:ba:
a4:c4:d1:1f:96:87:50:4c:d8:8c:eb:32:08:cd:02:60:95:e8:
4b:da:8b:ae:d4:79:ca:b3:c7:7f:46:64:1e:9e:c8:19:d0:89:
e7:f8:a9:ed:6a:8f:c3:61:2f:5e:29:4a:84:e7:53:a6:64:bc:
f1:ee:18:41:55:fd:90:70:a3:fa:7f:5d:d3:bc:a4:23:0e:11:
c1:2a:9e:a3:7d:e5:7f:66:2a:d6:bc:7d:dd:44:b7:e8:d3:2b:
f9:2f:57:31:31:f5:24:2d:19:c3:52:c6:66:9c:d6:8d:72:21:
b6:ce:47:ba:eb:cf:28:06:cd:e5:ba:61:c3:38:4a:e5:d7:fb:
e1:61:eb:87
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZDp/r+olbanR5maip7DJnxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzI1MTMwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzVmMjE0MmExMzI5NTIyNDRjYzdkOGRjMDIyNTQ4MWY0ZThiZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVnEzjUn9Q3MAwgZXo/cpoZVLvz7
DnPgl16v7TwfgtXVdufI4nxbKMRnCp7N1qCii0UqB5tR2qB8BiQdEPU93vR4ezYk
65NnUezkngvaQPydvdy0OP/pzIpaVjaRx1QimpV7vu6rDxOkXbDMLf8jjLIWYYvO
lnu5bL7lrYbvbqnAAeUzLrx8C2p2pfHElkigDr9lO/i97EkqIPVWvsxdKgCvdgDk
N9kA77CTqWCWAOToKJ9m0pYXx5X0P1Gp5OFXHepXpIiBV0Un5IvubT4B8Jo2YAV2
h4Ik6qqqRYrngoI9LbNKsGFMq8C3su0T5AR7ac+aOI+P74lvIYl3dOG5PwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLNfIUKhMpUiRMx9jcAiVIH06L6AMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvczE4aFFxRXlsU0pFekgyTndDSlVnZlRvdm9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ6f4JsjANBgkqhkiG9w0BAQsFAAOCAQEAWkF1QV+iAQ4pOQ9zwl7+KNsC
3LbhdWIDpHU3+A7CmJW1oxS6P/RFcvxEvWFWNYhdSKL1ZQfbfFsYUXuvuhhAx7gt
lnQlrV7O1yaJxSXZ4JiangBwHwbSA1Jq3JDY2j2k5gtLsoz3DcMt/JF2K0amO62u
aUkIatM/8o9iW7m6pMTRH5aHUEzYjOsyCM0CYJXoS9qLrtR5yrPHf0ZkHp7IGdCJ
5/ip7WqPw2EvXilKhOdTpmS88e4YQVX9kHCj+n9d07ykIw4RwSqeo33lf2Yq1rx9
3US36NMr+S9XMTH1JC0Zw1LGZpzWjXIhts5HuuvPKAbN5bphwzhK5df74WHrhw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:05 2025 by rpki-client