Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/YGcAPr286Fz6KcJTq2KQi24yR-o.roa
File: YGcAPr286Fz6KcJTq2KQi24yR-o.roa (raw, json)
Hash identifier: fHOG2cGiYMCXKxF28pZpmOymZw5kZiWl99NqYQNAIec=
Subject key identifier: 60:67:00:3E:BD:BC:E8:5C:FA:29:C2:53:AB:62:90:8B:6E:32:47:EA
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 018B0657919DBDBD573E32AFD8E01648E566
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/YGcAPr286Fz6KcJTq2KQi24yR-o.roa
Signing time: Fri 06 Oct 2023 18:54:43 +0000
ROA not before: Fri 06 Oct 2023 18:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198275
IP address blocks: 2a0e:8f02:2240::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:06:57:91:9d:bd:bd:57:3e:32:af:d8:e0:16:48:e5:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Oct 6 18:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6067003ebdbce85cfa29c253ab62908b6e3247ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:fb:08:ce:3a:7f:e5:25:7b:1b:eb:b2:70:7e:
12:b2:e8:c2:17:69:51:89:8d:3f:3f:12:57:4f:22:
58:9a:e3:2a:e1:ae:0d:60:fa:d5:8b:3b:5d:1c:6a:
0c:a1:74:f7:be:d0:18:29:5a:e3:25:16:f4:e3:ab:
ba:6c:5a:24:c6:0b:60:2a:59:6d:44:54:cf:7d:e2:
53:b6:bc:04:f0:94:3a:8c:73:11:15:32:d7:47:be:
37:75:aa:0b:99:a2:f3:0a:c8:59:fd:e0:70:a3:9b:
92:bf:17:7f:20:e3:ec:04:a9:d3:f7:60:67:95:9b:
11:62:6e:d1:d5:42:30:bb:9b:7b:7a:23:01:23:f1:
c1:72:3d:de:53:1c:08:99:45:98:a2:7a:ef:40:ec:
bd:98:d3:24:20:8d:a9:72:66:ee:88:1e:60:da:f5:
35:2f:cd:5f:b7:80:64:1e:59:9e:f0:b7:ad:a3:26:
ee:35:cc:b9:c6:dc:d2:0c:c7:a8:33:19:49:bc:21:
35:5c:21:94:8b:6c:94:6d:b3:cb:dc:d1:55:e1:60:
f4:c5:12:61:39:ac:56:20:38:13:59:f7:36:ac:e4:
00:48:7e:24:00:51:82:1a:5b:9a:4d:ac:cc:1d:fb:
ff:13:e6:f7:26:12:e2:9a:32:5a:09:a1:8f:af:b1:
f3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:67:00:3E:BD:BC:E8:5C:FA:29:C2:53:AB:62:90:8B:6E:32:47:EA
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/YGcAPr286Fz6KcJTq2KQi24yR-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2240::/44
Signature Algorithm: sha256WithRSAEncryption
96:f7:72:4a:35:c5:36:eb:e9:5e:66:e1:3f:09:0b:03:70:f3:
4c:8a:5f:b8:5a:42:90:e2:db:0d:3b:55:4b:7d:a5:14:0c:ff:
75:31:62:47:03:85:73:09:b6:0f:ae:a7:00:06:b9:b4:d7:32:
7f:d0:42:86:51:e1:e6:27:33:52:45:e2:21:83:7a:c5:6e:9b:
ff:7c:d6:92:7b:58:35:48:da:9c:b7:5e:01:85:87:16:b4:09:
ef:a5:12:36:c9:c3:39:84:d0:89:ee:01:fd:64:6c:f3:ea:d5:
af:55:19:4a:f1:ec:e4:3a:a7:11:03:0b:7d:1d:22:ce:e3:b0:
df:68:86:a8:80:1f:78:02:8d:2b:df:52:e9:06:b0:e8:90:20:
e3:ee:d8:65:74:b8:38:e5:97:ae:ed:16:73:d4:09:9d:f7:79:
ff:d7:5d:fd:55:0b:b1:0a:ad:14:0b:24:cf:c1:97:da:ab:00:
cd:d1:0d:a4:4d:3e:ad:b1:b0:44:3a:0f:0c:79:b0:10:c2:16:
b3:08:88:ba:9e:57:21:1a:95:88:91:d2:4d:96:c3:fe:a3:23:
58:68:1f:a2:75:a8:0f:e1:3c:e5:0a:66:73:e5:c7:25:9a:c2:
cc:8f:54:0c:0f:13:26:15:23:d4:92:38:5a:b0:17:40:64:de:
27:53:79:14
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYsGV5Gdvb1XPjKv2OAWSOVmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMxMDA2MTg1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDY3MDAzZWJkYmNlODVjZmEyOWMyNTNhYjYyOTA4YjZlMzI0N2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvsIzjp/5SV7G+uycH4SsujCF2lR
iY0/PxJXTyJYmuMq4a4NYPrViztdHGoMoXT3vtAYKVrjJRb046u6bFokxgtgKllt
RFTPfeJTtrwE8JQ6jHMRFTLXR743daoLmaLzCshZ/eBwo5uSvxd/IOPsBKnT92Bn
lZsRYm7R1UIwu5t7eiMBI/HBcj3eUxwImUWYonrvQOy9mNMkII2pcmbuiB5g2vU1
L81ft4BkHlme8LetoybuNcy5xtzSDMeoMxlJvCE1XCGUi2yUbbPL3NFV4WD0xRJh
OaxWIDgTWfc2rOQASH4kAFGCGluaTazMHfv/E+b3JhLimjJaCaGPr7HzjQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGBnAD69vOhc+inCU6tikItuMkfqMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvWUdjQVByMjg2Rno2S2NKVHEyS1FpMjR5Ui1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiJA
MA0GCSqGSIb3DQEBCwUAA4IBAQCW93JKNcU26+leZuE/CQsDcPNMil+4WkKQ4tsN
O1VLfaUUDP91MWJHA4VzCbYPrqcABrm01zJ/0EKGUeHmJzNSReIhg3rFbpv/fNaS
e1g1SNqct14BhYcWtAnvpRI2ycM5hNCJ7gH9ZGzz6tWvVRlK8ezkOqcRAwt9HSLO
47DfaIaogB94Ao0r31LpBrDokCDj7thldLg45Zeu7RZz1Amd93n/1139VQuxCq0U
CyTPwZfaqwDN0Q2kTT6tsbBEOg8MebAQwhazCIi6nlchGpWIkdJNlsP+oyNYaB+i
dagP4TzlCmZz5cclmsLMj1QMDxMmFSPUkjhasBdAZN4nU3kU
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:00 2024 by rpki-client on console-ams.rpki-client.org