Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/yvm-nHRJX-RYQal-u8RyYNH53fI.roa
File: yvm-nHRJX-RYQal-u8RyYNH53fI.roa (raw, json)
Hash identifier: VmiN6bts3uegH6J9bsKwJsSPV8Izi4eg0yuKAwUy78s=
Subject key identifier: CA:F9:BE:9C:74:49:5F:E4:58:41:A9:7E:BB:C4:72:60:D1:F9:DD:F2
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018573900F813D31DAC16D17DA54ACEF3A23
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/yvm-nHRJX-RYQal-u8RyYNH53fI.roa
Signing time: Mon 02 Jan 2023 17:38:19 +0000
ROA not before: Mon 02 Jan 2023 17:38:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212154
IP address blocks: 2a0b:b87:ffa2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:90:0f:81:3d:31:da:c1:6d:17:da:54:ac:ef:3a:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=caf9be9c74495fe45841a97ebbc47260d1f9ddf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:51:85:37:38:5c:b3:b6:e2:e9:13:ec:7c:3a:
3b:ac:08:16:3c:2b:ca:3b:c8:a4:9f:65:ce:7b:31:
9f:36:94:68:da:c2:34:2c:a6:6d:49:31:ee:6e:8b:
a7:0b:75:c7:1a:be:f0:52:a3:82:33:34:f9:f4:51:
d4:76:27:cc:64:49:45:c8:57:dd:82:39:5d:66:f7:
8c:93:f1:d5:37:57:f3:f3:b6:7b:89:ae:1e:98:21:
13:bd:d7:42:fa:11:c4:14:5d:d9:02:e1:8e:70:11:
a3:64:1d:d4:8e:66:92:5d:6c:14:3a:20:d8:21:c9:
cb:56:66:ec:00:16:a0:52:f5:c8:02:59:4d:e5:01:
d4:28:aa:e8:cc:20:6f:56:fe:7a:7d:32:3f:5c:af:
04:ec:55:99:db:76:26:6c:3c:75:88:f8:4f:3d:e0:
fe:c2:8b:e0:e3:5c:cd:61:91:96:0b:3a:1a:7a:40:
37:d5:5a:d1:68:c6:55:d3:88:3c:09:3d:01:0b:40:
82:73:7f:07:67:77:fb:31:40:77:ba:70:23:a8:7f:
4c:82:05:44:66:fa:9d:8e:c8:91:b5:4c:fe:d8:8d:
fa:19:70:b4:01:ec:f7:cf:69:75:fa:f6:9c:81:f5:
c2:81:cd:ac:a6:7a:68:a5:5a:79:cf:d2:a6:96:b4:
96:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F9:BE:9C:74:49:5F:E4:58:41:A9:7E:BB:C4:72:60:D1:F9:DD:F2
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/yvm-nHRJX-RYQal-u8RyYNH53fI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffa2::/48
Signature Algorithm: sha256WithRSAEncryption
aa:b5:b6:4f:d4:a5:1e:d6:c5:06:f3:8a:35:64:e9:fa:78:bc:
71:51:e6:f4:52:8f:c4:5d:23:a5:16:1c:ef:e4:ef:5b:4f:d3:
6c:45:50:59:4b:1a:97:ae:90:2a:90:49:87:ef:0d:a2:90:6c:
00:6f:6f:32:05:72:f6:37:02:61:fe:a7:39:16:34:a2:e9:d6:
72:4a:35:fd:12:2d:9d:ba:53:21:d9:04:4b:d4:6a:3a:4e:30:
55:78:d5:4d:4c:8e:d2:7f:10:d1:25:13:a2:e7:a9:e6:8d:41:
c2:8d:b1:11:ef:a3:8a:d4:3e:f4:84:1d:96:67:da:14:a7:c6:
e5:db:66:a8:16:67:3a:33:c0:51:dd:80:a1:8d:e4:d4:05:55:
19:fe:f2:a0:4f:6b:ab:36:6d:10:aa:db:16:01:51:02:37:65:
30:1d:42:7c:16:f7:4b:fb:f5:b3:49:7e:fc:7c:00:f6:e7:c6:
df:e5:a3:7c:62:64:12:e7:13:e4:6e:e9:6d:05:7e:ec:9f:12:
4f:c3:02:dd:7a:f0:57:ec:40:ae:bb:18:4e:6a:37:cb:02:f3:
d1:e3:95:6e:ec:2d:1f:56:ab:69:40:f6:fa:05:79:9c:a7:06:
d0:07:05:ea:96:dc:d7:36:1f:e3:f6:f2:09:4f:6a:2e:2a:0f:
b6:4f:ea:ea
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzkA+BPTHawW0X2lSs7zojMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWY5YmU5Yzc0NDk1ZmU0NTg0MWE5N2ViYmM0NzI2MGQxZjlkZGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVGFNzhcs7bi6RPsfDo7rAgWPCvK
O8ikn2XOezGfNpRo2sI0LKZtSTHubounC3XHGr7wUqOCMzT59FHUdifMZElFyFfd
gjldZveMk/HVN1fz87Z7ia4emCETvddC+hHEFF3ZAuGOcBGjZB3UjmaSXWwUOiDY
IcnLVmbsABagUvXIAllN5QHUKKrozCBvVv56fTI/XK8E7FWZ23YmbDx1iPhPPeD+
wovg41zNYZGWCzoaekA31VrRaMZV04g8CT0BC0CCc38HZ3f7MUB3unAjqH9MggVE
ZvqdjsiRtUz+2I36GXC0Aez3z2l1+vacgfXCgc2spnpopVp5z9KmlrSWGwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMr5vpx0SV/kWEGpfrvEcmDR+d3yMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEveXZtLW5IUkpYLVJZUWFsLXU4UnlZTkg1M2ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh/+i
MA0GCSqGSIb3DQEBCwUAA4IBAQCqtbZP1KUe1sUG84o1ZOn6eLxxUeb0Uo/EXSOl
Fhzv5O9bT9NsRVBZSxqXrpAqkEmH7w2ikGwAb28yBXL2NwJh/qc5FjSi6dZySjX9
Ei2dulMh2QRL1Go6TjBVeNVNTI7SfxDRJROi56nmjUHCjbER76OK1D70hB2WZ9oU
p8bl22aoFmc6M8BR3YChjeTUBVUZ/vKgT2urNm0QqtsWAVECN2UwHUJ8FvdL+/Wz
SX78fAD258bf5aN8YmQS5xPkbultBX7snxJPwwLdevBX7ECuuxhOajfLAvPR45Vu
7C0fVqtpQPb6BXmcpwbQBwXqltzXNh/j9vIJT2ouKg+2T+rq
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:34 2024 by rpki-client on console-ams.rpki-client.org