Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YSHRzqJM4ODlLM4NQ0_4C64y5W0.roa
File: YSHRzqJM4ODlLM4NQ0_4C64y5W0.roa (raw, json)
Hash identifier: lZBZws8Px9DNpS6zcIjPHkP8BHfEka0Wox5yME3Z01w=
Subject key identifier: 61:21:D1:CE:A2:4C:E0:E0:E5:2C:CE:0D:43:4F:F8:0B:AE:32:E5:6D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018F921428EB7C717C966B5A0EF5DB26EB63
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YSHRzqJM4ODlLM4NQ0_4C64y5W0.roa
Signing time: Sun 19 May 2024 18:19:05 +0000
ROA not before: Sun 19 May 2024 18:19:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202941
IP address blocks: 2a10:2f00:187::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 20 May 2024 11:40:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:92:14:28:eb:7c:71:7c:96:6b:5a:0e:f5:db:26:eb:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 19 18:19:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6121d1cea24ce0e0e52cce0d434ff80bae32e56d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:43:c8:7d:b3:a8:7c:b6:2c:1f:ea:e5:b4:28:
5d:5c:67:a2:b3:e7:14:b5:16:98:fe:fd:7e:bf:cb:
1b:8e:36:ac:fc:c5:46:28:14:da:50:c3:2a:1a:71:
57:dc:6d:fc:22:39:46:32:07:5c:a2:a0:78:76:e3:
15:76:47:f6:9b:f5:18:72:99:e8:41:ad:20:ac:7f:
30:4a:27:08:fe:2f:9f:d9:63:ed:d4:7f:dd:c4:11:
95:7c:35:b4:18:1b:cd:cc:29:ad:36:2f:d5:cc:07:
48:29:6a:0b:ad:94:be:7b:70:84:9c:19:15:80:e5:
45:66:ca:38:f6:f7:1f:3d:40:8f:3d:99:9a:60:c5:
64:a7:c0:d7:5c:a1:28:ec:6e:f7:e6:d8:b4:82:7b:
fb:30:3f:aa:fa:ec:da:3c:67:b8:7b:6a:41:62:4c:
e8:4e:0d:92:e6:79:37:9a:93:c5:92:0e:c2:0d:ba:
cc:3c:5b:c1:24:65:60:8e:e9:22:53:d9:19:f0:82:
b7:20:1d:02:3a:9f:ea:62:fa:92:66:b2:44:03:ca:
a9:d7:82:48:cd:6a:b9:a6:b1:e7:bf:82:8f:c1:61:
15:cd:94:86:8e:33:9a:18:61:dd:e5:61:59:e7:26:
cb:04:45:36:37:d4:8b:0c:42:01:45:cb:00:9d:b1:
98:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:21:D1:CE:A2:4C:E0:E0:E5:2C:CE:0D:43:4F:F8:0B:AE:32:E5:6D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YSHRzqJM4ODlLM4NQ0_4C64y5W0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:187::/48
Signature Algorithm: sha256WithRSAEncryption
5b:fd:f1:89:2e:db:b1:0c:7f:a9:1a:bb:a1:e6:eb:5f:b0:45:
94:e4:15:bc:35:4f:a8:fa:7b:25:df:ec:91:84:ae:5a:2f:dc:
81:e2:8f:51:ca:93:a5:b2:40:f8:93:31:e3:63:9b:a7:24:2e:
fa:cd:47:0b:be:ac:b5:8e:b6:fb:37:27:a0:27:6b:2d:a7:4d:
f7:98:2f:25:00:61:7a:7c:10:e6:c1:ac:37:26:57:b4:f5:13:
ce:bc:5b:ee:12:80:ef:52:20:e5:65:f5:a8:23:d4:e9:2d:83:
a8:66:2d:e0:20:19:9f:f5:8a:de:30:d9:68:1d:25:73:ed:7b:
83:02:b9:2d:05:09:0f:37:7f:2c:16:42:7c:c0:88:ee:4d:c2:
5f:0f:71:15:ae:cf:cb:f4:02:6e:1f:e0:3f:7e:b5:75:42:66:
92:83:b4:d9:51:29:12:df:19:7c:dd:2d:93:4a:ac:ab:67:ec:
e3:d4:6e:1b:f1:36:09:8c:71:93:0d:9b:3a:c5:d4:f7:93:ab:
12:cf:a9:d6:9b:88:50:cb:4d:4c:94:4c:44:c8:35:ca:2a:e3:
b3:0e:59:f8:7e:1d:ab:64:3b:27:7b:39:4e:dc:28:3b:08:57:
74:2a:a0:03:bd:d4:01:7a:42:22:c6:a9:18:c6:ba:65:61:c9:
bb:65:c5:b9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY+SFCjrfHF8lmtaDvXbJutjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNTE5MTgxOTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTIxZDFjZWEyNGNlMGUwZTUyY2NlMGQ0MzRmZjgwYmFlMzJlNTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6UPIfbOofLYsH+rltChdXGeis+cU
tRaY/v1+v8sbjjas/MVGKBTaUMMqGnFX3G38IjlGMgdcoqB4duMVdkf2m/UYcpno
Qa0grH8wSicI/i+f2WPt1H/dxBGVfDW0GBvNzCmtNi/VzAdIKWoLrZS+e3CEnBkV
gOVFZso49vcfPUCPPZmaYMVkp8DXXKEo7G735ti0gnv7MD+q+uzaPGe4e2pBYkzo
Tg2S5nk3mpPFkg7CDbrMPFvBJGVgjukiU9kZ8IK3IB0COp/qYvqSZrJEA8qp14JI
zWq5prHnv4KPwWEVzZSGjjOaGGHd5WFZ5ybLBEU2N9SLDEIBRcsAnbGYTQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGEh0c6iTODg5SzODUNP+AuuMuVtMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWVNIUnpxSk00T0RsTE00TlEwXzRDNjR5NVcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAGH
MA0GCSqGSIb3DQEBCwUAA4IBAQBb/fGJLtuxDH+pGruh5utfsEWU5BW8NU+o+nsl
3+yRhK5aL9yB4o9RypOlskD4kzHjY5unJC76zUcLvqy1jrb7NyegJ2stp033mC8l
AGF6fBDmwaw3Jle09RPOvFvuEoDvUiDlZfWoI9TpLYOoZi3gIBmf9YreMNloHSVz
7XuDArktBQkPN38sFkJ8wIjuTcJfD3EVrs/L9AJuH+A/frV1QmaSg7TZUSkS3xl8
3S2TSqyrZ+zj1G4b8TYJjHGTDZs6xdT3k6sSz6nWm4hQy01MlExEyDXKKuOzDln4
fh2rZDsnezlO3Cg7CFd0KqADvdQBekIixqkYxrplYcm7ZcW5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:33 2024 by rpki-client on console-fra.rpki-client.org