Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xybwYYmYabxwO1kqayDyeX2onzo.roa
File: xybwYYmYabxwO1kqayDyeX2onzo.roa (raw, json)
Hash identifier: IuxD8Dcc4JuKP6OWUZSo858rpjCMhKlMXj0Sqw8xZ0I=
Subject key identifier: C7:26:F0:61:89:98:69:BC:70:3B:59:2A:6B:20:F2:79:7D:A8:9F:3A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0192B2D37B83F111347E485DF1484FB5E3CD
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xybwYYmYabxwO1kqayDyeX2onzo.roa
Signing time: Tue 22 Oct 2024 06:04:17 +0000
ROA not before: Tue 22 Oct 2024 06:04:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:192:b2d3:6d0d/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 22 Oct 2024 06:10:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b2:d3:7b:83:f1:11:34:7e:48:5d:f1:48:4f:b5:e3:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Oct 22 06:04:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c726f061899869bc703b592a6b20f2797da89f3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:de:12:4b:0e:cc:f3:15:65:6b:6e:7a:3f:3d:
2d:41:38:5e:f9:5e:83:2e:e1:e3:93:eb:62:4b:0e:
bc:8d:6c:a1:0b:40:5b:1c:64:fa:ec:17:e3:90:34:
1a:93:72:00:74:ea:cd:cb:4c:3d:e9:e7:f4:18:89:
9d:9f:5c:92:72:16:69:ca:75:6b:d7:c0:02:2f:25:
2a:fa:09:18:ec:4c:bc:d4:04:1e:09:6a:b4:e1:54:
9d:e0:29:40:98:17:63:9f:da:7d:ca:ba:61:44:da:
ff:4e:93:02:e9:97:cf:d4:6f:d6:ee:9d:cd:08:0b:
2e:8f:ee:1d:55:ad:7a:29:3e:67:2f:c2:3a:4f:78:
da:a4:3a:75:79:c5:47:30:fb:0b:33:b0:46:89:5d:
e2:3f:f8:a3:42:25:db:54:d1:e2:88:f6:19:74:76:
4f:c1:71:6c:fb:fd:b9:cb:8c:77:eb:24:4e:2d:bc:
cb:3d:7e:e1:e2:c2:ca:ab:3b:6c:1e:85:c5:1a:a9:
81:26:ac:a2:1c:83:bf:2e:f5:24:d6:3f:44:bd:e4:
50:d2:b9:0f:08:09:5b:4c:b7:e5:32:fa:52:2d:1d:
6d:dc:48:0c:c2:e7:23:b5:e5:3d:2b:69:5b:bb:64:
b0:a5:95:e5:4e:6e:01:d6:77:48:a9:2b:ac:9e:2b:
7f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:26:F0:61:89:98:69:BC:70:3B:59:2A:6B:20:F2:79:7D:A8:9F:3A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xybwYYmYabxwO1kqayDyeX2onzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:192:b2d3:6d0d/128
Signature Algorithm: sha256WithRSAEncryption
19:3c:7e:06:eb:44:8e:09:3f:79:d1:26:1b:f9:38:bf:de:1c:
6e:99:46:2e:71:54:fb:0c:0b:32:04:67:aa:ab:b8:11:9b:21:
ce:df:35:b7:11:47:ed:fa:99:1f:c1:9d:c1:bc:21:a1:5d:ec:
6e:23:65:e3:67:f8:c6:f4:6e:7b:92:12:61:2d:df:ef:05:35:
30:2f:b5:b0:1b:c5:0c:5e:8c:00:a1:54:98:e4:05:b4:d4:3e:
46:67:6c:2a:60:49:68:e4:44:0a:8f:7d:05:d9:94:7f:ee:6c:
76:c9:b0:94:10:21:15:e4:f0:74:9e:de:92:81:92:2f:01:34:
4b:2d:7b:b9:c0:a6:d1:00:f6:00:4d:8f:47:d9:14:e6:44:24:
5b:00:4a:ca:9c:44:da:16:8e:3b:b7:bd:2b:32:ea:bd:ae:7c:
3f:22:0b:24:3b:02:eb:d1:be:4f:85:6a:6d:c4:74:47:ee:56:
62:59:e2:61:9d:98:1e:17:f5:d3:83:5d:ad:78:5a:b3:28:30:
e0:c6:15:db:96:f7:02:c9:41:2c:ed:15:fc:03:c7:60:89:56:
cf:13:c0:54:71:28:e3:46:86:9b:27:ef:2a:98:86:6c:26:f6:
e2:71:11:3b:5c:30:d0:6b:c7:59:8a:91:b9:0e:48:a4:e9:48:
b3:15:5c:82
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZKy03uD8RE0fkhd8UhPtePNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMDIyMDYwNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzI2ZjA2MTg5OTg2OWJjNzAzYjU5MmE2YjIwZjI3OTdkYTg5ZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsN4SSw7M8xVla256Pz0tQThe+V6D
LuHjk+tiSw68jWyhC0BbHGT67BfjkDQak3IAdOrNy0w96ef0GImdn1ySchZpynVr
18ACLyUq+gkY7Ey81AQeCWq04VSd4ClAmBdjn9p9yrphRNr/TpMC6ZfP1G/W7p3N
CAsuj+4dVa16KT5nL8I6T3japDp1ecVHMPsLM7BGiV3iP/ijQiXbVNHiiPYZdHZP
wXFs+/25y4x36yROLbzLPX7h4sLKqztsHoXFGqmBJqyiHIO/LvUk1j9EveRQ0rkP
CAlbTLflMvpSLR1t3EgMwucjteU9K2lbu2SwpZXlTm4B1ndIqSusnit/3QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMcm8GGJmGm8cDtZKmsg8nl9qJ86MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveHlid1lZbVlhYnh3TzFrcWF5RHllWDJvbnpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGSstNtDTANBgkqhkiG9w0BAQsFAAOCAQEAGTx+ButEjgk/edEmG/k4v94c
bplGLnFU+wwLMgRnqqu4EZshzt81txFH7fqZH8GdwbwhoV3sbiNl42f4xvRue5IS
YS3f7wU1MC+1sBvFDF6MAKFUmOQFtNQ+RmdsKmBJaORECo99BdmUf+5sdsmwlBAh
FeTwdJ7ekoGSLwE0Sy17ucCm0QD2AE2PR9kU5kQkWwBKypxE2haOO7e9KzLqva58
PyILJDsC69G+T4VqbcR0R+5WYlniYZ2YHhf104NdrXhasygw4MYV25b3AslBLO0V
/APHYIlWzxPAVHEo40aGmyfvKpiGbCb24nERO1ww0GvHWYqRuQ5IpOlIsxVcgg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:07:18 2025 by rpki-client