Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/vrlMcPU8UwhRWoilKl8wk4dv6bs.roa
File: vrlMcPU8UwhRWoilKl8wk4dv6bs.roa (raw, json)
Hash identifier: j2UUT9db+7DoDF2avGBvbNItWctsNtGB9nlNW7/Ngkk=
Subject key identifier: BE:B9:4C:70:F5:3C:53:08:51:5A:88:A5:2A:5F:30:93:87:6F:E9:BB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191DCEA9D5A82F33833CBD9FABB7D52FB1A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/vrlMcPU8UwhRWoilKl8wk4dv6bs.roa
Signing time: Tue 10 Sep 2024 17:10:48 +0000
ROA not before: Tue 10 Sep 2024 17:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 10 Sep 2024 18:05:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:dc:ea:9d:5a:82:f3:38:33:cb:d9:fa:bb:7d:52:fb:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 10 17:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=beb94c70f53c5308515a88a52a5f3093876fe9bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8d:0c:df:fd:50:7f:b8:04:d5:d0:0e:42:ec:
5a:98:88:76:2b:31:d5:9e:79:ac:8b:1d:c3:11:e3:
81:09:b8:31:fc:b0:9f:f7:bd:49:7b:b6:1c:1b:1f:
bd:b5:d3:62:1c:2b:15:e6:ff:b9:b0:12:41:18:04:
fc:f0:16:6d:ca:68:c2:9e:0c:fd:ab:ce:e5:ba:43:
e7:82:5e:9f:af:9e:f7:bc:f5:6e:26:f9:0e:2b:a7:
4c:5c:26:f4:25:e8:d8:ac:ba:82:aa:c9:84:3a:fd:
49:f3:e0:24:1a:87:2a:e7:9f:10:02:af:ee:bb:9d:
44:63:3d:80:a3:00:c9:e4:44:c2:42:a3:00:96:53:
4b:8a:f8:ea:e4:7d:c9:2c:72:8f:c8:d2:04:23:d2:
b3:06:ca:85:3b:dd:1b:e9:ca:9c:e1:53:66:83:e1:
a8:2d:51:c7:ef:eb:46:f6:a8:e3:1c:3b:c8:cb:a2:
5e:53:24:f1:62:20:25:6d:ff:c7:c9:c0:cd:f4:f1:
c7:63:7c:ee:9e:16:15:cf:83:85:3e:fe:11:72:f0:
58:49:74:00:cd:50:98:00:ff:d6:84:13:52:3d:c2:
58:61:a7:f5:d1:79:fe:52:c6:09:63:05:1a:2b:7e:
f2:15:16:4d:ba:97:21:68:15:2e:60:62:6c:cc:f0:
b7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:B9:4C:70:F5:3C:53:08:51:5A:88:A5:2A:5F:30:93:87:6F:E9:BB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/vrlMcPU8UwhRWoilKl8wk4dv6bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
5f:4f:ee:f8:ed:dd:ec:01:f1:a9:83:b1:df:f8:1f:ab:50:26:
94:aa:a7:e1:7f:d2:6f:05:f5:6c:d7:1a:da:c6:32:17:e7:ea:
a1:90:31:3e:42:f2:61:ec:c5:6d:8c:7a:73:20:b9:bf:8c:22:
29:2a:b6:3d:0b:1d:16:b8:f4:01:9f:23:e7:0a:92:2f:19:22:
fe:4b:c0:20:fd:bc:99:6a:e9:5b:a5:7a:56:d2:c1:18:28:ad:
f6:fe:82:fe:5a:c2:54:b0:f9:d9:55:f1:ca:7c:36:4d:e8:b2:
61:98:d3:5e:00:99:0b:40:1c:81:ef:37:67:fb:49:19:fd:e1:
c6:75:2c:55:21:c3:28:a5:e7:04:7f:9e:20:78:0b:10:f5:e6:
f9:06:66:87:8f:2c:0e:8e:45:18:4a:ea:3d:c0:32:33:b4:b5:
8f:5a:5a:75:29:78:68:00:f7:28:05:bb:f2:d8:9e:cc:68:3b:
fa:51:a7:06:13:06:59:87:32:a2:47:f7:1d:cd:f9:ad:c1:2b:
cd:56:15:b7:40:0b:2b:fa:3f:97:06:e4:b9:39:d0:2b:11:11:
08:4f:cf:1e:42:2b:23:99:44:e0:c2:14:b0:b3:fa:10:1c:33:
7b:d3:44:e6:35:0e:24:58:20:7f:b2:2d:70:52:5d:04:64:f4:
20:66:91:2a
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHc6p1agvM4M8vZ+rt9UvsaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTEwMTcxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWI5NGM3MGY1M2M1MzA4NTE1YTg4YTUyYTVmMzA5Mzg3NmZlOWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxo0M3/1Qf7gE1dAOQuxamIh2KzHV
nnmsix3DEeOBCbgx/LCf971Je7YcGx+9tdNiHCsV5v+5sBJBGAT88BZtymjCngz9
q87lukPngl6fr573vPVuJvkOK6dMXCb0JejYrLqCqsmEOv1J8+AkGocq558QAq/u
u51EYz2AowDJ5ETCQqMAllNLivjq5H3JLHKPyNIEI9KzBsqFO90b6cqc4VNmg+Go
LVHH7+tG9qjjHDvIy6JeUyTxYiAlbf/HycDN9PHHY3zunhYVz4OFPv4RcvBYSXQA
zVCYAP/WhBNSPcJYYaf10Xn+UsYJYwUaK37yFRZNupchaBUuYGJszPC3NwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFL65THD1PFMIUVqIpSpfMJOHb+m7MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdnJsTWNQVThVd2hSV29pbEtsOHdrNGR2NmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wDEQAgAQZ8AGT//wAAAZHYLDcb
MA0GCSqGSIb3DQEBCwUAA4IBAQBfT+747d3sAfGpg7Hf+B+rUCaUqqfhf9JvBfVs
1xraxjIX5+qhkDE+QvJh7MVtjHpzILm/jCIpKrY9Cx0WuPQBnyPnCpIvGSL+S8Ag
/byZaulbpXpW0sEYKK32/oL+WsJUsPnZVfHKfDZN6LJhmNNeAJkLQByB7zdn+0kZ
/eHGdSxVIcMopecEf54geAsQ9eb5BmaHjywOjkUYSuo9wDIztLWPWlp1KXhoAPco
Bbvy2J7MaDv6UacGEwZZhzKiR/cdzfmtwSvNVhW3QAsr+j+XBuS5OdArEREIT88e
QisjmUTgwhSws/oQHDN700TmNQ4kWCB/si1wUl0EZPQgZpEq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:53 2025 by rpki-client