Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/yh6jrwdYhOAkssn46k3cl3FZVQM.roa
File: yh6jrwdYhOAkssn46k3cl3FZVQM.roa (raw, json)
Hash identifier: bvE3GrLWAMQhoVn83OUzDHCAkGM+Kyn9ts+56uVkp58=
Subject key identifier: CA:1E:A3:AF:07:58:84:E0:24:B2:C9:F8:EA:4D:DC:97:71:59:55:03
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01856CE65CC28E53D4CE05367F5F29A2A1C0
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/yh6jrwdYhOAkssn46k3cl3FZVQM.roa
Signing time: Sun 01 Jan 2023 10:35:14 +0000
ROA not before: Sun 01 Jan 2023 10:35:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50013
IP address blocks: 2a01:5a8:2:2::/64 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:5c:c2:8e:53:d4:ce:05:36:7f:5f:29:a2:a1:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 10:35:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca1ea3af075884e024b2c9f8ea4ddc9771595503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2b:f6:19:2c:58:5f:24:51:fa:4f:a4:cc:43:
41:27:ed:7e:d2:85:e0:28:16:30:f8:14:e1:74:83:
7c:f8:34:25:be:7d:5c:1d:82:df:1b:f2:4f:1a:45:
de:cd:e0:d2:cd:4f:7d:d0:cb:be:a5:e3:d0:9c:cf:
b3:03:05:51:78:39:23:f4:6c:c2:9b:0d:5a:36:b3:
12:16:05:72:75:c8:41:3d:ce:5b:4d:8e:ac:cc:ca:
ed:27:34:be:48:9d:49:b1:7e:13:81:ed:74:09:0b:
fd:df:ae:f2:ff:31:82:d9:b2:d7:0b:d9:53:05:f1:
39:10:28:26:d6:23:ef:c1:f4:86:ee:d3:f8:68:9e:
88:cb:b1:95:74:ca:d3:84:a6:62:32:bb:43:45:53:
35:50:bf:b0:14:8e:a1:a7:61:2e:a2:92:2e:d8:19:
55:9f:ea:55:a9:2f:ee:10:5c:46:6f:f7:fa:01:c6:
3e:be:6c:35:75:04:9f:40:74:b2:21:6b:3f:81:03:
a4:1a:d1:a1:a6:00:28:3e:f2:00:e3:bb:51:b9:2e:
a4:98:84:b6:f9:a6:36:35:b0:94:07:77:cc:f9:10:
38:ad:61:06:7d:37:64:19:98:58:7e:d9:48:96:27:
b8:22:98:ed:ba:d7:54:19:dc:fb:51:9c:a9:41:2e:
50:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:1E:A3:AF:07:58:84:E0:24:B2:C9:F8:EA:4D:DC:97:71:59:55:03
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/yh6jrwdYhOAkssn46k3cl3FZVQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:5a8:2:2::/64
Signature Algorithm: sha256WithRSAEncryption
4c:9f:da:95:16:df:10:c3:b7:c1:0b:6c:46:16:3e:64:47:b2:
d4:5f:0f:7e:54:c5:aa:1b:b6:51:ef:d5:4f:31:0d:b8:e4:6f:
97:38:57:5e:93:b7:be:49:18:6c:ba:29:7c:46:f5:8a:3d:14:
a8:9a:01:02:96:52:8d:b6:e8:56:39:f7:be:bc:bc:09:09:3d:
ee:4f:b8:3e:34:12:b7:a5:92:56:f0:bc:13:36:23:f6:77:c2:
69:51:46:8f:1b:12:bc:10:24:75:66:e6:e0:63:17:31:2e:ae:
dd:15:51:1f:2b:1b:c4:a8:a1:ec:d2:88:c5:24:75:c8:e9:82:
5a:ea:91:80:c3:c5:f1:6c:27:da:23:ed:83:c8:92:99:12:47:
cd:c5:af:d4:be:3b:69:d3:6a:fb:85:7c:76:fc:20:86:d8:33:
38:63:15:c3:1b:7c:52:20:08:c8:c7:8d:8b:c1:cf:0f:07:5f:
12:16:53:4e:d0:3a:d7:5b:d9:51:a5:2b:35:67:9d:1e:ed:49:
8a:bf:1b:03:57:77:c9:0d:70:53:26:1f:25:73:1c:c0:91:20:
39:0c:e2:72:c2:00:0d:6a:e5:c5:22:df:39:be:97:c9:4c:a8:
3a:6e:c2:dd:27:a7:fa:5b:52:4e:c9:77:78:70:6d:06:37:f8:
d7:95:90:75
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYVs5lzCjlPUzgU2f18poqHAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTAxMTAzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTFlYTNhZjA3NTg4NGUwMjRiMmM5ZjhlYTRkZGM5NzcxNTk1NTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCv2GSxYXyRR+k+kzENBJ+1+0oXg
KBYw+BThdIN8+DQlvn1cHYLfG/JPGkXezeDSzU990Mu+pePQnM+zAwVReDkj9GzC
mw1aNrMSFgVydchBPc5bTY6szMrtJzS+SJ1JsX4Tge10CQv9367y/zGC2bLXC9lT
BfE5ECgm1iPvwfSG7tP4aJ6Iy7GVdMrThKZiMrtDRVM1UL+wFI6hp2EuopIu2BlV
n+pVqS/uEFxGb/f6AcY+vmw1dQSfQHSyIWs/gQOkGtGhpgAoPvIA47tRuS6kmIS2
+aY2NbCUB3fM+RA4rWEGfTdkGZhYftlIlie4IpjtutdUGdz7UZypQS5QDQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFMoeo68HWITgJLLJ+OpN3JdxWVUDMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEveWg2anJ3ZFloT0Frc3NuNDZrM2NsM0ZaVlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAAjALAwkAKgEFqAAC
AAIwDQYJKoZIhvcNAQELBQADggEBAEyf2pUW3xDDt8ELbEYWPmRHstRfD35Uxaob
tlHv1U8xDbjkb5c4V16Tt75JGGy6KXxG9Yo9FKiaAQKWUo226FY59768vAkJPe5P
uD40ErelklbwvBM2I/Z3wmlRRo8bErwQJHVm5uBjFzEurt0VUR8rG8SooezSiMUk
dcjpglrqkYDDxfFsJ9oj7YPIkpkSR83Fr9S+O2nTavuFfHb8IIbYMzhjFcMbfFIg
CMjHjYvBzw8HXxIWU07QOtdb2VGlKzVnnR7tSYq/GwNXd8kNcFMmHyVzHMCRIDkM
4nLCAA1q5cUi3zm+l8lMqDpuwt0np/pbUk7Jd3hwbQY3+NeVkHU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:54 2024 by rpki-client on console-ams.rpki-client.org