Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/YGUyggd276ifEzLgGuNBhysZ8os.roa
File: YGUyggd276ifEzLgGuNBhysZ8os.roa (raw, json)
Hash identifier: db24x2dD8kq16ZXpeqlqc8xpB25R4L5rhpiEcHZxYFE=
Subject key identifier: 60:65:32:82:07:76:EF:A8:9F:13:32:E0:1A:E3:41:87:2B:19:F2:8B
Certificate issuer: /CN=4eaf14b67e051cfbd5e1b1d51693d44682392792
Certificate serial: 01856AF7EFB1186E4CACB52C5BF2A5066D3D
Authority key identifier: 4E:AF:14:B6:7E:05:1C:FB:D5:E1:B1:D5:16:93:D4:46:82:39:27:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tq8Utn4FHPvV4bHVFpPURoI5J5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/YGUyggd276ifEzLgGuNBhysZ8os.roa
Signing time: Sun 01 Jan 2023 01:35:11 +0000
ROA not before: Sun 01 Jan 2023 01:35:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209718
IP address blocks: 2001:678:c44::/48 maxlen: 48
2001:678:c6c::/48 maxlen: 48
2001:67c:2ea8::/48 maxlen: 48
2001:67c:2908::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6a:f7:ef:b1:18:6e:4c:ac:b5:2c:5b:f2:a5:06:6d:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4eaf14b67e051cfbd5e1b1d51693d44682392792
Validity
Not Before: Jan 1 01:35:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=606532820776efa89f1332e01ae341872b19f28b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:28:93:01:6d:98:82:ce:fa:32:d6:97:9a:d4:
4a:9a:f9:21:5b:ba:c5:ea:aa:55:f7:da:0d:b5:1c:
5d:dd:95:b2:35:05:d9:79:3d:cb:b0:70:a0:d4:42:
51:d2:e3:3d:56:62:91:d6:a6:40:4b:d3:52:fe:e7:
37:eb:c2:fd:91:8d:7e:5e:2e:3d:6b:93:bc:59:07:
94:36:16:8e:d5:4f:9c:c5:e6:9c:5d:25:28:66:d3:
03:fa:75:f1:cc:02:52:17:53:e0:bc:2d:dc:5e:db:
b9:32:bd:ca:c1:e2:3c:30:00:14:97:f0:83:4a:74:
af:3e:e4:5f:93:ea:f9:7e:13:3b:52:94:7a:68:47:
5b:eb:02:b0:df:13:d3:43:92:92:56:84:15:9b:e5:
7d:ca:9b:9c:51:c9:7b:de:4b:14:5c:c3:36:12:9a:
53:37:52:66:9c:01:9b:94:20:09:3d:09:e6:17:5e:
80:fd:a6:d4:b8:49:47:ee:d6:ad:1e:d7:84:f2:63:
a3:28:18:41:3e:1d:c1:e7:e9:52:68:93:de:c2:57:
35:26:0c:f8:d8:b0:61:96:43:d8:ca:ab:31:b7:50:
6c:9e:8e:49:48:d2:d1:4d:fb:d5:80:26:cb:53:b1:
01:65:17:76:61:dd:66:fe:c8:68:89:d4:d8:d5:f6:
2c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:65:32:82:07:76:EF:A8:9F:13:32:E0:1A:E3:41:87:2B:19:F2:8B
X509v3 Authority Key Identifier:
keyid:4E:AF:14:B6:7E:05:1C:FB:D5:E1:B1:D5:16:93:D4:46:82:39:27:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tq8Utn4FHPvV4bHVFpPURoI5J5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/YGUyggd276ifEzLgGuNBhysZ8os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/Tq8Utn4FHPvV4bHVFpPURoI5J5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:c44::/48
2001:678:c6c::/48
2001:67c:2908::/48
2001:67c:2ea8::/48
Signature Algorithm: sha256WithRSAEncryption
70:04:98:b5:0c:20:92:b6:9a:c6:a8:c4:71:c3:f5:3c:0e:24:
43:9b:81:a5:a6:fe:a4:71:2e:2f:6c:ab:f2:ed:cd:d5:33:8d:
20:10:0d:a1:33:a1:80:04:1d:6c:2f:f8:84:2b:48:1d:13:43:
3c:f7:3e:47:e5:15:cc:62:9e:3c:d3:3c:e8:81:5b:06:a3:f6:
f5:e3:88:9e:eb:1d:c0:2d:4f:81:54:6a:8a:41:fb:dd:6c:99:
29:48:ea:30:e4:e8:a6:fd:1f:b6:5c:cb:73:85:d2:e8:e7:71:
81:e0:58:3e:8f:0c:ea:bd:3c:1a:84:fb:f9:5a:25:18:e0:3b:
e4:fc:d6:c3:fa:7e:47:7c:0a:fe:b7:7d:a7:a0:34:ad:a6:cb:
f6:85:c9:82:cf:32:3a:1b:05:11:9a:63:fd:73:55:9f:d5:cf:
eb:94:d0:90:0c:ee:ce:28:b7:45:08:ba:16:3e:cd:12:25:32:
e4:4a:a2:5a:e3:74:b1:0a:96:95:53:a5:63:fb:95:84:6d:4a:
ca:c9:d4:ba:6d:06:62:e4:2e:af:77:56:70:ac:94:41:f9:ab:
1c:ee:22:44:df:da:7b:d9:f6:82:fa:4c:31:7b:db:71:ca:3e:
a3:40:ca:0e:9a:d5:d2:8d:c7:f0:1d:d9:e8:e9:36:4b:3d:b0:
bd:bc:6e:60
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVq9++xGG5MrLUsW/KlBm09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYWYxNGI2N2UwNTFjZmJkNWUxYjFkNTE2OTNkNDQ2ODIz
OTI3OTIwHhcNMjMwMTAxMDEzNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDY1MzI4MjA3NzZlZmE4OWYxMzMyZTAxYWUzNDE4NzJiMTlmMjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7SiTAW2Ygs76MtaXmtRKmvkhW7rF
6qpV99oNtRxd3ZWyNQXZeT3LsHCg1EJR0uM9VmKR1qZAS9NS/uc368L9kY1+Xi49
a5O8WQeUNhaO1U+cxeacXSUoZtMD+nXxzAJSF1PgvC3cXtu5Mr3KweI8MAAUl/CD
SnSvPuRfk+r5fhM7UpR6aEdb6wKw3xPTQ5KSVoQVm+V9ypucUcl73ksUXMM2EppT
N1JmnAGblCAJPQnmF16A/abUuElH7tatHteE8mOjKBhBPh3B5+lSaJPewlc1Jgz4
2LBhlkPYyqsxt1Bsno5JSNLRTfvVgCbLU7EBZRd2Yd1m/shoidTY1fYsQQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGBlMoIHdu+onxMy4BrjQYcrGfKLMB8GA1UdIwQY
MBaAFE6vFLZ+BRz71eGx1RaT1EaCOSeSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHE4VXRuNEZIUHZWNGJIVkZwUFVSb0k1SjVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS84Y2Y1MWMtNTRkNy00YzNhLTkwYzQt
YmQ1MTJlZDU4Zjc4LzEvWUdVeWdnZDI3NmlmRXpMZ0d1TkJoeXNaOG9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS84Y2Y1MWMtNTRkNy00YzNhLTkwYzQtYmQ1MTJlZDU4Zjc4
LzEvVHE4VXRuNEZIUHZWNGJIVkZwUFVSb0k1SjVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAIAEGeAxE
AwcAIAEGeAxsAwcAIAEGfCkIAwcAIAEGfC6oMA0GCSqGSIb3DQEBCwUAA4IBAQBw
BJi1DCCStprGqMRxw/U8DiRDm4Glpv6kcS4vbKvy7c3VM40gEA2hM6GABB1sL/iE
K0gdE0M89z5H5RXMYp480zzogVsGo/b144ie6x3ALU+BVGqKQfvdbJkpSOow5Oim
/R+2XMtzhdLo53GB4Fg+jwzqvTwahPv5WiUY4Dvk/NbD+n5HfAr+t32noDStpsv2
hcmCzzI6GwURmmP9c1Wf1c/rlNCQDO7OKLdFCLoWPs0SJTLkSqJa43SxCpaVU6Vj
+5WEbUrKydS6bQZi5C6vd1ZwrJRB+asc7iJE39p72faC+kwxe9txyj6jQMoOmtXS
jcfwHdno6TZLPbC9vG5g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:18 2024 by rpki-client on console-fra.rpki-client.org