Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/026914-1612-45f4-acdf-2acb9d17c11c/1/YQlz2zfyjGXuDytX6qybFytAnxg.roa
File: YQlz2zfyjGXuDytX6qybFytAnxg.roa (raw, json)
Hash identifier: qaM9RWO4vUQxdYVkxWZJSw88xPT8U8AsRwaW2b5IxPY=
Subject key identifier: 61:09:73:DB:37:F2:8C:65:EE:0F:2B:57:EA:AC:9B:17:2B:40:9F:18
Certificate issuer: /CN=ca3348abf173d2774c8942008cadf6d6012a3d52
Certificate serial: 0190885790DDEE2A573FB28D1E44C6E8689E
Authority key identifier: CA:33:48:AB:F1:73:D2:77:4C:89:42:00:8C:AD:F6:D6:01:2A:3D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjNIq_Fz0ndMiUIAjK321gEqPVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/026914-1612-45f4-acdf-2acb9d17c11c/1/YQlz2zfyjGXuDytX6qybFytAnxg.roa
Signing time: Sat 06 Jul 2024 13:59:18 +0000
ROA not before: Sat 06 Jul 2024 13:59:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216417
IP address blocks: 2a04:5040::/32 maxlen: 32
2a04:5040:0:1::/64 maxlen: 64
2a04:5040:6001::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 08 Aug 2024 14:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:88:57:90:dd:ee:2a:57:3f:b2:8d:1e:44:c6:e8:68:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca3348abf173d2774c8942008cadf6d6012a3d52
Validity
Not Before: Jul 6 13:59:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=610973db37f28c65ee0f2b57eaac9b172b409f18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8c:54:8a:9e:ac:80:2e:ec:7a:d5:00:d9:cc:
84:17:ed:5e:5b:27:74:6c:37:fc:62:0a:26:c1:99:
97:2b:00:53:2f:79:fc:54:7d:71:87:5b:09:66:83:
a6:58:0a:58:86:c3:45:9f:a7:64:91:35:9d:4c:fb:
50:c0:64:ae:38:6d:bd:51:a1:a6:79:69:99:2a:0f:
32:c0:4a:f7:5d:d3:42:62:7f:05:d2:b4:d8:93:f8:
08:02:13:3b:59:0d:e5:1d:59:46:52:72:74:6a:6a:
44:f7:c5:d3:3f:14:7e:89:1b:bb:c0:c2:8a:87:1d:
d1:86:c2:35:46:40:b0:72:71:49:bb:27:bb:19:ee:
d0:ba:0d:2a:b3:9d:e6:76:25:38:24:c0:8f:4e:bf:
4b:33:6b:24:9f:59:c7:88:69:8b:28:7e:a5:42:99:
08:35:23:d6:7e:7f:b0:92:e8:76:8b:0f:89:d3:45:
66:81:05:d4:6d:a2:b9:60:ad:59:c0:39:04:b8:e8:
02:79:3a:82:8d:b2:45:bf:d7:2a:17:69:fe:94:d9:
eb:d1:25:45:08:a0:53:5a:7a:97:d4:f3:ea:29:22:
64:79:e9:13:d6:95:48:31:6c:52:72:67:55:59:e1:
c5:71:61:5d:3a:38:0f:41:68:5e:c9:53:87:e9:d9:
98:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:09:73:DB:37:F2:8C:65:EE:0F:2B:57:EA:AC:9B:17:2B:40:9F:18
X509v3 Authority Key Identifier:
keyid:CA:33:48:AB:F1:73:D2:77:4C:89:42:00:8C:AD:F6:D6:01:2A:3D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjNIq_Fz0ndMiUIAjK321gEqPVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/026914-1612-45f4-acdf-2acb9d17c11c/1/YQlz2zfyjGXuDytX6qybFytAnxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/026914-1612-45f4-acdf-2acb9d17c11c/1/yjNIq_Fz0ndMiUIAjK321gEqPVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:5040::/32
Signature Algorithm: sha256WithRSAEncryption
45:41:fd:6d:42:a0:af:34:fd:7f:d1:35:6e:2b:5a:e5:0e:9a:
33:ec:b2:83:b0:b5:f3:10:49:ac:fb:93:a9:3f:58:b9:b2:a5:
2d:2f:90:21:17:83:ae:88:1a:3b:3c:53:81:48:db:a5:4f:cd:
d4:1a:05:4f:bb:41:38:b9:95:d6:68:4e:90:30:3b:ac:02:52:
f9:3a:8c:7b:38:79:55:9a:4f:50:8f:4f:58:52:b6:10:cd:4d:
a2:4c:46:b7:06:ab:ad:3e:ff:a3:db:87:c6:be:07:98:62:0d:
df:50:21:99:62:43:df:42:8a:6f:21:6e:56:53:a4:98:c0:47:
35:9c:68:6f:76:40:71:41:81:8d:0b:52:36:28:df:9a:b5:ac:
cc:25:10:cc:00:85:a1:1a:43:f2:03:90:b7:c1:da:da:f5:7b:
e6:80:b4:bc:65:79:7a:44:35:21:cf:d9:ab:d5:48:f6:3e:ac:
ba:08:4a:60:2d:2a:45:fb:9f:fc:63:86:0a:b8:dd:0f:84:44:
12:04:ba:5e:20:da:50:28:74:84:d3:94:30:19:cb:48:43:2e:
92:9c:df:7c:88:04:22:9d:27:51:0b:d3:b0:fe:d6:36:39:d6:
61:39:8d:e8:07:39:a5:37:98:8b:99:62:7f:aa:01:15:81:08:
2f:e3:14:79
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZCIV5Dd7ipXP7KNHkTG6GieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMzM0OGFiZjE3M2QyNzc0Yzg5NDIwMDhjYWRmNmQ2MDEy
YTNkNTIwHhcNMjQwNzA2MTM1OTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTA5NzNkYjM3ZjI4YzY1ZWUwZjJiNTdlYWFjOWIxNzJiNDA5ZjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYxUip6sgC7setUA2cyEF+1eWyd0
bDf8YgomwZmXKwBTL3n8VH1xh1sJZoOmWApYhsNFn6dkkTWdTPtQwGSuOG29UaGm
eWmZKg8ywEr3XdNCYn8F0rTYk/gIAhM7WQ3lHVlGUnJ0ampE98XTPxR+iRu7wMKK
hx3RhsI1RkCwcnFJuye7Ge7Qug0qs53mdiU4JMCPTr9LM2skn1nHiGmLKH6lQpkI
NSPWfn+wkuh2iw+J00VmgQXUbaK5YK1ZwDkEuOgCeTqCjbJFv9cqF2n+lNnr0SVF
CKBTWnqX1PPqKSJkeekT1pVIMWxScmdVWeHFcWFdOjgPQWheyVOH6dmYxwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGEJc9s38oxl7g8rV+qsmxcrQJ8YMB8GA1UdIwQY
MBaAFMozSKvxc9J3TIlCAIyt9tYBKj1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWpOSXFfRnowbmRNaVVJQWpLMzIxZ0VxUFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8wMjY5MTQtMTYxMi00NWY0LWFjZGYt
MmFjYjlkMTdjMTFjLzEvWVFsejJ6ZnlqR1h1RHl0WDZxeWJGeXRBbnhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8wMjY5MTQtMTYxMi00NWY0LWFjZGYtMmFjYjlkMTdjMTFj
LzEveWpOSXFfRnowbmRNaVVJQWpLMzIxZ0VxUFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgRQQDAN
BgkqhkiG9w0BAQsFAAOCAQEARUH9bUKgrzT9f9E1bita5Q6aM+yyg7C18xBJrPuT
qT9YubKlLS+QIReDrogaOzxTgUjbpU/N1BoFT7tBOLmV1mhOkDA7rAJS+TqMezh5
VZpPUI9PWFK2EM1NokxGtwarrT7/o9uHxr4HmGIN31AhmWJD30KKbyFuVlOkmMBH
NZxob3ZAcUGBjQtSNijfmrWszCUQzACFoRpD8gOQt8Ha2vV75oC0vGV5ekQ1Ic/Z
q9VI9j6sughKYC0qRfuf/GOGCrjdD4REEgS6XiDaUCh0hNOUMBnLSEMukpzffIgE
Ip0nUQvTsP7WNjnWYTmN6Ac5pTeYi5lif6oBFYEIL+MUeQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:14 2025 by rpki-client