Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yOVMDqT9M7-tsism2Mc54PPXEsY.roa
File: yOVMDqT9M7-tsism2Mc54PPXEsY.roa (raw, json)
Hash identifier: HpHnngHAwdgcnEB6RLBxGSjXAe7TgYWa85BLF59feBU=
Subject key identifier: C8:E5:4C:0E:A4:FD:33:BF:AD:B2:2B:26:D8:C7:39:E0:F3:D7:12:C6
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01917A37A05214FA74F1E6864A311C8E9A40
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yOVMDqT9M7-tsism2Mc54PPXEsY.roa
Signing time: Thu 22 Aug 2024 13:12:31 +0000
ROA not before: Thu 22 Aug 2024 13:12:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 22 Aug 2024 14:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7a:37:a0:52:14:fa:74:f1:e6:86:4a:31:1c:8e:9a:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 22 13:12:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8e54c0ea4fd33bfadb22b26d8c739e0f3d712c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fc:1a:16:87:f8:80:77:68:88:cf:d0:f6:6c:
16:ad:b0:2c:1b:77:31:83:15:67:e6:f5:a9:b2:7b:
19:32:36:75:d7:fe:3f:16:5d:1f:87:48:fc:67:b4:
9a:1e:be:90:01:52:d3:59:e8:21:c5:ed:d9:0c:8b:
51:e5:67:54:e6:ef:67:8d:88:8a:e3:1a:6d:c1:e6:
6b:bb:15:01:8c:61:3a:57:e3:e1:fa:99:d0:b4:a7:
19:c9:61:27:bc:4b:63:3f:60:7f:15:20:25:a8:14:
63:02:27:fd:fa:f3:16:36:a9:ab:e6:b5:f8:5f:40:
2e:bb:b0:66:a0:b3:6b:d8:8e:c0:ee:b5:1b:cf:35:
df:0c:d8:1c:84:46:2e:2e:52:ba:4d:64:1f:1c:79:
94:4c:83:d4:fe:d1:e5:d4:29:4a:80:4b:de:42:47:
b3:75:55:a3:70:6a:14:84:41:22:a3:b5:f7:9f:6c:
ee:ae:c4:87:f3:8d:51:c3:f5:c4:b3:5b:6a:72:0f:
e0:39:d8:99:f5:d5:ac:db:4f:da:d7:9b:d5:31:bc:
50:1e:35:4d:bd:e1:9b:89:86:85:e1:ae:18:fc:19:
e9:59:e2:d4:0d:41:f3:c2:08:b9:43:6e:50:6c:bf:
b3:e5:ae:98:d1:8e:0f:76:dd:9b:0a:27:91:83:25:
e1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:E5:4C:0E:A4:FD:33:BF:AD:B2:2B:26:D8:C7:39:E0:F3:D7:12:C6
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yOVMDqT9M7-tsism2Mc54PPXEsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
59:81:29:a1:5d:2c:a5:22:32:27:75:2a:59:4d:f2:e5:ff:25:
bf:5c:79:58:08:d0:4f:ff:d5:fc:52:0e:dd:c4:75:54:e3:44:
37:46:21:9a:02:9d:a6:ee:c3:02:65:37:7e:e7:cf:6a:ee:c1:
e4:34:47:85:89:0b:e8:a3:fd:27:a0:3c:0d:9a:70:e6:79:37:
5d:73:6a:c2:14:76:c8:5e:ce:ac:40:d4:aa:02:17:20:6b:82:
03:2d:e5:3d:45:18:7d:49:d5:d9:66:81:ad:8a:2d:4e:4a:0d:
b9:51:70:13:1f:84:69:12:aa:b3:a8:90:2c:16:6c:b8:4a:79:
07:80:f3:59:b5:92:a3:08:01:53:bb:43:5f:ff:02:20:34:67:
b9:0e:91:b8:6e:80:4a:9a:40:04:27:a1:b7:2a:23:7d:c8:29:
53:79:d5:9c:0e:5c:63:92:83:dc:e5:67:a7:36:53:cf:99:e5:
19:c0:71:4b:78:1d:2c:69:1a:7a:a1:54:89:12:41:e3:64:49:
ca:31:d5:90:c3:44:ee:39:0b:34:53:0c:7b:75:31:26:02:03:
ce:2c:aa:38:c3:04:9e:27:8e:93:5e:0c:b8:12:b8:ec:aa:ee:
10:31:92:29:80:83:a0:73:99:3c:85:07:84:e8:e8:c3:3f:67:
16:60:1c:11
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZF6N6BSFPp08eaGSjEcjppAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODIyMTMxMjMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGU1NGMwZWE0ZmQzM2JmYWRiMjJiMjZkOGM3MzllMGYzZDcxMmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/waFof4gHdoiM/Q9mwWrbAsG3cx
gxVn5vWpsnsZMjZ11/4/Fl0fh0j8Z7SaHr6QAVLTWeghxe3ZDItR5WdU5u9njYiK
4xptweZruxUBjGE6V+Ph+pnQtKcZyWEnvEtjP2B/FSAlqBRjAif9+vMWNqmr5rX4
X0Auu7BmoLNr2I7A7rUbzzXfDNgchEYuLlK6TWQfHHmUTIPU/tHl1ClKgEveQkez
dVWjcGoUhEEio7X3n2zursSH841Rw/XEs1tqcg/gOdiZ9dWs20/a15vVMbxQHjVN
veGbiYaF4a4Y/BnpWeLUDUHzwgi5Q25QbL+z5a6Y0Y4Pdt2bCieRgyXheQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMjlTA6k/TO/rbIrJtjHOeDz1xLGMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveU9WTURxVDlNNy10c2lzbTJNYzU0UFBYRXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAWYEpoV0spSIyJ3UqWU3y5f8l
v1x5WAjQT//V/FIO3cR1VONEN0YhmgKdpu7DAmU3fufPau7B5DRHhYkL6KP9J6A8
DZpw5nk3XXNqwhR2yF7OrEDUqgIXIGuCAy3lPUUYfUnV2WaBrYotTkoNuVFwEx+E
aRKqs6iQLBZsuEp5B4DzWbWSowgBU7tDX/8CIDRnuQ6RuG6ASppABCehtyojfcgp
U3nVnA5cY5KD3OVnpzZTz5nlGcBxS3gdLGkaeqFUiRJB42RJyjHVkMNE7jkLNFMM
e3UxJgIDziyqOMMEnieOk14MuBK47KruEDGSKYCDoHOZPIUHhOjowz9nFmAcEQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:42:05 2025 by rpki-client