Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wPAEwib85qAJI4aswfhTS6guxSE.roa
File: wPAEwib85qAJI4aswfhTS6guxSE.roa (raw, json)
Hash identifier: jab0/RcTIRUxJkQFgHP55pDOmUpCMeQSNsxdYgt2sxM=
Subject key identifier: C0:F0:04:C2:26:FC:E6:A0:09:23:86:AC:C1:F8:53:4B:A8:2E:C5:21
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01910168B3D868A5362AC80E60801126809D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wPAEwib85qAJI4aswfhTS6guxSE.roa
Signing time: Tue 30 Jul 2024 02:12:04 +0000
ROA not before: Tue 30 Jul 2024 02:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 30 Jul 2024 03:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:01:68:b3:d8:68:a5:36:2a:c8:0e:60:80:11:26:80:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 30 02:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0f004c226fce6a0092386acc1f8534ba82ec521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e1:7a:5b:ec:da:c3:11:86:c3:2e:ed:77:d0:
46:19:fd:a3:6b:9c:78:e7:01:00:ff:14:71:86:50:
09:f5:d3:ef:6d:4c:10:7b:2b:1c:7e:61:db:12:7b:
1b:79:74:db:33:76:33:f5:7d:74:20:fe:a6:84:74:
cf:36:ad:22:c2:8e:c4:7a:4d:de:d8:bf:2b:dd:a3:
b1:e9:8e:e5:cd:60:c3:46:23:ef:b8:79:aa:2e:0d:
24:57:9c:f5:4f:74:bd:ad:03:a6:57:34:ad:8d:1c:
d7:08:30:7f:56:13:6f:39:c2:af:56:bc:f5:a9:e8:
85:49:08:ac:5e:c0:bf:d2:c0:65:4a:50:d4:a1:ac:
7b:b7:bf:8c:c0:71:8d:b2:6a:26:5e:8d:45:fb:62:
75:8e:2b:72:96:48:01:47:25:92:ef:87:b1:e5:fc:
8f:bf:27:5a:10:c0:d5:e7:7b:11:9a:8b:95:ac:69:
00:c7:6c:f7:fe:84:96:ca:c8:be:db:45:c9:1e:10:
93:e0:2c:fa:a0:0d:1c:14:36:37:1a:6e:08:ea:f9:
7e:ef:83:4c:c7:73:7a:a9:b9:db:6c:cd:7b:4a:c3:
17:49:99:23:51:95:8a:a4:52:c5:07:cc:0e:4e:d2:
8f:05:ac:9c:dd:4b:56:df:2f:fb:73:aa:9e:4c:bd:
51:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:F0:04:C2:26:FC:E6:A0:09:23:86:AC:C1:F8:53:4B:A8:2E:C5:21
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wPAEwib85qAJI4aswfhTS6guxSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
61:d9:9e:4c:47:f6:2f:81:8e:f5:8e:ac:d3:f2:6a:0e:b2:35:
0a:e6:cd:81:ed:fe:2c:9b:10:66:36:e8:8d:82:a7:96:74:5c:
d9:95:41:53:c5:2e:51:24:f4:e2:a8:06:9d:13:4c:54:1d:88:
39:89:32:01:59:9c:ef:e7:b6:db:e1:c1:22:4d:a5:8a:64:77:
6d:8e:82:cf:5b:f8:5c:4d:67:7e:62:06:c2:90:15:3f:87:25:
be:1f:34:dd:13:d4:b3:51:1b:8e:ba:c7:f4:ea:43:dd:a0:f7:
d8:67:9b:8a:05:e9:d7:37:73:b9:de:70:0f:c0:61:1c:61:e1:
98:8b:3e:f8:84:dc:9e:e6:fe:a9:06:6e:85:b8:e6:37:dd:a9:
d4:16:6d:28:1e:84:36:5f:06:f5:9c:bc:32:c5:81:72:3b:05:
b5:b1:e2:d4:e0:76:4f:b4:38:97:38:1d:92:91:fb:30:cb:06:
f9:d5:74:1d:78:24:9b:55:8d:55:fc:db:5c:41:34:8f:4e:f1:
ba:4b:a9:b3:21:9e:b2:13:1e:49:d4:c8:e6:25:b1:bd:27:6b:
59:2f:cd:d8:e4:dc:2d:fe:e9:07:87:60:d7:52:0f:4e:a0:a5:
17:35:59:88:ef:b9:7f:7c:b4:80:93:82:9b:f0:59:21:57:05:
d2:00:dc:69
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEBaLPYaKU2KsgOYIARJoCdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzMwMDIxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGYwMDRjMjI2ZmNlNmEwMDkyMzg2YWNjMWY4NTM0YmE4MmVjNTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuF6W+zawxGGwy7td9BGGf2ja5x4
5wEA/xRxhlAJ9dPvbUwQeyscfmHbEnsbeXTbM3Yz9X10IP6mhHTPNq0iwo7Eek3e
2L8r3aOx6Y7lzWDDRiPvuHmqLg0kV5z1T3S9rQOmVzStjRzXCDB/VhNvOcKvVrz1
qeiFSQisXsC/0sBlSlDUoax7t7+MwHGNsmomXo1F+2J1jitylkgBRyWS74ex5fyP
vydaEMDV53sRmouVrGkAx2z3/oSWysi+20XJHhCT4Cz6oA0cFDY3Gm4I6vl+74NM
x3N6qbnbbM17SsMXSZkjUZWKpFLFB8wOTtKPBayc3UtW3y/7c6qeTL1RJwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMDwBMIm/OagCSOGrMH4U0uoLsUhMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvd1BBRXdpYjg1cUFKSTRhc3dmaFRTNmd1eFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAYdmeTEf2L4GO9Y6s0/JqDrI1
CubNge3+LJsQZjbojYKnlnRc2ZVBU8UuUST04qgGnRNMVB2IOYkyAVmc7+e22+HB
Ik2limR3bY6Cz1v4XE1nfmIGwpAVP4clvh803RPUs1EbjrrH9OpD3aD32GebigXp
1zdzud5wD8BhHGHhmIs++ITcnub+qQZuhbjmN92p1BZtKB6ENl8G9Zy8MsWBcjsF
tbHi1OB2T7Q4lzgdkpH7MMsG+dV0HXgkm1WNVfzbXEE0j07xukupsyGeshMeSdTI
5iWxvSdrWS/N2OTcLf7pB4dg11IPTqClFzVZiO+5f3y0gJOCm/BZIVcF0gDcaQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:22 2025 by rpki-client