Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/Y-fCF-yL3DejKL2SkqNilYE3P5s.roa
File: Y-fCF-yL3DejKL2SkqNilYE3P5s.roa (raw, json)
Hash identifier: Boyr/Y9ymkTvkN8js3v/l5CFPX6aRTEO8Bc65cBfhzE=
Subject key identifier: 63:E7:C2:17:EC:8B:DC:37:A3:28:BD:92:92:A3:62:95:81:37:3F:9B
Certificate issuer: /CN=42e90c9d1009b32c1945b6f8e6589483c5ea4743
Certificate serial: 018D121665D6BC966E59C529F94C4734383B
Authority key identifier: 42:E9:0C:9D:10:09:B3:2C:19:45:B6:F8:E6:58:94:83:C5:EA:47:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QukMnRAJsywZRbb45liUg8XqR0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/Y-fCF-yL3DejKL2SkqNilYE3P5s.roa
Signing time: Tue 16 Jan 2024 11:44:34 +0000
ROA not before: Tue 16 Jan 2024 11:44:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28771
IP address blocks: 2001:67c:2b04::/48 maxlen: 48
2a09:d7c0::/30 maxlen: 30
2a09:d7c4::/30 maxlen: 30
Validation: Failed, certificate revoked on Tue 23 Jan 2024 07:10:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:12:16:65:d6:bc:96:6e:59:c5:29:f9:4c:47:34:38:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42e90c9d1009b32c1945b6f8e6589483c5ea4743
Validity
Not Before: Jan 16 11:44:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63e7c217ec8bdc37a328bd9292a3629581373f9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e3:e2:2e:72:de:92:10:97:4a:b9:e5:95:da:
2b:6b:7f:ae:5b:b7:7f:ed:79:e4:5c:1c:40:5f:e3:
bf:5c:67:13:78:f9:f4:ff:76:df:b6:75:d1:35:bc:
ce:a0:63:03:1f:d6:a7:d5:a5:82:af:25:99:6b:dc:
7f:ac:1d:01:c6:da:87:db:f4:05:7f:c5:f6:44:a9:
51:05:eb:97:5c:8d:f0:fe:09:82:38:1c:a7:b1:b8:
7a:2d:cd:10:6c:d0:70:92:45:8f:fc:69:62:67:00:
a7:18:71:af:ea:12:aa:ff:3e:b3:53:84:d6:18:29:
da:39:d6:b4:0f:c5:b2:36:3e:c3:af:bb:26:7c:4a:
0e:b9:a7:f6:03:e6:d9:65:36:18:8a:ec:70:e9:b6:
43:e1:37:9c:2d:06:b1:57:a5:36:6f:20:4e:18:b2:
ad:63:9e:88:86:3e:21:67:8d:51:c0:66:77:f2:0a:
35:21:b4:16:21:15:ed:98:25:15:4a:22:26:35:3c:
a4:fc:57:fa:37:0b:60:21:9d:72:a1:ea:c2:3d:c5:
b6:54:23:e1:20:99:3a:2a:c1:47:0c:58:e2:3e:d5:
a4:c1:0f:98:91:b1:1f:11:b8:81:3b:a9:1a:d6:24:
4c:e8:56:26:99:0e:75:98:32:96:93:71:90:b0:f7:
ec:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:E7:C2:17:EC:8B:DC:37:A3:28:BD:92:92:A3:62:95:81:37:3F:9B
X509v3 Authority Key Identifier:
keyid:42:E9:0C:9D:10:09:B3:2C:19:45:B6:F8:E6:58:94:83:C5:EA:47:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QukMnRAJsywZRbb45liUg8XqR0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/Y-fCF-yL3DejKL2SkqNilYE3P5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2b04::/48
2a09:d7c0::/29
Signature Algorithm: sha256WithRSAEncryption
09:5e:48:d6:25:fd:a7:e7:67:f0:a7:50:b5:d9:b9:40:3b:fd:
75:95:21:a8:f0:53:20:95:6e:3c:db:db:55:48:97:c1:c7:5b:
25:82:df:27:af:e8:d6:76:75:30:b0:52:ba:7f:8f:c3:01:18:
d3:1d:d3:5f:8c:f2:15:ba:b7:38:df:3d:55:b3:01:1b:de:87:
76:75:e8:97:75:38:92:fa:cb:d8:e7:15:39:f0:49:e4:79:72:
de:b1:fd:80:2e:5a:5e:7c:e4:b6:5a:bc:6f:4d:7d:7d:4f:95:
13:41:7b:d7:75:15:5e:7f:c6:9e:7f:98:aa:69:8a:52:49:be:
cb:a4:29:c6:a0:14:f1:22:bd:cc:a1:3d:09:b4:2a:5a:15:90:
2e:8b:4c:ec:a9:58:ef:5f:9d:28:f3:8d:4f:39:68:f9:04:6f:
70:18:7d:a0:8e:dc:5b:52:45:81:7c:44:c3:4d:27:e4:9b:50:
d3:9b:cc:ff:c7:a8:8e:2b:80:fd:83:e2:be:a1:14:d3:c2:c5:
2a:f8:84:a9:c9:93:b2:ea:96:2f:fb:58:1f:25:26:8a:78:af:
c0:92:6a:3e:75:d8:ad:19:e8:45:86:6c:14:3c:2e:75:00:f3:
cf:45:43:cd:94:24:eb:7d:71:ac:d7:ae:a8:70:a2:34:65:2e:
99:05:a4:10
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAY0SFmXWvJZuWcUp+UxHNDg7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZTkwYzlkMTAwOWIzMmMxOTQ1YjZmOGU2NTg5NDgzYzVl
YTQ3NDMwHhcNMjQwMTE2MTE0NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2U3YzIxN2VjOGJkYzM3YTMyOGJkOTI5MmEzNjI5NTgxMzczZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArePiLnLekhCXSrnlldora3+uW7d/
7XnkXBxAX+O/XGcTePn0/3bftnXRNbzOoGMDH9an1aWCryWZa9x/rB0BxtqH2/QF
f8X2RKlRBeuXXI3w/gmCOBynsbh6Lc0QbNBwkkWP/GliZwCnGHGv6hKq/z6zU4TW
GCnaOda0D8WyNj7Dr7smfEoOuaf2A+bZZTYYiuxw6bZD4TecLQaxV6U2byBOGLKt
Y56Ihj4hZ41RwGZ38go1IbQWIRXtmCUVSiImNTyk/Ff6NwtgIZ1yoerCPcW2VCPh
IJk6KsFHDFjiPtWkwQ+YkbEfEbiBO6ka1iRM6FYmmQ51mDKWk3GQsPfsqwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFGPnwhfsi9w3oyi9kpKjYpWBNz+bMB8GA1UdIwQY
MBaAFELpDJ0QCbMsGUW2+OZYlIPF6kdDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXVrTW5SQUpzeXdaUmJiNDVsaVVnOFhxUjBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTVhNDAtOWQ5NC00ZjgyLTg4ZTUt
NjljNjI5ODQxNWY4LzEvWS1mQ0YteUwzRGVqS0wyU2txTmlsWUUzUDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NTVhNDAtOWQ5NC00ZjgyLTg4ZTUtNjljNjI5ODQxNWY4
LzEvUXVrTW5SQUpzeXdaUmJiNDVsaVVnOFhxUjBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcAIAEGfCsE
AwUDKgnXwDANBgkqhkiG9w0BAQsFAAOCAQEACV5I1iX9p+dn8KdQtdm5QDv9dZUh
qPBTIJVuPNvbVUiXwcdbJYLfJ6/o1nZ1MLBSun+PwwEY0x3TX4zyFbq3ON89VbMB
G96HdnXol3U4kvrL2OcVOfBJ5Hly3rH9gC5aXnzktlq8b019fU+VE0F713UVXn/G
nn+YqmmKUkm+y6QpxqAU8SK9zKE9CbQqWhWQLotM7KlY71+dKPONTzlo+QRvcBh9
oI7cW1JFgXxEw00n5JtQ05vM/8eojiuA/YPivqEU08LFKviEqcmTsuqWL/tYHyUm
inivwJJqPnXYrRnoRYZsFDwudQDzz0VDzZQk631xrNeuqHCiNGUumQWkEA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:47 2025 by rpki-client