Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/1a44b7-9c4b-40b9-b6ac-d6930c97e967/1/YB7hTic8c0MmnHfcvtFWkAtO8q8.roa
File: YB7hTic8c0MmnHfcvtFWkAtO8q8.roa (raw, json)
Hash identifier: io2wzTp9ygTDnlC50F1+D5ICMhzMK5MuOuAyea5tjh0=
Subject key identifier: 60:1E:E1:4E:27:3C:73:43:26:9C:77:DC:BE:D1:56:90:0B:4E:F2:AF
Certificate issuer: /CN=0ded20e5cfea0d796ab3f73b98cd24bef1c5cc9a
Certificate serial: 01856ECB8233D26ED0B098743427A556F90E
Authority key identifier: 0D:ED:20:E5:CF:EA:0D:79:6A:B3:F7:3B:98:CD:24:BE:F1:C5:CC:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/De0g5c_qDXlqs_c7mM0kvvHFzJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/1a44b7-9c4b-40b9-b6ac-d6930c97e967/1/YB7hTic8c0MmnHfcvtFWkAtO8q8.roa
Signing time: Sun 01 Jan 2023 19:25:08 +0000
ROA not before: Sun 01 Jan 2023 19:25:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208113
IP address blocks: 2001:678:b24::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:82:33:d2:6e:d0:b0:98:74:34:27:a5:56:f9:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ded20e5cfea0d796ab3f73b98cd24bef1c5cc9a
Validity
Not Before: Jan 1 19:25:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=601ee14e273c7343269c77dcbed156900b4ef2af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:00:7c:c7:54:5c:3f:7a:ba:c1:61:5d:a0:7a:
cf:72:21:02:f6:3f:63:d4:9e:5a:0c:4e:fe:57:29:
14:e9:6f:67:4b:3f:cc:b1:3b:ed:85:e8:f1:a3:25:
47:e5:be:cf:b2:90:a3:12:11:e7:07:79:1d:eb:bb:
69:44:88:db:7d:20:78:6f:f7:f7:f3:1c:37:55:c8:
40:f0:af:78:d5:4a:64:0e:0e:d2:53:fa:80:ad:6b:
aa:09:a0:a7:05:37:ae:15:02:5c:2b:59:24:c1:51:
c5:8b:ab:ca:df:2c:50:a4:ce:52:f4:fa:35:6a:c6:
8f:3a:b9:37:18:93:e3:1a:59:ec:03:5d:14:47:ea:
59:da:5e:85:e5:a8:7a:7e:75:1f:54:0c:86:65:14:
92:d7:ab:12:20:0f:6d:56:d2:c4:86:17:1e:66:c2:
53:51:6e:a9:69:09:1c:0d:ed:a7:b5:db:8c:03:88:
78:fd:c0:d6:02:9b:1f:bf:97:18:49:d3:43:a3:2e:
ce:2c:3d:00:f0:18:75:aa:f1:23:c9:e5:82:b4:ac:
ef:eb:5d:d3:b5:64:67:c2:1b:bf:5c:40:a1:bf:f8:
be:ee:35:04:ae:34:bd:97:82:37:d6:e6:da:c3:59:
c4:f8:a5:dc:31:be:11:8f:39:cb:f8:04:9f:79:82:
b6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:1E:E1:4E:27:3C:73:43:26:9C:77:DC:BE:D1:56:90:0B:4E:F2:AF
X509v3 Authority Key Identifier:
keyid:0D:ED:20:E5:CF:EA:0D:79:6A:B3:F7:3B:98:CD:24:BE:F1:C5:CC:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/De0g5c_qDXlqs_c7mM0kvvHFzJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/1a44b7-9c4b-40b9-b6ac-d6930c97e967/1/YB7hTic8c0MmnHfcvtFWkAtO8q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/1a44b7-9c4b-40b9-b6ac-d6930c97e967/1/De0g5c_qDXlqs_c7mM0kvvHFzJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:b24::/48
Signature Algorithm: sha256WithRSAEncryption
98:00:b0:3d:92:38:3a:42:16:3d:91:c0:bd:38:1e:c5:fe:94:
8b:2b:40:bc:98:d0:41:ad:cd:0c:dc:a3:76:21:5d:8b:66:a3:
ef:63:e9:e9:3f:b5:36:0a:e5:c4:9c:82:e4:2a:54:d7:fd:86:
e2:2e:23:aa:6c:ab:cd:68:24:13:a8:77:d6:d1:97:80:e9:d8:
ae:f2:39:22:b4:31:b1:0e:4d:7d:d9:6c:67:22:45:51:f3:53:
85:36:76:50:8b:a3:14:9b:3b:f2:22:e1:f0:b1:49:1d:c2:bb:
ae:d6:bd:7f:7d:3c:4f:47:01:c0:84:48:08:3c:6c:c0:f6:ab:
a8:cf:16:1b:21:f0:0a:a8:21:ea:22:27:98:8b:ca:ea:8d:03:
b0:ed:a9:e3:bb:03:4c:5a:54:84:9d:99:3a:36:20:2e:93:cb:
e1:b8:14:af:99:90:5b:0a:02:12:06:6a:05:58:f3:fb:be:4c:
0d:6c:ce:bf:b3:20:a1:86:7d:f3:b2:0a:ae:c5:a0:cf:fb:b6:
d8:50:04:0d:6b:d4:e3:14:2e:c3:4f:df:6e:11:ab:5a:98:24:
3c:45:29:44:1f:8c:0f:b0:38:3c:06:1b:06:12:ff:3d:13:78:
2c:49:fd:3a:f0:5a:9a:2e:39:70:51:90:23:bf:1e:87:43:f7:
8e:ef:0c:bf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuy4Iz0m7QsJh0NCelVvkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZWQyMGU1Y2ZlYTBkNzk2YWIzZjczYjk4Y2QyNGJlZjFj
NWNjOWEwHhcNMjMwMTAxMTkyNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDFlZTE0ZTI3M2M3MzQzMjY5Yzc3ZGNiZWQxNTY5MDBiNGVmMmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgB8x1RcP3q6wWFdoHrPciEC9j9j
1J5aDE7+VykU6W9nSz/MsTvthejxoyVH5b7PspCjEhHnB3kd67tpRIjbfSB4b/f3
8xw3VchA8K941UpkDg7SU/qArWuqCaCnBTeuFQJcK1kkwVHFi6vK3yxQpM5S9Po1
asaPOrk3GJPjGlnsA10UR+pZ2l6F5ah6fnUfVAyGZRSS16sSIA9tVtLEhhceZsJT
UW6paQkcDe2ntduMA4h4/cDWApsfv5cYSdNDoy7OLD0A8Bh1qvEjyeWCtKzv613T
tWRnwhu/XEChv/i+7jUErjS9l4I31ubaw1nE+KXcMb4RjznL+ASfeYK2+QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGAe4U4nPHNDJpx33L7RVpALTvKvMB8GA1UdIwQY
MBaAFA3tIOXP6g15arP3O5jNJL7xxcyaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGUwZzVjX3FEWGxxc19jN21NMGt2dkhGekpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8xYTQ0YjctOWM0Yi00MGI5LWI2YWMt
ZDY5MzBjOTdlOTY3LzEvWUI3aFRpYzhjME1tbkhmY3Z0RldrQXRPOHE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8xYTQ0YjctOWM0Yi00MGI5LWI2YWMtZDY5MzBjOTdlOTY3
LzEvRGUwZzVjX3FEWGxxc19jN21NMGt2dkhGekpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAsk
MA0GCSqGSIb3DQEBCwUAA4IBAQCYALA9kjg6QhY9kcC9OB7F/pSLK0C8mNBBrc0M
3KN2IV2LZqPvY+npP7U2CuXEnILkKlTX/YbiLiOqbKvNaCQTqHfW0ZeA6diu8jki
tDGxDk192WxnIkVR81OFNnZQi6MUmzvyIuHwsUkdwruu1r1/fTxPRwHAhEgIPGzA
9quozxYbIfAKqCHqIieYi8rqjQOw7anjuwNMWlSEnZk6NiAuk8vhuBSvmZBbCgIS
BmoFWPP7vkwNbM6/syChhn3zsgquxaDP+7bYUAQNa9TjFC7DT99uEatamCQ8RSlE
H4wPsDg8BhsGEv89E3gsSf068FqaLjlwUZAjvx6HQ/eO7wy/
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:33 2024 by rpki-client on console-ams.rpki-client.org