Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/afda9a-6630-4a9f-b522-28829c03c69a/1/YbAWvWCd7X-hTzpWa9Eck4qKc7Q.roa
File: YbAWvWCd7X-hTzpWa9Eck4qKc7Q.roa (raw, json)
Hash identifier: tqfY/GKGGTVBF0jtuBsmjoOX88KAyWpm/YtY3xgJ2KA=
Subject key identifier: 61:B0:16:BD:60:9D:ED:7F:A1:4F:3A:56:6B:D1:1C:93:8A:8A:73:B4
Certificate issuer: /CN=aa9a164c656412b7daafae8571cc679cc6f587d0
Certificate serial: 018CF9A3F36BAFA892072CEBF178DF52FBD9
Authority key identifier: AA:9A:16:4C:65:64:12:B7:DA:AF:AE:85:71:CC:67:9C:C6:F5:87:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qpoWTGVkErfar66FccxnnMb1h9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/afda9a-6630-4a9f-b522-28829c03c69a/1/YbAWvWCd7X-hTzpWa9Eck4qKc7Q.roa
Signing time: Thu 11 Jan 2024 17:48:40 +0000
ROA not before: Thu 11 Jan 2024 17:48:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215739
IP address blocks: 84.252.80.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 16 Jan 2024 13:16:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f9:a3:f3:6b:af:a8:92:07:2c:eb:f1:78:df:52:fb:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa9a164c656412b7daafae8571cc679cc6f587d0
Validity
Not Before: Jan 11 17:48:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61b016bd609ded7fa14f3a566bd11c938a8a73b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4b:55:f1:a9:e2:44:13:98:c5:78:73:7e:14:
21:21:cf:16:ab:28:b4:45:7a:c5:a9:d5:2f:be:dc:
86:61:48:07:49:21:c6:2d:67:0b:57:5d:a6:1f:9c:
a5:72:8b:54:52:00:19:b6:47:51:aa:4d:17:25:d5:
3b:4c:56:78:6f:9c:e7:a0:27:81:74:48:e2:61:19:
0d:ba:0d:f9:b3:4f:13:71:0b:ef:69:3c:5c:cb:d5:
18:85:68:3b:f2:04:31:ca:2c:7c:68:62:e3:d7:be:
62:8c:41:10:58:db:66:cd:73:47:8b:f7:b8:b7:7e:
21:88:f2:00:93:47:8b:64:a8:92:8a:08:27:3c:28:
50:86:de:eb:28:48:be:a5:d6:bc:0f:9e:b5:e6:95:
a0:c0:db:3f:74:77:29:2b:ae:4d:f7:5c:7a:ba:4f:
49:1c:0c:22:b4:a5:71:26:fa:46:f7:0e:d5:4a:b9:
d6:d2:c6:58:16:5f:cf:32:9d:a7:c1:5f:05:98:8a:
21:86:c3:4f:1e:3c:82:72:42:02:db:1e:cc:39:0a:
a2:46:f7:d9:b6:98:f6:fd:81:e0:7c:d5:e8:ff:6a:
88:92:22:be:97:66:c5:c6:8c:71:85:37:d8:a9:cc:
6d:c1:08:78:c0:cf:72:d7:57:ac:31:1e:4f:67:22:
c7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B0:16:BD:60:9D:ED:7F:A1:4F:3A:56:6B:D1:1C:93:8A:8A:73:B4
X509v3 Authority Key Identifier:
keyid:AA:9A:16:4C:65:64:12:B7:DA:AF:AE:85:71:CC:67:9C:C6:F5:87:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qpoWTGVkErfar66FccxnnMb1h9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/afda9a-6630-4a9f-b522-28829c03c69a/1/YbAWvWCd7X-hTzpWa9Eck4qKc7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/afda9a-6630-4a9f-b522-28829c03c69a/1/qpoWTGVkErfar66FccxnnMb1h9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.80.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:e0:05:d9:b0:a0:b5:1a:5d:c0:c6:38:6c:07:3d:e7:7e:75:
8d:f7:a2:81:1a:b6:2e:e1:d8:53:27:a4:19:43:79:0f:e6:f4:
eb:e1:c5:98:f1:8f:c2:48:a5:d2:33:f8:35:60:72:b8:f5:a1:
d0:58:92:41:55:1e:a0:ec:8c:6b:ed:55:ce:64:f7:6b:2c:f0:
d1:73:14:12:d6:b5:bb:61:26:e9:a5:01:2a:0e:8d:40:f4:3c:
a8:42:47:08:0e:b0:93:1d:de:e9:f7:39:33:20:d1:09:7a:ed:
b9:a9:97:53:6e:3c:b2:fd:13:c0:21:98:bf:77:92:cc:db:70:
e0:dc:1b:d3:19:60:9a:78:91:dd:d3:c9:d0:45:e8:68:31:6d:
e3:50:68:36:20:c5:c5:d3:d7:88:68:b8:68:20:f5:e8:fd:66:
ef:f6:46:6f:b3:41:46:6e:34:77:b5:cc:ee:08:fb:37:f4:6a:
99:82:58:50:df:7e:fc:da:db:ae:ee:33:b3:d2:f0:87:18:02:
e3:77:a1:2c:aa:6a:17:94:80:00:eb:81:15:82:33:e1:6c:c5:
78:74:41:c7:14:8a:e1:fc:98:3d:aa:6b:48:42:3f:cc:9d:61:
95:00:e6:25:fd:1e:7f:c5:ce:9f:c3:2f:2e:84:d8:6d:8f:a9:
ae:b4:5b:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYz5o/Nrr6iSByzr8XjfUvvZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOWExNjRjNjU2NDEyYjdkYWFmYWU4NTcxY2M2NzljYzZm
NTg3ZDAwHhcNMjQwMTExMTc0ODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWIwMTZiZDYwOWRlZDdmYTE0ZjNhNTY2YmQxMWM5MzhhOGE3M2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0tV8aniRBOYxXhzfhQhIc8Wqyi0
RXrFqdUvvtyGYUgHSSHGLWcLV12mH5ylcotUUgAZtkdRqk0XJdU7TFZ4b5znoCeB
dEjiYRkNug35s08TcQvvaTxcy9UYhWg78gQxyix8aGLj175ijEEQWNtmzXNHi/e4
t34hiPIAk0eLZKiSiggnPChQht7rKEi+pda8D5615pWgwNs/dHcpK65N91x6uk9J
HAwitKVxJvpG9w7VSrnW0sZYFl/PMp2nwV8FmIohhsNPHjyCckIC2x7MOQqiRvfZ
tpj2/YHgfNXo/2qIkiK+l2bFxoxxhTfYqcxtwQh4wM9y11esMR5PZyLH9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGGwFr1gne1/oU86VmvRHJOKinO0MB8GA1UdIwQY
MBaAFKqaFkxlZBK32q+uhXHMZ5zG9YfQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXBvV1RHVmtFcmZhcjY2RmNjeG5uTWIxaDlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9hZmRhOWEtNjYzMC00YTlmLWI1MjIt
Mjg4MjljMDNjNjlhLzEvWWJBV3ZXQ2Q3WC1oVHpwV2E5RWNrNHFLYzdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9hZmRhOWEtNjYzMC00YTlmLWI1MjItMjg4MjljMDNjNjlh
LzEvcXBvV1RHVmtFcmZhcjY2RmNjeG5uTWIxaDlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVPxQMA0G
CSqGSIb3DQEBCwUAA4IBAQAd4AXZsKC1Gl3AxjhsBz3nfnWN96KBGrYu4dhTJ6QZ
Q3kP5vTr4cWY8Y/CSKXSM/g1YHK49aHQWJJBVR6g7Ixr7VXOZPdrLPDRcxQS1rW7
YSbppQEqDo1A9DyoQkcIDrCTHd7p9zkzINEJeu25qZdTbjyy/RPAIZi/d5LM23Dg
3BvTGWCaeJHd08nQRehoMW3jUGg2IMXF09eIaLhoIPXo/Wbv9kZvs0FGbjR3tczu
CPs39GqZglhQ33782tuu7jOz0vCHGALjd6EsqmoXlIAA64EVgjPhbMV4dEHHFIrh
/Jg9qmtIQj/MnWGVAOYl/R5/xc6fwy8uhNhtj6mutFtd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:49 2024 by rpki-client on console-ams.rpki-client.org