Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/yLz6BtuVfapWSFzZN8wR0QfWSQE.roa
File: yLz6BtuVfapWSFzZN8wR0QfWSQE.roa (raw, json)
Hash identifier: bqLQ0GMLV2A4QHozjXDUAP3enEVZF5hj3dHdwbs/8xU=
Subject key identifier: C8:BC:FA:06:DB:95:7D:AA:56:48:5C:D9:37:CC:11:D1:07:D6:49:01
Certificate issuer: /CN=c6ff541cf364193a2a00ada14244acd34c14038a
Certificate serial: 0193A79C0E3FA9A2B270BE5283DAE39B866C
Authority key identifier: C6:FF:54:1C:F3:64:19:3A:2A:00:AD:A1:42:44:AC:D3:4C:14:03:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xv9UHPNkGToqAK2hQkSs00wUA4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/yLz6BtuVfapWSFzZN8wR0QfWSQE.roa
Signing time: Sun 08 Dec 2024 18:50:42 +0000
ROA not before: Sun 08 Dec 2024 18:50:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29632
IP address blocks: 2001:67c:1874::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a7:9c:0e:3f:a9:a2:b2:70:be:52:83:da:e3:9b:86:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6ff541cf364193a2a00ada14244acd34c14038a
Validity
Not Before: Dec 8 18:50:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8bcfa06db957daa56485cd937cc11d107d64901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fa:fe:66:cd:bc:00:ef:9d:ee:44:2b:80:6b:
f8:5e:51:d0:66:0a:fa:51:8c:ca:ba:18:97:e9:e6:
d4:d5:41:d5:bc:bb:cc:de:08:53:f6:6f:23:54:d2:
f1:f9:9d:ce:a0:f4:17:70:0e:f5:53:3b:04:d8:89:
38:5e:98:94:a9:ad:06:74:4f:a7:12:5c:ca:fd:16:
c4:75:77:e5:e1:08:ff:b0:ce:69:21:7d:06:79:15:
af:bd:55:40:ac:26:7b:05:c2:91:bb:e9:de:cd:16:
61:79:ea:da:af:0b:d1:25:8d:49:c6:79:cd:2b:52:
80:d2:63:e8:e3:a4:a9:08:4d:32:6a:66:b5:8b:7f:
af:7e:ac:7a:07:44:6c:c4:c5:62:62:cc:b0:f1:08:
52:71:2c:ea:de:6b:df:89:e0:20:0e:1f:63:9f:72:
dc:8d:0d:52:3b:34:66:a8:99:7c:a3:1d:2e:3a:50:
f5:7e:af:dc:d7:d9:a1:8f:99:c4:59:4e:b3:a0:79:
d1:3b:30:a7:b3:80:29:26:fd:57:97:24:d7:68:b9:
10:36:a6:cb:c0:0c:d6:6f:dd:51:5e:3b:c2:c8:26:
19:25:a7:a1:38:01:5b:15:7d:eb:42:05:c5:6e:e0:
01:6d:76:70:63:19:f4:d0:6d:66:ac:3b:01:71:8b:
e5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:BC:FA:06:DB:95:7D:AA:56:48:5C:D9:37:CC:11:D1:07:D6:49:01
X509v3 Authority Key Identifier:
keyid:C6:FF:54:1C:F3:64:19:3A:2A:00:AD:A1:42:44:AC:D3:4C:14:03:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xv9UHPNkGToqAK2hQkSs00wUA4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/yLz6BtuVfapWSFzZN8wR0QfWSQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/xv9UHPNkGToqAK2hQkSs00wUA4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1874::/48
Signature Algorithm: sha256WithRSAEncryption
21:a8:aa:85:f7:4c:5c:4e:92:af:8d:17:c8:fb:fa:55:8a:7d:
85:50:64:a0:e1:f2:cc:7f:43:31:ea:6c:13:d4:f0:6b:91:e8:
d4:7f:8d:33:b7:94:6e:67:76:38:5b:19:2e:a2:c2:67:b4:a3:
d1:4b:eb:a3:6b:8d:91:28:1a:f3:58:7a:dd:9a:56:c0:7c:ec:
db:69:c2:fb:e0:3f:90:c3:7d:07:4e:23:96:49:b5:a3:e5:53:
5b:35:c2:f4:49:08:90:6b:2c:f6:04:dc:f5:41:d6:ab:c4:98:
4b:aa:06:8f:36:c4:55:20:ef:12:a3:70:20:fe:68:1a:cb:de:
e6:fb:eb:8f:49:79:13:ad:42:b8:8f:a6:b8:fa:aa:d6:0e:8d:
dd:fa:ba:61:f7:bd:11:97:b6:0c:0a:28:66:7e:6a:68:5d:de:
8c:d2:3f:03:2e:2a:f0:82:57:6f:0e:13:5b:bf:86:57:fc:2e:
4e:71:1f:38:73:c1:fc:19:95:5b:73:8b:29:b7:09:8d:a3:17:
23:41:f1:bc:d3:46:d2:e6:67:b2:a8:c6:b1:2d:f1:66:f9:2c:
0e:26:0f:ea:34:82:06:8c:4d:8a:fc:18:65:c7:c9:74:51:ac:
9b:a3:8d:a6:49:48:49:36:3f:d8:1c:b4:d2:59:ba:24:a8:9a:
7d:63:92:7d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZOnnA4/qaKycL5Sg9rjm4ZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZmY1NDFjZjM2NDE5M2EyYTAwYWRhMTQyNDRhY2QzNGMx
NDAzOGEwHhcNMjQxMjA4MTg1MDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGJjZmEwNmRiOTU3ZGFhNTY0ODVjZDkzN2NjMTFkMTA3ZDY0OTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPr+Zs28AO+d7kQrgGv4XlHQZgr6
UYzKuhiX6ebU1UHVvLvM3ghT9m8jVNLx+Z3OoPQXcA71UzsE2Ik4XpiUqa0GdE+n
ElzK/RbEdXfl4Qj/sM5pIX0GeRWvvVVArCZ7BcKRu+nezRZheerarwvRJY1JxnnN
K1KA0mPo46SpCE0yama1i3+vfqx6B0RsxMViYsyw8QhScSzq3mvfieAgDh9jn3Lc
jQ1SOzRmqJl8ox0uOlD1fq/c19mhj5nEWU6zoHnROzCns4ApJv1XlyTXaLkQNqbL
wAzWb91RXjvCyCYZJaehOAFbFX3rQgXFbuABbXZwYxn00G1mrDsBcYvljwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMi8+gbblX2qVkhc2TfMEdEH1kkBMB8GA1UdIwQY
MBaAFMb/VBzzZBk6KgCtoUJErNNMFAOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHY5VUhQTmtHVG9xQUsyaFFrU3MwMHdVQTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8zOWEwMjItZmFlZC00Mzc2LThiZTYt
MmE1ZTk4YWJkMWYzLzEveUx6NkJ0dVZmYXBXU0Z6Wk44d1IwUWZXU1FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8zOWEwMjItZmFlZC00Mzc2LThiZTYtMmE1ZTk4YWJkMWYz
LzEveHY5VUhQTmtHVG9xQUsyaFFrU3MwMHdVQTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBh0
MA0GCSqGSIb3DQEBCwUAA4IBAQAhqKqF90xcTpKvjRfI+/pVin2FUGSg4fLMf0Mx
6mwT1PBrkejUf40zt5RuZ3Y4WxkuosJntKPRS+uja42RKBrzWHrdmlbAfOzbacL7
4D+Qw30HTiOWSbWj5VNbNcL0SQiQayz2BNz1QdarxJhLqgaPNsRVIO8So3Ag/mga
y97m++uPSXkTrUK4j6a4+qrWDo3d+rph970Rl7YMCihmfmpoXd6M0j8DLirwgldv
DhNbv4ZX/C5OcR84c8H8GZVbc4sptwmNoxcjQfG800bS5meyqMaxLfFm+SwOJg/q
NIIGjE2K/Bhlx8l0Uaybo42mSUhJNj/YHLTSWbokqJp9Y5J9
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:27:13 2025 by rpki-client