Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YP8nkEhWxY4bnl_rq64p_nAZShw.roa
File: YP8nkEhWxY4bnl_rq64p_nAZShw.roa (raw, json)
Hash identifier: oYDoVif5sVdJ+PrgNK0RqFdixioE6ZghKEC7nDmxvy8=
Subject key identifier: 60:FF:27:90:48:56:C5:8E:1B:9E:5F:EB:AB:AE:29:FE:70:19:4A:1C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018DC817D2CACCB67141A5498589D035C9D6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YP8nkEhWxY4bnl_rq64p_nAZShw.roa
Signing time: Tue 20 Feb 2024 19:57:00 +0000
ROA not before: Tue 20 Feb 2024 19:57:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211358
IP address blocks: 2a0e:b107:12d1::/48 maxlen: 48
2a0e:b107:12d2::/48 maxlen: 48
2a0e:b107:12d3::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 06 Mar 2024 23:50:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c8:17:d2:ca:cc:b6:71:41:a5:49:85:89:d0:35:c9:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 20 19:57:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60ff27904856c58e1b9e5febabae29fe70194a1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4e:6e:f5:84:72:be:ac:38:45:3e:7f:6f:81:
61:5e:04:ff:15:0f:e2:52:b2:fb:1d:cd:f5:8d:2c:
cd:84:1e:ef:62:ac:b5:73:cc:18:af:e9:68:b9:25:
dc:95:98:2f:0c:1e:3a:2e:4c:29:b3:10:3e:10:37:
12:6a:05:ea:b0:de:6b:5c:5b:aa:b5:68:51:bd:ad:
42:0e:0a:32:31:37:4e:c3:77:25:e9:59:13:55:32:
cd:04:8f:16:93:91:8b:84:62:92:6d:05:07:73:e7:
0a:60:50:03:c5:77:6b:79:b8:79:07:c7:25:c4:0b:
f9:6e:6b:64:fe:d3:94:3a:cf:30:68:4e:f9:0f:53:
c0:93:22:92:e8:19:31:00:6e:91:4d:0a:1d:c0:ae:
93:a6:58:19:db:47:f9:f2:5a:16:7d:4f:8d:a4:1f:
77:e7:3a:db:87:fa:f1:06:7d:50:01:d1:71:d8:f8:
a8:e4:fe:1a:75:e4:42:d0:60:96:05:28:7d:e2:04:
24:bb:13:4a:22:7a:5e:1f:d5:8d:87:8b:8e:09:f3:
49:18:68:a6:e7:c8:8c:c1:c2:39:9a:72:e5:6c:e7:
ee:a2:58:18:e1:d4:62:c0:fe:9d:f2:7e:e1:59:d3:
16:84:e2:99:07:8a:0d:97:49:68:2f:06:d4:07:0f:
b9:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:FF:27:90:48:56:C5:8E:1B:9E:5F:EB:AB:AE:29:FE:70:19:4A:1C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YP8nkEhWxY4bnl_rq64p_nAZShw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:12d1::-2a0e:b107:12d3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
57:b2:64:e9:4c:de:bc:b6:45:d5:4e:a4:23:1f:2a:4c:31:e6:
98:88:71:52:92:c7:e5:29:e5:da:3d:70:46:b6:36:d9:2f:c9:
86:be:24:aa:7e:55:8a:b8:e6:82:9e:07:57:7e:0e:be:9f:13:
59:5d:23:b9:00:ee:1e:8a:4f:3c:1b:c1:52:97:93:21:b0:5f:
7d:d1:b7:df:50:33:d7:98:d1:60:c5:a2:e8:de:e1:c3:cb:96:
db:e4:b8:18:a1:98:02:15:ab:4d:4d:18:87:e5:cc:22:c5:90:
f7:1a:b1:96:e6:d2:20:2d:7c:b3:e3:2f:34:66:95:2e:e0:d3:
b4:0a:23:d5:39:a5:13:1c:b1:73:d8:8f:95:17:c0:11:8b:cc:
cc:ec:19:78:71:ca:50:cd:74:02:92:c9:3c:c5:57:8b:41:f6:
85:8d:94:8c:d5:eb:c8:83:f4:07:a8:77:93:8a:ba:4f:a8:75:
78:63:84:dc:8e:d6:de:eb:bc:53:28:2b:27:d3:9b:04:d0:5d:
91:84:09:45:68:19:60:2a:fc:2b:23:e9:76:bd:2c:6f:38:9e:
5b:20:f7:f8:a7:56:0b:a3:af:1f:ac:7a:db:ac:f4:89:f8:4d:
11:6c:14:12:1d:c8:82:28:73:0a:a2:81:b5:92:5c:af:1c:32:
fa:79:e4:98
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY3IF9LKzLZxQaVJhYnQNcnWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjIwMTk1NzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGZmMjc5MDQ4NTZjNThlMWI5ZTVmZWJhYmFlMjlmZTcwMTk0YTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuU5u9YRyvqw4RT5/b4FhXgT/FQ/i
UrL7Hc31jSzNhB7vYqy1c8wYr+louSXclZgvDB46LkwpsxA+EDcSagXqsN5rXFuq
tWhRva1CDgoyMTdOw3cl6VkTVTLNBI8Wk5GLhGKSbQUHc+cKYFADxXdrebh5B8cl
xAv5bmtk/tOUOs8waE75D1PAkyKS6BkxAG6RTQodwK6TplgZ20f58loWfU+NpB93
5zrbh/rxBn1QAdFx2Pio5P4adeRC0GCWBSh94gQkuxNKInpeH9WNh4uOCfNJGGim
58iMwcI5mnLlbOfuolgY4dRiwP6d8n7hWdMWhOKZB4oNl0loLwbUBw+59wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGD/J5BIVsWOG55f66uuKf5wGUocMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWVA4bmtFaFd4WTRibmxfcnE2NHBfbkFaU2h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqDrEH
EtEDBwIqDrEHEtAwDQYJKoZIhvcNAQELBQADggEBAFeyZOlM3ry2RdVOpCMfKkwx
5piIcVKSx+Up5do9cEa2NtkvyYa+JKp+VYq45oKeB1d+Dr6fE1ldI7kA7h6KTzwb
wVKXkyGwX33Rt99QM9eY0WDFouje4cPLltvkuBihmAIVq01NGIflzCLFkPcasZbm
0iAtfLPjLzRmlS7g07QKI9U5pRMcsXPYj5UXwBGLzMzsGXhxylDNdAKSyTzFV4tB
9oWNlIzV68iD9Aeod5OKuk+odXhjhNyO1t7rvFMoKyfTmwTQXZGECUVoGWAq/Csj
6Xa9LG84nlsg9/inVgujrx+setus9In4TRFsFBIdyIIocwqigbWSXK8cMvp55Jg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:33 2024 by rpki-client on console-fra.rpki-client.org