Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/sQS1dLzkpLxyhcYn40sp1v_LQkQ.roa
File: sQS1dLzkpLxyhcYn40sp1v_LQkQ.roa (raw, json)
Hash identifier: O3oYI12hG+uBZc/wom+Hlo/Q5yuab2PF8VcPWL7KNXI=
Subject key identifier: B1:04:B5:74:BC:E4:A4:BC:72:85:C6:27:E3:4B:29:D6:FF:CB:42:44
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01914C49F07B3D10D7BA1BD2DC44EDA784CF
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/sQS1dLzkpLxyhcYn40sp1v_LQkQ.roa
Signing time: Tue 13 Aug 2024 15:09:59 +0000
ROA not before: Tue 13 Aug 2024 15:09:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 13 Aug 2024 16:04:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4c:49:f0:7b:3d:10:d7:ba:1b:d2:dc:44:ed:a7:84:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 13 15:09:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b104b574bce4a4bc7285c627e34b29d6ffcb4244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:00:a9:ca:04:d2:70:fe:11:f9:9f:23:8d:08:
d4:41:43:e6:86:d3:73:3a:d7:7d:59:28:da:dc:5f:
7e:a5:a6:f9:4d:18:73:d1:69:18:35:40:61:a0:6e:
fc:c6:23:9e:5f:4c:53:b5:9f:40:42:65:1f:98:38:
77:89:71:e1:31:24:3e:a3:6d:cd:af:26:9a:5c:25:
98:85:77:63:37:81:94:93:f0:54:81:7d:40:64:23:
0d:c8:12:b4:e5:be:5d:c7:a1:3c:58:f0:65:53:bc:
ed:b2:18:71:75:56:bb:6b:11:17:74:cf:b7:fb:c7:
e2:ee:35:e3:26:c1:c5:45:98:e7:2c:3d:2a:34:ff:
c4:13:04:e3:67:db:a3:b5:98:6f:24:c1:20:db:95:
75:10:a6:65:63:a5:2a:34:4a:61:7e:3e:74:d3:1d:
b0:d1:55:3c:c1:3c:ce:70:b2:74:33:9d:45:34:c7:
13:11:35:0c:a8:1f:d5:12:9b:fd:57:a5:b5:c0:b8:
24:79:ea:ea:b7:f1:62:3f:fb:6b:ee:05:ad:14:61:
5b:20:45:db:b5:be:53:9c:3e:5b:bc:4c:79:f9:5e:
2b:8c:0a:88:84:1c:d9:91:db:3d:e0:74:b0:ee:b1:
8d:28:33:f8:4a:5a:d9:51:2f:92:4c:8f:e1:d6:00:
00:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:04:B5:74:BC:E4:A4:BC:72:85:C6:27:E3:4B:29:D6:FF:CB:42:44
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/sQS1dLzkpLxyhcYn40sp1v_LQkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
18:07:20:22:c9:cd:64:9a:e2:6a:b0:46:c2:c0:38:c1:fd:0c:
ff:24:87:bb:bf:be:2c:7b:8d:d8:af:95:c1:e9:f1:96:dd:fb:
43:eb:b3:45:82:4f:c5:96:e8:fa:ac:87:93:33:d4:12:be:d4:
0e:33:7b:89:76:4f:2a:13:c8:e3:b3:82:b0:b0:c3:04:ad:2d:
f2:45:50:dc:7f:0c:39:42:e8:1f:49:6e:40:4a:3c:38:0f:be:
62:e1:dc:a7:96:00:91:59:0a:bd:cd:99:2e:62:f6:ad:5e:a7:
ff:c0:3d:0b:cd:67:8f:c9:3c:7d:33:c4:f0:cc:31:b7:97:2e:
21:69:79:0a:67:30:c5:30:ca:6a:08:4b:6c:1a:2a:9c:ad:39:
0b:6a:4c:4e:1d:59:9c:fb:02:ce:a9:2b:77:e8:65:8d:35:59:
be:c4:53:e3:5e:97:89:cc:eb:81:f8:29:66:c2:67:ce:0a:0f:
48:6d:c0:02:6f:9c:8c:e9:38:47:18:fd:d8:f5:d0:13:21:5f:
e9:62:74:7d:b7:e7:8d:48:c5:b0:da:d9:74:50:8e:3c:c9:6d:
f4:17:9b:0c:a3:3e:5d:d4:50:f2:d8:e7:17:da:ba:0a:bc:1d:
69:c7:d0:f1:3d:6b:21:83:05:b0:20:a1:f7:b2:11:31:cf:79:
48:b4:af:1d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFMSfB7PRDXuhvS3ETtp4TPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODEzMTUwOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTA0YjU3NGJjZTRhNGJjNzI4NWM2MjdlMzRiMjlkNmZmY2I0MjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtACpygTScP4R+Z8jjQjUQUPmhtNz
Otd9WSja3F9+pab5TRhz0WkYNUBhoG78xiOeX0xTtZ9AQmUfmDh3iXHhMSQ+o23N
ryaaXCWYhXdjN4GUk/BUgX1AZCMNyBK05b5dx6E8WPBlU7ztshhxdVa7axEXdM+3
+8fi7jXjJsHFRZjnLD0qNP/EEwTjZ9ujtZhvJMEg25V1EKZlY6UqNEphfj500x2w
0VU8wTzOcLJ0M51FNMcTETUMqB/VEpv9V6W1wLgkeerqt/FiP/tr7gWtFGFbIEXb
tb5TnD5bvEx5+V4rjAqIhBzZkds94HSw7rGNKDP4SlrZUS+STI/h1gAAqQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLEEtXS85KS8coXGJ+NLKdb/y0JEMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvc1FTMWRMemtwTHh5aGNZbjQwc3Axdl9MUWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAGAcgIsnNZJriarBGwsA4wf0M
/ySHu7++LHuN2K+Vwenxlt37Q+uzRYJPxZbo+qyHkzPUEr7UDjN7iXZPKhPI47OC
sLDDBK0t8kVQ3H8MOULoH0luQEo8OA++YuHcp5YAkVkKvc2ZLmL2rV6n/8A9C81n
j8k8fTPE8Mwxt5cuIWl5CmcwxTDKaghLbBoqnK05C2pMTh1ZnPsCzqkrd+hljTVZ
vsRT416XiczrgfgpZsJnzgoPSG3AAm+cjOk4Rxj92PXQEyFf6WJ0fbfnjUjFsNrZ
dFCOPMlt9BebDKM+XdRQ8tjnF9q6CrwdacfQ8T1rIYMFsCCh97IRMc95SLSvHQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:16 2025 by rpki-client