Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/RY7YMyxrHOr2CB8wHzShA96G9HY.roa
File: RY7YMyxrHOr2CB8wHzShA96G9HY.roa (raw, json)
Hash identifier: KlFcdX9qijQE40j4qVfMdHWUleYIWM3rYMw97YQcNtU=
Subject key identifier: 45:8E:D8:33:2C:6B:1C:EA:F6:08:1F:30:1F:34:A1:03:DE:86:F4:76
Certificate issuer: /CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
Certificate serial: 018CC64ACBEDBEBE8B524FE838D1109DA754
Authority key identifier: 12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/RY7YMyxrHOr2CB8wHzShA96G9HY.roa
Signing time: Mon 01 Jan 2024 18:30:39 +0000
ROA not before: Mon 01 Jan 2024 18:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a06:4c00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:cb:ed:be:be:8b:52:4f:e8:38:d1:10:9d:a7:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
Validity
Not Before: Jan 1 18:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=458ed8332c6b1ceaf6081f301f34a103de86f476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:2f:18:d0:e3:48:23:71:6c:9e:26:12:3c:fc:
d0:75:18:2f:83:61:17:54:ee:a6:aa:b0:60:da:eb:
f4:76:09:36:ff:6e:47:f3:50:25:3a:d3:65:b9:91:
fb:3a:1b:1e:cb:ec:d1:6f:e8:1e:c2:50:ba:46:0a:
1d:48:52:98:db:7e:91:6d:dc:42:4e:b7:a0:bd:48:
7b:b4:97:68:5e:57:33:a6:82:24:a4:dc:c3:00:b2:
b9:8e:ab:1f:03:f7:c7:94:38:cf:59:04:9b:93:da:
c5:0a:b2:2f:a4:19:47:58:48:96:3b:87:11:76:6d:
ca:f7:9c:5a:cb:15:d6:b8:9d:7a:0b:ca:a5:98:e1:
c9:21:34:0a:c9:2e:a6:f8:b7:8d:b5:5b:b5:35:77:
22:5e:74:d1:52:f1:a6:e6:98:f8:b8:6d:56:fe:14:
6a:7d:03:bb:5f:91:2a:c9:fb:0f:9b:fc:3f:e6:cd:
67:84:ca:c2:a3:82:8c:7f:c4:65:27:41:71:d6:17:
40:35:12:1f:42:3f:7e:16:54:1f:d9:e3:00:cb:e1:
b7:0a:12:dc:f7:b0:f7:65:21:fd:15:e2:06:11:db:
e1:05:47:c8:b4:99:1c:1d:e8:6b:e6:48:65:bf:2a:
b9:87:35:6d:e4:f6:53:61:35:ec:58:95:55:2b:b6:
bc:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:8E:D8:33:2C:6B:1C:EA:F6:08:1F:30:1F:34:A1:03:DE:86:F4:76
X509v3 Authority Key Identifier:
keyid:12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/RY7YMyxrHOr2CB8wHzShA96G9HY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/EhSn4qjHASMlrpc-0aK7oFsrucE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:4c00::/32
Signature Algorithm: sha256WithRSAEncryption
d2:78:28:cc:87:bc:32:38:70:44:f9:d8:9a:42:53:49:0d:45:
bd:ff:c1:68:57:71:18:5c:b8:50:52:a6:58:ca:dd:99:ae:91:
d5:71:54:65:28:55:6b:04:12:1c:35:4b:b9:35:06:15:cb:7f:
28:0d:e0:5b:32:cb:ea:b3:cb:c1:ac:b3:8f:77:47:50:ea:bf:
6f:ba:2d:55:12:c9:b7:2b:4c:df:a3:b4:27:2f:6a:f5:a8:f7:
67:4e:c9:dd:72:95:f8:a1:02:26:95:36:40:a1:ab:89:f7:68:
f1:7c:80:9d:e9:19:9e:d2:01:09:77:d1:77:d4:16:b5:58:3e:
47:fe:e9:96:4b:00:a6:29:5c:59:01:e9:85:6c:c8:87:14:6c:
36:3c:a1:bd:d0:05:3a:57:c8:72:47:34:59:39:48:ab:33:f2:
6a:b0:85:e5:14:62:e4:67:78:bf:ce:44:20:2e:aa:f9:77:6c:
c3:57:68:64:93:75:76:80:a9:23:33:3a:5b:17:e0:00:9d:6b:
04:22:5c:84:95:df:d3:f9:b0:44:0c:ba:5f:91:59:3e:76:69:
c0:e8:ba:2f:cf:b2:90:9c:b9:76:11:6c:74:2f:4a:65:43:df:
02:27:18:70:8e:84:e2:3b:95:8a:18:d7:28:17:be:2c:55:a5:
3f:fb:9d:98
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzGSsvtvr6LUk/oONEQnadUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMTRhN2UyYThjNzAxMjMyNWFlOTczZWQxYTJiYmEwNWIy
YmI5YzEwHhcNMjQwMTAxMTgzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NThlZDgzMzJjNmIxY2VhZjYwODFmMzAxZjM0YTEwM2RlODZmNDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzS8Y0ONII3FsniYSPPzQdRgvg2EX
VO6mqrBg2uv0dgk2/25H81AlOtNluZH7Ohsey+zRb+gewlC6RgodSFKY236RbdxC
TregvUh7tJdoXlczpoIkpNzDALK5jqsfA/fHlDjPWQSbk9rFCrIvpBlHWEiWO4cR
dm3K95xayxXWuJ16C8qlmOHJITQKyS6m+LeNtVu1NXciXnTRUvGm5pj4uG1W/hRq
fQO7X5EqyfsPm/w/5s1nhMrCo4KMf8RlJ0Fx1hdANRIfQj9+FlQf2eMAy+G3ChLc
97D3ZSH9FeIGEdvhBUfItJkcHehr5khlvyq5hzVt5PZTYTXsWJVVK7a8XwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEWO2DMsaxzq9ggfMB80oQPehvR2MB8GA1UdIwQY
MBaAFBIUp+KoxwEjJa6XPtGiu6BbK7nBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQt
ZTljMzY0OWMxMjE4LzEvUlk3WU15eHJIT3IyQ0I4d0h6U2hBOTZHOUhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQtZTljMzY0OWMxMjE4
LzEvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgZMADAN
BgkqhkiG9w0BAQsFAAOCAQEA0ngozIe8MjhwRPnYmkJTSQ1Fvf/BaFdxGFy4UFKm
WMrdma6R1XFUZShVawQSHDVLuTUGFct/KA3gWzLL6rPLwayzj3dHUOq/b7otVRLJ
tytM36O0Jy9q9aj3Z07J3XKV+KECJpU2QKGrifdo8XyAnekZntIBCXfRd9QWtVg+
R/7plksApilcWQHphWzIhxRsNjyhvdAFOlfIckc0WTlIqzPyarCF5RRi5Gd4v85E
IC6q+Xdsw1doZJN1doCpIzM6WxfgAJ1rBCJchJXf0/mwRAy6X5FZPnZpwOi6L8+y
kJy5dhFsdC9KZUPfAicYcI6E4juVihjXKBe+LFWlP/udmA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:41:26 2025 by rpki-client