Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wXfPMlRUq6ielgFYZZioD0F-wCs.roa
File: wXfPMlRUq6ielgFYZZioD0F-wCs.roa (raw, json)
Hash identifier: qn4+pes1wgexd5N1prjkhvfLs6pWndOCRjeGqg9ew88=
Subject key identifier: C1:77:CF:32:54:54:AB:A8:9E:96:01:58:65:98:A8:0F:41:7E:C0:2B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019129F6C8444DBA92B4BBEAB06108AE1B0E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wXfPMlRUq6ielgFYZZioD0F-wCs.roa
Signing time: Tue 06 Aug 2024 23:12:04 +0000
ROA not before: Tue 06 Aug 2024 23:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 07 Aug 2024 00:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:29:f6:c8:44:4d:ba:92:b4:bb:ea:b0:61:08:ae:1b:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 6 23:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c177cf325454aba89e9601586598a80f417ec02b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1a:14:ff:0e:61:d7:15:df:bd:1d:a3:9d:f7:
86:9d:98:62:74:05:df:f0:d1:11:97:30:38:96:f3:
ec:06:4b:d3:9c:60:97:63:67:a9:b5:4b:62:a7:85:
5b:11:2a:e7:2e:60:d2:14:73:4c:73:71:7a:ee:a6:
e4:a6:f8:bd:75:34:46:9f:7b:9a:47:e8:07:6e:cc:
c5:4a:bf:d5:8a:ba:82:14:00:f4:34:3e:95:25:01:
a1:69:79:db:6d:54:22:30:06:07:56:62:f9:03:e5:
c3:92:d4:36:cb:a7:bd:89:7f:64:e0:92:00:78:06:
8f:55:68:a3:d2:52:35:18:a2:6d:56:e9:27:53:21:
d2:90:46:d8:33:fc:3e:7f:29:b9:fe:56:6e:cf:b6:
d8:89:23:46:20:99:4a:55:c4:60:77:dd:f8:1a:6f:
0d:53:ee:7d:92:03:34:2d:47:9e:6c:ed:40:ed:8d:
38:a5:1b:0c:4e:a8:05:25:15:16:41:0d:ed:80:29:
43:82:b5:b0:77:9a:6e:23:87:4d:07:10:c1:84:b5:
99:a2:3c:c8:87:93:7a:4e:1d:3b:28:06:2b:9d:c1:
19:d4:77:78:44:82:9b:9c:cf:db:a4:5d:1f:c3:0a:
97:73:9f:83:99:66:16:76:73:c9:ee:03:94:c3:2d:
b2:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:77:CF:32:54:54:AB:A8:9E:96:01:58:65:98:A8:0F:41:7E:C0:2B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wXfPMlRUq6ielgFYZZioD0F-wCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
41:f0:35:f7:57:55:5c:ed:66:5e:2f:cf:4e:ea:db:00:d9:32:
97:44:16:da:e8:d2:4d:ed:8c:f8:03:fc:77:ce:20:ff:f6:6b:
33:1d:ba:bf:8f:c7:1f:88:48:9e:95:b4:ec:03:20:39:07:6e:
ee:0a:c0:53:1f:06:45:29:2b:af:7c:da:b4:63:da:e1:30:f0:
37:8e:f4:d8:38:8a:87:16:3a:f4:41:11:51:79:f0:2f:7e:ca:
8f:9b:d1:a1:ef:ba:a8:1e:40:26:64:d3:8b:94:56:84:64:2f:
84:a3:24:be:5d:54:c2:d9:be:69:83:2a:d4:06:7f:88:cd:ee:
2d:19:23:e0:9e:93:63:81:b9:88:f2:18:af:0e:32:03:8d:cc:
c5:79:02:fd:7f:4b:5f:a9:e1:a0:07:84:07:5d:bf:5a:a4:28:
55:4c:a2:e5:62:2d:98:7d:85:1f:13:3a:7f:f9:a3:3d:e7:ef:
a0:b0:62:eb:f4:0d:71:8e:03:11:db:98:ec:f5:c1:4e:00:40:
5a:4a:0f:86:47:8e:e9:64:5c:1a:26:05:3a:1a:85:52:3f:34:
63:53:9c:2b:30:34:1c:61:07:41:e2:fa:fe:79:f4:d6:d2:61:
64:f7:9a:1b:3c:87:f4:fc:e0:2f:bd:a2:e5:e1:8c:5f:a4:78:
df:f5:3a:51
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEp9shETbqStLvqsGEIrhsOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA2MjMxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTc3Y2YzMjU0NTRhYmE4OWU5NjAxNTg2NTk4YTgwZjQxN2VjMDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBoU/w5h1xXfvR2jnfeGnZhidAXf
8NERlzA4lvPsBkvTnGCXY2eptUtip4VbESrnLmDSFHNMc3F67qbkpvi9dTRGn3ua
R+gHbszFSr/VirqCFAD0ND6VJQGhaXnbbVQiMAYHVmL5A+XDktQ2y6e9iX9k4JIA
eAaPVWij0lI1GKJtVuknUyHSkEbYM/w+fym5/lZuz7bYiSNGIJlKVcRgd934Gm8N
U+59kgM0LUeebO1A7Y04pRsMTqgFJRUWQQ3tgClDgrWwd5puI4dNBxDBhLWZojzI
h5N6Th07KAYrncEZ1Hd4RIKbnM/bpF0fwwqXc5+DmWYWdnPJ7gOUwy2ySQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMF3zzJUVKuonpYBWGWYqA9BfsArMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvd1hmUE1sUlVxNmllbGdGWVpaaW9EMEYtd0NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAQfA191dVXO1mXi/PTurbANky
l0QW2ujSTe2M+AP8d84g//ZrMx26v4/HH4hInpW07AMgOQdu7grAUx8GRSkrr3za
tGPa4TDwN4702DiKhxY69EERUXnwL37Kj5vRoe+6qB5AJmTTi5RWhGQvhKMkvl1U
wtm+aYMq1AZ/iM3uLRkj4J6TY4G5iPIYrw4yA43MxXkC/X9LX6nhoAeEB12/WqQo
VUyi5WItmH2FHxM6f/mjPefvoLBi6/QNcY4DEduY7PXBTgBAWkoPhkeO6WRcGiYF
OhqFUj80Y1OcKzA0HGEHQeL6/nn01tJhZPeaGzyH9PzgL72i5eGMX6R43/U6UQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:35 2025 by rpki-client