Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/YVIOJaVb3GoqvgOVKYPoiaZBZ_g.roa
File: YVIOJaVb3GoqvgOVKYPoiaZBZ_g.roa (raw, json)
Hash identifier: S7HMy3Abd2xxSrb5jrCaoRGD3hGAfZ94lpLT7l7ObZU=
Subject key identifier: 61:52:0E:25:A5:5B:DC:6A:2A:BE:03:95:29:83:E8:89:A6:41:67:F8
Certificate issuer: /CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
Certificate serial: 018B1DE73E3485D4B65717639D72A69FF72F
Authority key identifier: D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/YVIOJaVb3GoqvgOVKYPoiaZBZ_g.roa
Signing time: Wed 11 Oct 2023 08:42:55 +0000
ROA not before: Wed 11 Oct 2023 08:42:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212786
IP address blocks: 2a05:e600::/29 maxlen: 29
2a09:cac0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1d:e7:3e:34:85:d4:b6:57:17:63:9d:72:a6:9f:f7:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
Validity
Not Before: Oct 11 08:42:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61520e25a55bdc6a2abe03952983e889a64167f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:80:2a:b1:ca:2a:81:2f:d2:2b:56:de:39:9d:
70:03:64:13:6a:f6:9a:aa:d8:da:48:ff:7c:51:4b:
44:0a:ee:4c:a3:91:22:75:2a:44:39:fe:c7:47:ef:
37:84:d2:09:7c:bf:59:4d:42:96:26:ba:d7:b3:46:
1a:72:72:44:44:36:25:ed:9f:18:3d:5a:37:c9:6a:
7c:b3:90:ef:c0:16:a5:68:d6:f8:0f:a5:53:26:84:
6f:32:84:f2:57:57:45:9c:e4:af:b7:18:31:de:c8:
27:9d:8c:d1:dc:37:90:a4:6d:ce:31:c1:72:c3:d2:
33:dc:df:11:3d:82:15:87:50:84:0b:d5:18:45:cc:
e3:6f:68:c4:01:d6:03:b4:65:b5:b3:7e:f7:cd:08:
e4:e1:c5:d4:fd:9b:27:3f:dd:78:bb:5f:04:4a:b1:
4d:e8:32:90:1e:2d:86:32:de:30:02:b9:04:6d:80:
08:53:31:98:69:23:e1:a3:31:d1:60:ff:39:df:7b:
bc:3a:27:2d:67:be:95:de:c8:2d:3b:4b:20:17:2f:
8f:8b:ba:c3:18:73:10:27:f6:7c:6e:ed:ee:e1:44:
2b:ca:1e:2c:bd:4f:93:f5:69:d7:11:5a:c8:14:6c:
d4:a3:46:55:dc:e8:dc:33:8f:d3:17:3a:08:fc:86:
d2:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:52:0E:25:A5:5B:DC:6A:2A:BE:03:95:29:83:E8:89:A6:41:67:F8
X509v3 Authority Key Identifier:
keyid:D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/YVIOJaVb3GoqvgOVKYPoiaZBZ_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:e600::/29
2a09:cac0::/29
Signature Algorithm: sha256WithRSAEncryption
10:4f:df:de:1c:1f:ca:54:27:24:72:55:80:c9:4e:ad:57:50:
ba:83:0f:20:f4:eb:e8:18:23:be:a5:be:e5:cf:c9:90:7f:71:
f2:6b:86:f8:44:47:2c:34:e5:55:c3:39:06:ab:5f:8e:cd:d2:
8e:32:61:79:a6:27:b3:fb:55:b0:97:43:0d:dc:81:2a:7a:31:
ca:d5:bd:d7:ef:83:73:56:58:18:cb:78:cc:18:d3:df:b4:10:
7d:1c:88:b2:5a:81:ce:f1:f9:92:1f:67:f4:f9:a5:e6:8f:ca:
8d:db:5d:a0:e0:f3:6a:b4:ad:22:d8:43:93:3d:c4:e2:45:9f:
8f:5c:32:64:b7:f6:76:ca:83:a3:0e:79:ed:66:9a:67:ef:e3:
b8:68:e3:00:fa:35:c3:0d:ab:ae:cc:4c:44:b2:ea:af:9a:e5:
f9:11:b5:23:e4:98:fe:ea:ad:46:77:5d:47:53:72:c2:5b:2f:
50:ba:cb:43:a2:d0:05:6c:4e:54:2c:da:c7:c8:f6:7b:0c:5d:
91:1c:f5:16:33:c2:69:74:c4:9a:41:9a:7e:9d:1b:80:f6:19:
f7:b0:98:35:fb:b0:de:6f:2d:bd:ff:61:6b:69:8f:bf:d1:25:
c6:09:07:aa:56:e8:33:9f:51:b2:25:c6:2f:53:65:74:40:0a:
c9:47:87:33
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYsd5z40hdS2VxdjnXKmn/cvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZTY3MzNmYTIzOWM1ZmIwYzQzOGM4MmY3YzIzMGY1NWQ0
NzhjYjEwHhcNMjMxMDExMDg0MjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTUyMGUyNWE1NWJkYzZhMmFiZTAzOTUyOTgzZTg4OWE2NDE2N2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoAqscoqgS/SK1beOZ1wA2QTavaa
qtjaSP98UUtECu5Mo5EidSpEOf7HR+83hNIJfL9ZTUKWJrrXs0YacnJERDYl7Z8Y
PVo3yWp8s5DvwBalaNb4D6VTJoRvMoTyV1dFnOSvtxgx3sgnnYzR3DeQpG3OMcFy
w9Iz3N8RPYIVh1CEC9UYRczjb2jEAdYDtGW1s373zQjk4cXU/ZsnP914u18ESrFN
6DKQHi2GMt4wArkEbYAIUzGYaSPhozHRYP8533u8OictZ76V3sgtO0sgFy+Pi7rD
GHMQJ/Z8bu3u4UQryh4svU+T9WnXEVrIFGzUo0ZV3OjcM4/TFzoI/IbSZQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGFSDiWlW9xqKr4DlSmD6ImmQWf4MB8GA1UdIwQY
MBaAFNXmcz+iOcX7DEOMgvfCMPVdR4yxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQt
YTM4YjY3OTVmYjI0LzEvWVZJT0phVmIzR29xdmdPVktZUG9pYVpCWl9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQtYTM4YjY3OTVmYjI0
LzEvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgXmAAMF
AyoJysAwDQYJKoZIhvcNAQELBQADggEBABBP394cH8pUJyRyVYDJTq1XULqDDyD0
6+gYI76lvuXPyZB/cfJrhvhERyw05VXDOQarX47N0o4yYXmmJ7P7VbCXQw3cgSp6
McrVvdfvg3NWWBjLeMwY09+0EH0ciLJagc7x+ZIfZ/T5peaPyo3bXaDg82q0rSLY
Q5M9xOJFn49cMmS39nbKg6MOee1mmmfv47ho4wD6NcMNq67MTESy6q+a5fkRtSPk
mP7qrUZ3XUdTcsJbL1C6y0Oi0AVsTlQs2sfI9nsMXZEc9RYzwml0xJpBmn6dG4D2
GfewmDX7sN5vLb3/YWtpj7/RJcYJB6pW6DOfUbIlxi9TZXRACslHhzM=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:28 2024 by rpki-client on console-ams.rpki-client.org