Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tgYapt1I3Uax5VaM5sbyaOUVLbo.roa
File: tgYapt1I3Uax5VaM5sbyaOUVLbo.roa (raw, json)
Hash identifier: DZQMAvSIRY+ntYhblBfC9wexD57yDrEyVQutFu8OoQU=
Subject key identifier: B6:06:1A:A6:DD:48:DD:46:B1:E5:56:8C:E6:C6:F2:68:E5:15:2D:BA
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191B079DFAC5E3885A39C7708F8E7A8B8BF
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tgYapt1I3Uax5VaM5sbyaOUVLbo.roa
Signing time: Mon 02 Sep 2024 02:04:22 +0000
ROA not before: Mon 02 Sep 2024 02:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:b079:daab/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 02 Sep 2024 02:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b0:79:df:ac:5e:38:85:a3:9c:77:08:f8:e7:a8:b8:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 2 02:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6061aa6dd48dd46b1e5568ce6c6f268e5152dba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:67:57:e5:90:ba:90:07:b0:59:85:33:26:9a:
18:ee:22:7b:3c:a9:bd:26:a2:31:78:f2:ff:96:3f:
de:cd:d0:04:07:d6:09:41:bf:11:de:63:cf:93:93:
8a:1a:4f:52:b9:af:65:c5:f2:bc:45:4c:43:78:81:
7c:b8:f6:06:a3:3b:8c:e9:6e:06:d2:38:d4:62:4c:
56:b9:c8:b9:ed:62:73:35:19:c8:5d:cb:f7:c1:84:
54:17:5c:81:af:3c:0d:a1:8f:36:74:4c:00:51:b6:
90:f5:e2:f4:8c:f2:e6:36:22:22:6f:76:7c:ac:c9:
09:c7:06:a5:1a:e7:24:8b:53:63:91:57:e5:74:9d:
b7:35:ae:c0:01:94:7c:26:18:75:2d:b5:be:ef:66:
2b:98:53:23:f9:9a:54:d5:fd:aa:1d:28:df:b4:83:
da:cd:ec:ba:8e:c8:91:f1:d9:39:b2:bc:45:b6:82:
10:6c:0a:d9:19:28:94:af:9c:af:69:6c:28:7b:73:
fb:70:af:90:71:05:28:c4:13:99:a8:8d:33:fc:cb:
89:2e:4f:a6:05:9e:96:a7:e1:f6:60:a1:45:30:48:
43:8a:a0:e8:a4:a2:18:be:a4:7e:9d:e6:db:db:fc:
a8:27:de:78:cc:7e:79:34:06:4a:16:f0:67:c9:97:
48:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:06:1A:A6:DD:48:DD:46:B1:E5:56:8C:E6:C6:F2:68:E5:15:2D:BA
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tgYapt1I3Uax5VaM5sbyaOUVLbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:b079:daab/128
Signature Algorithm: sha256WithRSAEncryption
0d:5c:b9:75:c7:e0:b3:43:df:97:c7:cb:54:7c:6a:88:f4:a3:
c7:95:99:eb:f4:ae:ac:1d:63:14:46:3b:fb:cd:ef:d6:04:56:
43:e0:dc:a2:61:42:22:86:38:6c:d0:e8:81:b3:e0:b4:ba:0f:
19:08:19:5c:ae:de:e0:6a:43:93:84:53:dc:44:07:72:bc:2e:
28:11:a6:23:65:db:2c:52:59:51:11:73:56:0d:a6:a8:e4:22:
57:d8:92:d7:c6:13:54:00:c0:00:ef:7d:9b:0f:35:db:e9:e9:
f6:d7:a0:b2:43:95:35:b7:5a:c9:22:4b:8f:cc:ae:b3:81:3f:
03:83:27:24:ac:d9:f9:5a:ad:00:f1:eb:12:e5:78:4d:e8:08:
24:8d:10:7d:30:ab:af:44:8e:44:32:26:6a:d7:c6:f5:4d:69:
ba:12:30:05:7f:36:6d:7b:46:b1:9f:2f:0a:b9:52:74:42:c1:
38:2a:09:cc:a6:47:76:37:85:6c:3f:cb:ef:c4:f7:c5:7d:d6:
54:6e:78:40:2f:17:77:3e:06:ac:68:c0:3a:c3:1b:cf:d2:02:
b3:5d:af:33:e9:4f:ce:8b:39:88:0a:4d:2e:2d:71:cb:a3:eb:
16:db:30:52:56:e4:6e:69:b4:23:99:9d:74:25:6b:de:6b:d5:
45:50:db:8b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZGwed+sXjiFo5x3CPjnqLi/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAyMDIwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjA2MWFhNmRkNDhkZDQ2YjFlNTU2OGNlNmM2ZjI2OGU1MTUyZGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GdX5ZC6kAewWYUzJpoY7iJ7PKm9
JqIxePL/lj/ezdAEB9YJQb8R3mPPk5OKGk9Sua9lxfK8RUxDeIF8uPYGozuM6W4G
0jjUYkxWuci57WJzNRnIXcv3wYRUF1yBrzwNoY82dEwAUbaQ9eL0jPLmNiIib3Z8
rMkJxwalGucki1NjkVfldJ23Na7AAZR8Jhh1LbW+72YrmFMj+ZpU1f2qHSjftIPa
zey6jsiR8dk5srxFtoIQbArZGSiUr5yvaWwoe3P7cK+QcQUoxBOZqI0z/MuJLk+m
BZ6Wp+H2YKFFMEhDiqDopKIYvqR+nebb2/yoJ954zH55NAZKFvBnyZdIRwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLYGGqbdSN1GseVWjObG8mjlFS26MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdGdZYXB0MUkzVWF4NVZhTTVzYnlhT1VWTGJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkbB52qswDQYJKoZIhvcNAQELBQADggEB
AA1cuXXH4LND35fHy1R8aoj0o8eVmev0rqwdYxRGO/vN79YEVkPg3KJhQiKGOGzQ
6IGz4LS6DxkIGVyu3uBqQ5OEU9xEB3K8LigRpiNl2yxSWVERc1YNpqjkIlfYktfG
E1QAwADvfZsPNdvp6fbXoLJDlTW3WskiS4/MrrOBPwODJySs2flarQDx6xLleE3o
CCSNEH0wq69EjkQyJmrXxvVNaboSMAV/Nm17RrGfLwq5UnRCwTgqCcymR3Y3hWw/
y+/E98V91lRueEAvF3c+BqxowDrDG8/SArNdrzPpT86LOYgKTS4tccuj6xbbMFJW
5G5ptCOZnXQla95r1UVQ24s=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:50 2025 by rpki-client