Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/YtsNSn6TAQL89t08guqzpoXFGS4.roa
File: YtsNSn6TAQL89t08guqzpoXFGS4.roa (raw, json)
Hash identifier: yklha3ehhhxAQDnEKtTolt9aKgakD41dmi/dmRkD87Y=
Subject key identifier: 62:DB:0D:4A:7E:93:01:02:FC:F6:DD:3C:82:EA:B3:A6:85:C5:19:2E
Certificate issuer: /CN=65a665b90069bd71850602e7400c529793269e39
Certificate serial: 0194791EC1F584E134D855CF3CFC80E0A4EC
Authority key identifier: 65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/YtsNSn6TAQL89t08guqzpoXFGS4.roa
Signing time: Sat 18 Jan 2025 11:14:06 +0000
ROA not before: Sat 18 Jan 2025 11:14:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57027
IP address blocks: 2a09:2b80:2::/48 maxlen: 48
2a09:2b80:3::/48 maxlen: 48
2a09:2b80:4::/48 maxlen: 48
2a09:2b80:5::/48 maxlen: 48
2a09:2b80:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 20 Jan 2025 18:24:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:79:1e:c1:f5:84:e1:34:d8:55:cf:3c:fc:80:e0:a4:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65a665b90069bd71850602e7400c529793269e39
Validity
Not Before: Jan 18 11:14:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62db0d4a7e930102fcf6dd3c82eab3a685c5192e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7f:ea:07:a8:78:81:c8:54:a9:d0:c9:c5:fe:
96:f3:86:0a:e1:c7:fe:30:ef:16:d2:3f:47:ff:5f:
6a:c3:46:ca:a7:dc:9d:0a:64:cb:dc:89:53:89:70:
8f:c4:55:e7:dd:0e:01:5e:d9:36:8a:6e:24:13:5d:
dc:e7:69:25:f5:fb:b8:62:f7:06:0a:9d:5d:63:2b:
e0:a9:50:08:54:02:bb:fd:de:2d:a0:44:66:3e:6a:
ac:95:62:c3:c7:08:77:3c:d5:36:a1:9f:5e:36:38:
2b:f8:db:e1:4c:d3:ed:2a:22:5b:82:5b:17:fe:8f:
51:d0:af:9f:09:dc:ca:f0:34:64:69:8f:63:a1:fc:
de:5c:99:3d:ee:c3:37:a3:13:9f:c1:2d:54:06:db:
94:71:c9:76:2d:24:1a:17:a6:c2:fa:27:bf:21:ff:
83:83:f1:25:35:fa:b7:36:65:16:39:2a:5c:21:d5:
0f:92:a2:2a:62:ee:ec:e3:cd:66:5d:79:97:66:42:
fe:e6:95:d7:f3:18:78:72:bf:f7:64:fb:47:d2:55:
e2:57:28:fc:a1:95:1a:6a:84:a0:3b:bc:79:5e:1a:
b1:f1:af:63:81:61:72:87:1f:64:e3:46:50:05:ea:
99:9d:67:c4:b1:2e:61:6e:82:2e:e1:48:a3:8f:95:
6f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:DB:0D:4A:7E:93:01:02:FC:F6:DD:3C:82:EA:B3:A6:85:C5:19:2E
X509v3 Authority Key Identifier:
keyid:65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/YtsNSn6TAQL89t08guqzpoXFGS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2b80:2::-2a09:2b80:6:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
42:e8:f7:f2:dc:b8:eb:1b:8a:c7:c5:04:cc:ca:2e:9e:87:ee:
c8:e4:58:b6:ec:bb:de:be:c8:29:c7:13:dd:fb:f5:25:cd:9b:
13:37:56:54:8d:de:1e:26:4a:0f:0b:46:76:e1:cd:ff:8b:cc:
bf:c9:1a:89:47:9e:aa:f3:47:b1:d6:d4:b3:ea:6b:42:7a:ac:
fe:d4:fb:e6:6c:56:ef:89:30:99:79:fa:2b:61:82:9f:e5:12:
6a:53:5f:b5:c2:3d:5d:4b:34:1a:0c:85:a7:ff:2a:cb:cc:49:
5b:18:51:86:33:22:8a:ad:32:db:3e:7c:51:57:22:9b:24:2d:
9e:b8:5b:f7:8b:c6:dd:38:06:f7:0a:47:dc:41:b4:6f:a2:9e:
be:ff:5b:1e:44:67:73:76:f4:67:2b:3d:35:3d:fe:16:9d:3a:
25:23:13:94:44:0f:7b:29:39:d4:7b:e8:05:ea:03:1e:98:a3:
6f:37:4a:b9:1c:b3:c4:21:0a:48:b7:37:92:f5:3a:18:af:62:
8b:6f:da:6d:98:64:e8:3a:a4:be:3f:34:88:3a:be:6d:b1:17:
87:cf:5e:d0:f2:3b:4a:33:96:10:62:3b:4a:f9:67:ac:60:19:
41:1b:8c:de:ff:2e:94:84:31:2f:7e:dc:f1:2a:5d:43:76:6d:
d6:98:30:5d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZR5HsH1hOE02FXPPPyA4KTsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YTY2NWI5MDA2OWJkNzE4NTA2MDJlNzQwMGM1Mjk3OTMy
NjllMzkwHhcNMjUwMTE4MTExNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmRiMGQ0YTdlOTMwMTAyZmNmNmRkM2M4MmVhYjNhNjg1YzUxOTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuH/qB6h4gchUqdDJxf6W84YK4cf+
MO8W0j9H/19qw0bKp9ydCmTL3IlTiXCPxFXn3Q4BXtk2im4kE13c52kl9fu4YvcG
Cp1dYyvgqVAIVAK7/d4toERmPmqslWLDxwh3PNU2oZ9eNjgr+NvhTNPtKiJbglsX
/o9R0K+fCdzK8DRkaY9jofzeXJk97sM3oxOfwS1UBtuUccl2LSQaF6bC+ie/If+D
g/ElNfq3NmUWOSpcIdUPkqIqYu7s481mXXmXZkL+5pXX8xh4cr/3ZPtH0lXiVyj8
oZUaaoSgO7x5Xhqx8a9jgWFyhx9k40ZQBeqZnWfEsS5hboIu4Uijj5VvFQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGLbDUp+kwEC/PbdPILqs6aFxRkuMB8GA1UdIwQY
MBaAFGWmZbkAab1xhQYC50AMUpeTJp45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjct
Yzk0NTdlYzgxMTUxLzEvWXRzTlNuNlRBUUw4OXQwOGd1cXpwb1hGR1M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjctYzk0NTdlYzgxMTUx
LzEvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwEqCSuA
AAIDBwAqCSuAAAYwDQYJKoZIhvcNAQELBQADggEBAELo9/LcuOsbisfFBMzKLp6H
7sjkWLbsu96+yCnHE9379SXNmxM3VlSN3h4mSg8LRnbhzf+LzL/JGolHnqrzR7HW
1LPqa0J6rP7U++ZsVu+JMJl5+ithgp/lEmpTX7XCPV1LNBoMhaf/KsvMSVsYUYYz
IoqtMts+fFFXIpskLZ64W/eLxt04BvcKR9xBtG+inr7/Wx5EZ3N29GcrPTU9/had
OiUjE5RED3spOdR76AXqAx6Yo283Srkcs8QhCki3N5L1OhivYotv2m2YZOg6pL4/
NIg6vm2xF4fPXtDyO0ozlhBiO0r5Z6xgGUEbjN7/LpSEMS9+3PEqXUN2bdaYMF0=
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:58:11 2025 by rpki-client