Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/YcA9bVoLwYeI32NLAkpuR7qgDlQ.roa
File: YcA9bVoLwYeI32NLAkpuR7qgDlQ.roa (raw, json)
Hash identifier: JLAyakMfdZ5Xke8HCU8KghsGWYMX+eSng2qOKj4FNKY=
Subject key identifier: 61:C0:3D:6D:5A:0B:C1:87:88:DF:63:4B:02:4A:6E:47:BA:A0:0E:54
Certificate issuer: /CN=21bfa77b3cd782933e5f255445d428adfbdca0e1
Certificate serial: 018CCA2B6F4A685A84DFC195318FA7AB5E03
Authority key identifier: 21:BF:A7:7B:3C:D7:82:93:3E:5F:25:54:45:D4:28:AD:FB:DC:A0:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ib-nezzXgpM-XyVURdQorfvcoOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/YcA9bVoLwYeI32NLAkpuR7qgDlQ.roa
Signing time: Tue 02 Jan 2024 12:34:53 +0000
ROA not before: Tue 02 Jan 2024 12:34:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13002
IP address blocks: 2a02:17e8::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:6f:4a:68:5a:84:df:c1:95:31:8f:a7:ab:5e:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bfa77b3cd782933e5f255445d428adfbdca0e1
Validity
Not Before: Jan 2 12:34:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61c03d6d5a0bc18788df634b024a6e47baa00e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9e:ce:67:b8:66:84:d8:45:2c:c1:a3:cd:40:
e6:e0:06:a5:11:02:83:3a:ed:26:2d:27:1a:7b:3f:
e3:b5:20:97:07:39:cf:a3:83:06:34:e7:bc:aa:79:
7f:02:51:b3:84:83:5d:b7:91:72:99:a4:23:35:09:
e2:7f:c6:8a:3a:a4:1b:36:77:96:8e:74:ef:78:e0:
9a:f3:bd:2e:a8:8a:12:ce:19:cb:1b:88:0d:f0:9e:
db:d4:dd:72:60:c5:f9:33:cc:03:19:98:6f:59:55:
f1:cb:08:85:cc:e9:b0:96:02:75:5b:2a:5d:da:36:
4f:f1:b8:4a:61:d0:70:2e:c2:f5:16:bc:39:01:9a:
17:0d:a5:4f:a6:58:ff:7f:1f:f4:2b:55:4a:6e:b8:
a2:b4:0f:03:e6:a5:72:24:0f:e1:fb:df:df:74:b7:
5c:36:0f:10:f0:9b:02:66:55:b6:bc:b2:5c:d8:24:
1e:c7:e2:66:36:24:d7:60:84:a6:b3:e5:3a:63:a8:
38:91:4f:47:0c:a8:f6:4b:c1:a2:b7:0c:f0:28:2f:
12:33:70:c2:45:ae:c1:b1:74:49:84:d0:44:b4:52:
dc:b7:10:1c:99:8a:79:f0:ab:82:b3:04:8d:2f:b1:
bb:e4:cf:45:d6:fa:c1:67:dd:e9:9d:a2:12:a3:67:
79:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C0:3D:6D:5A:0B:C1:87:88:DF:63:4B:02:4A:6E:47:BA:A0:0E:54
X509v3 Authority Key Identifier:
keyid:21:BF:A7:7B:3C:D7:82:93:3E:5F:25:54:45:D4:28:AD:FB:DC:A0:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ib-nezzXgpM-XyVURdQorfvcoOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/YcA9bVoLwYeI32NLAkpuR7qgDlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/Ib-nezzXgpM-XyVURdQorfvcoOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:17e8::/32
Signature Algorithm: sha256WithRSAEncryption
39:7e:80:19:c4:68:cb:3f:77:e4:d0:e5:b3:8d:cc:40:2b:05:
3b:74:05:4d:d9:9e:3e:b2:65:e9:c7:d1:a9:50:6d:68:ae:d6:
36:db:65:c8:6f:b2:5f:66:22:1c:5c:32:df:16:26:3e:3e:15:
a6:60:ee:c2:c8:7e:cb:e7:21:91:2f:b4:e6:e4:51:9c:53:09:
ed:06:b6:48:55:57:6a:62:3f:76:28:60:9a:e6:89:e2:51:09:
5d:5d:af:3e:7d:ef:94:e5:a1:71:b7:b5:ac:d0:e7:0d:4f:7b:
43:6b:94:de:31:c6:01:58:f7:74:1b:ae:6e:be:d1:19:7d:55:
af:03:51:be:ad:99:34:c2:b8:de:5b:c3:c8:4a:a3:b1:6d:e8:
97:36:25:16:51:69:34:a6:73:af:f4:06:59:91:df:09:e4:6e:
05:65:b3:52:bc:ca:5d:4d:6e:7f:c4:31:40:d1:3e:68:4e:0b:
31:26:b9:df:84:0c:02:76:29:b9:85:50:83:ef:84:c7:1b:8d:
56:bb:df:38:16:9c:16:77:73:4b:ff:92:96:b8:e0:56:23:f4:
fa:cb:40:fa:cf:4e:f8:6d:a0:9c:59:0b:72:98:20:24:e5:5c:
a6:5e:74:7d:c8:41:ec:4c:10:54:41:fb:21:9b:81:9b:f9:4d:
31:26:66:4a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzKK29KaFqE38GVMY+nq14DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmZhNzdiM2NkNzgyOTMzZTVmMjU1NDQ1ZDQyOGFkZmJk
Y2EwZTEwHhcNMjQwMTAyMTIzNDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWMwM2Q2ZDVhMGJjMTg3ODhkZjYzNGIwMjRhNmU0N2JhYTAwZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgp7OZ7hmhNhFLMGjzUDm4AalEQKD
Ou0mLScaez/jtSCXBznPo4MGNOe8qnl/AlGzhINdt5FymaQjNQnif8aKOqQbNneW
jnTveOCa870uqIoSzhnLG4gN8J7b1N1yYMX5M8wDGZhvWVXxywiFzOmwlgJ1Wypd
2jZP8bhKYdBwLsL1Frw5AZoXDaVPplj/fx/0K1VKbriitA8D5qVyJA/h+9/fdLdc
Ng8Q8JsCZlW2vLJc2CQex+JmNiTXYISms+U6Y6g4kU9HDKj2S8GitwzwKC8SM3DC
Ra7BsXRJhNBEtFLctxAcmYp58KuCswSNL7G75M9F1vrBZ93pnaISo2d5zwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGHAPW1aC8GHiN9jSwJKbke6oA5UMB8GA1UdIwQY
MBaAFCG/p3s814KTPl8lVEXUKK373KDhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWItbmV6elhncE0tWHlWVVJkUW9yZnZjb09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85YzdhZmYtZDgzZS00ZjUxLTliOTYt
NTQ4NGMzOWIyZDRlLzEvWWNBOWJWb0x3WWVJMzJOTEFrcHVSN3FnRGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85YzdhZmYtZDgzZS00ZjUxLTliOTYtNTQ4NGMzOWIyZDRl
LzEvSWItbmV6elhncE0tWHlWVVJkUW9yZnZjb09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgIX6DAN
BgkqhkiG9w0BAQsFAAOCAQEAOX6AGcRoyz935NDls43MQCsFO3QFTdmePrJl6cfR
qVBtaK7WNttlyG+yX2YiHFwy3xYmPj4VpmDuwsh+y+chkS+05uRRnFMJ7Qa2SFVX
amI/dihgmuaJ4lEJXV2vPn3vlOWhcbe1rNDnDU97Q2uU3jHGAVj3dBuubr7RGX1V
rwNRvq2ZNMK43lvDyEqjsW3olzYlFlFpNKZzr/QGWZHfCeRuBWWzUrzKXU1uf8Qx
QNE+aE4LMSa534QMAnYpuYVQg++ExxuNVrvfOBacFndzS/+SlrjgViP0+stA+s9O
+G2gnFkLcpggJOVcpl50fchB7EwQVEH7IZuBm/lNMSZmSg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:17:37 2025 by rpki-client