Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/YTLhdDyTBeRgGL1WH1NPZNdQ740.roa
File: YTLhdDyTBeRgGL1WH1NPZNdQ740.roa (raw, json)
Hash identifier: j6FdUoqPFA947hQdCRygq9Xl+y/VdbKQtkkHwLVtHp8=
Subject key identifier: 61:32:E1:74:3C:93:05:E4:60:18:BD:56:1F:53:4F:64:D7:50:EF:8D
Certificate issuer: /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial: 019425215455BD2785C3F35759582678BECB
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/YTLhdDyTBeRgGL1WH1NPZNdQ740.roa
Signing time: Thu 02 Jan 2025 03:48:48 +0000
ROA not before: Thu 02 Jan 2025 03:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a09:3903::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 11 Feb 2025 18:43:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:54:55:bd:27:85:c3:f3:57:59:58:26:78:be:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
Validity
Not Before: Jan 2 03:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6132e1743c9305e46018bd561f534f64d750ef8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7e:cd:71:d7:9b:cf:ff:86:8f:05:94:33:46:
a1:ab:4a:7f:6a:a0:5d:6c:df:a0:fd:19:cc:4c:a2:
04:51:e5:61:c9:1c:59:f0:ae:97:a4:58:69:8a:29:
fb:70:f9:a0:e6:51:50:23:17:d5:4c:ed:31:8e:4f:
56:c7:32:a2:e0:4b:d8:d4:f4:6d:98:d2:e0:4e:1d:
b9:81:66:6e:ca:9a:8a:89:35:25:fc:ba:5e:50:a4:
51:d4:e6:2a:76:94:b1:bf:c7:88:52:5e:9b:3f:54:
72:ee:0c:e7:0c:00:d4:8f:7d:1a:5a:0c:82:62:af:
3c:b2:f8:c5:5c:92:48:0e:38:09:c3:45:88:12:92:
64:a9:02:a4:01:ab:25:d7:97:fc:4d:e5:09:9a:d9:
2f:b9:e8:eb:5d:fb:98:94:a2:d4:88:a4:d7:74:d6:
24:9a:ef:f4:13:4d:d3:0e:1b:e0:26:b4:fc:ea:af:
28:e7:2b:0c:a0:08:39:04:4b:b8:1b:14:4e:8b:52:
a8:9c:0a:fe:0d:28:09:d1:c9:d0:d6:33:b5:1e:ed:
bc:f6:39:02:b4:eb:44:f1:15:14:6d:2d:31:d6:28:
d3:f2:f5:e8:91:c7:0f:70:7b:e2:62:ac:d8:ea:3e:
50:03:2f:c8:59:20:9c:2d:a2:ce:35:78:e3:6e:eb:
49:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:32:E1:74:3C:93:05:E4:60:18:BD:56:1F:53:4F:64:D7:50:EF:8D
X509v3 Authority Key Identifier:
keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/YTLhdDyTBeRgGL1WH1NPZNdQ740.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3903::/32
Signature Algorithm: sha256WithRSAEncryption
53:b6:ce:14:68:da:e7:3b:04:64:c9:db:b8:7e:02:20:38:07:
0f:1f:e2:e7:77:5b:7f:46:d2:16:0c:67:94:c8:5d:60:1b:92:
d7:4d:9e:35:06:43:ac:c2:20:9e:3e:38:62:50:be:68:cb:50:
92:38:ce:a9:fb:63:a4:fe:78:e8:d5:f6:39:bb:65:53:a5:59:
32:40:a2:78:0f:d8:a3:55:24:d5:d4:f6:e8:97:e0:bd:2a:c8:
82:e6:7d:5c:b9:57:ee:fa:ee:0f:2b:fb:45:da:b1:24:24:cd:
18:d2:b5:bd:06:fc:90:d1:32:db:4d:cf:09:a4:4a:41:12:19:
58:c4:0b:cf:1c:01:0a:d6:b5:d6:89:08:90:f0:c3:a0:ef:c7:
9b:01:ed:a0:3c:14:45:a9:59:d2:0e:75:cb:b7:60:8c:d6:ab:
5e:45:ec:36:49:1d:1f:fb:d8:1a:4d:1b:4a:4b:39:52:d6:be:
e8:86:18:0d:08:1a:6f:f3:3a:f5:fe:6c:d7:93:79:25:65:de:
dc:c6:f2:b8:67:a6:1f:85:e2:78:86:57:81:36:28:a3:08:39:
74:1d:72:ec:3f:55:eb:61:56:16:4e:18:58:a5:e6:49:95:ed:
4d:6e:bc:bb:20:d2:c2:b6:8d:6e:c3:38:5c:d1:20:36:43:20:
ce:0c:de:c0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQlIVRVvSeFw/NXWVgmeL7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjUwMTAyMDM0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTMyZTE3NDNjOTMwNWU0NjAxOGJkNTYxZjUzNGY2NGQ3NTBlZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxX7Ncdebz/+GjwWUM0ahq0p/aqBd
bN+g/RnMTKIEUeVhyRxZ8K6XpFhpiin7cPmg5lFQIxfVTO0xjk9WxzKi4EvY1PRt
mNLgTh25gWZuypqKiTUl/LpeUKRR1OYqdpSxv8eIUl6bP1Ry7gznDADUj30aWgyC
Yq88svjFXJJIDjgJw0WIEpJkqQKkAasl15f8TeUJmtkvuejrXfuYlKLUiKTXdNYk
mu/0E03TDhvgJrT86q8o5ysMoAg5BEu4GxROi1KonAr+DSgJ0cnQ1jO1Hu289jkC
tOtE8RUUbS0x1ijT8vXokccPcHviYqzY6j5QAy/IWSCcLaLONXjjbutJjwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGEy4XQ8kwXkYBi9Vh9TT2TXUO+NMB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEvWVRMaGREeVRCZVJnR0wxV0gxTlBaTmRRNzQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgk5AzAN
BgkqhkiG9w0BAQsFAAOCAQEAU7bOFGja5zsEZMnbuH4CIDgHDx/i53dbf0bSFgxn
lMhdYBuS102eNQZDrMIgnj44YlC+aMtQkjjOqftjpP546NX2ObtlU6VZMkCieA/Y
o1Uk1dT26JfgvSrIguZ9XLlX7vruDyv7RdqxJCTNGNK1vQb8kNEy203PCaRKQRIZ
WMQLzxwBCta11okIkPDDoO/HmwHtoDwURalZ0g51y7dgjNarXkXsNkkdH/vYGk0b
Sks5Uta+6IYYDQgab/M69f5s15N5JWXe3MbyuGemH4XieIZXgTYoowg5dB1y7D9V
62FWFk4YWKXmSZXtTW68uyDSwraNbsM4XNEgNkMgzgzewA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:16:39 2025 by rpki-client