Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YZT34cvooISaBWMPPKl9u6pZTG0.roa
File: YZT34cvooISaBWMPPKl9u6pZTG0.roa (raw, json)
Hash identifier: 4yxaGsGg92QqcwERXhk5nzm92KFQ1XhRziNoIyG1hvU=
Subject key identifier: 61:94:F7:E1:CB:E8:A0:84:9A:05:63:0F:3C:A9:7D:BB:AA:59:4C:6D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E81EB0D8B048EFF32DBA777A16DD70
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YZT34cvooISaBWMPPKl9u6pZTG0.roa
Signing time: Mon 02 Jan 2023 05:15:38 +0000
ROA not before: Mon 02 Jan 2023 05:15:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212888
IP address blocks: 2a0e:b107:c00::/48 maxlen: 48
2a0e:b107:c02::/48 maxlen: 48
2a0e:b107:c01::/48 maxlen: 48
2a0e:b107:c03::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 19 Jan 2023 08:22:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:1e:b0:d8:b0:48:ef:f3:2d:ba:77:7a:16:dd:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6194f7e1cbe8a0849a05630f3ca97dbbaa594c6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6e:9c:a7:4c:2d:82:83:f8:22:4f:5f:f0:57:
f0:8d:0c:60:35:4a:24:7e:e6:2d:2c:31:fd:b1:a8:
a4:1d:34:a5:f4:06:b3:29:a4:b8:0d:fe:bc:f0:26:
ce:36:3e:7f:86:30:21:eb:47:ab:6d:8c:77:f8:44:
f8:77:e2:ba:c8:6a:2c:3f:ae:38:18:29:39:68:b1:
44:3d:6f:ad:a4:58:19:d4:4b:04:ab:03:ef:9d:a7:
b8:1f:06:ec:69:ca:a8:b4:06:79:59:bc:9d:b5:19:
a3:5e:0c:d4:c9:7a:80:69:23:6f:72:44:a4:52:b2:
30:a3:3a:da:3c:a6:b8:14:c8:45:67:f2:ed:b3:d2:
8f:61:59:c2:59:3a:e7:43:f5:4b:9f:32:26:78:57:
21:e2:75:d1:ec:1c:c5:90:d2:30:46:30:9a:6f:0d:
e9:5c:bf:e2:51:79:dc:02:fe:fb:a9:15:f0:d2:66:
2d:a6:fc:f6:d4:b3:34:cc:5c:be:a5:ce:8b:ba:e9:
4d:7f:12:57:37:44:e5:82:4c:d3:02:06:96:f3:49:
75:63:83:b2:03:d5:bf:8f:b9:a0:04:c9:c5:aa:3e:
29:07:f3:e9:d1:66:1e:3f:e0:eb:53:9d:30:fc:65:
14:04:36:f8:8b:01:75:4e:23:40:3d:cf:6d:7d:a5:
ab:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:94:F7:E1:CB:E8:A0:84:9A:05:63:0F:3C:A9:7D:BB:AA:59:4C:6D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YZT34cvooISaBWMPPKl9u6pZTG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:c00::/46
Signature Algorithm: sha256WithRSAEncryption
9c:db:53:34:00:41:83:8f:cf:c0:9f:bb:b1:65:59:54:09:ec:
2c:d5:51:6a:8a:91:31:da:0c:20:f1:0d:f9:80:2c:09:ca:80:
26:25:1a:bd:f5:c5:c0:54:bd:e6:db:2c:26:26:c5:12:dc:17:
40:8e:29:3e:96:71:5b:79:d3:b8:64:39:23:b4:27:98:d3:9c:
59:90:70:05:70:1d:9f:8a:54:0a:40:19:24:56:7b:d7:9c:cd:
c3:49:14:da:93:75:09:d9:c7:18:60:cb:42:63:21:32:1b:0a:
5a:47:20:94:ed:40:7c:6e:f8:10:33:7d:a6:9d:c2:4c:fe:62:
df:86:3c:e1:c9:13:37:8d:62:16:bb:83:db:06:b1:eb:97:0a:
e2:6a:f4:32:7f:d7:c8:8a:e2:ef:6c:8c:8b:c2:4c:05:99:71:
84:74:8e:03:e8:7d:82:3d:ec:75:80:72:8d:af:f9:ad:61:7e:
d8:4e:18:a4:ca:49:d6:d8:59:f3:6d:af:59:bb:ed:6b:8e:53:
4a:c0:35:98:0e:7c:c0:f6:fb:56:f3:be:66:1f:41:b2:6d:db:
13:ab:93:17:cd:d0:fc:23:ff:a6:6b:55:34:cd:5a:5c:56:9a:
a4:c6:8a:fb:22:0b:f2:63:80:20:fc:ea:d1:0c:ff:cd:58:03:
96:11:2c:34
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw6B6w2LBI7/Mtund6Ft1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTk0ZjdlMWNiZThhMDg0OWEwNTYzMGYzY2E5N2RiYmFhNTk0YzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtm6cp0wtgoP4Ik9f8FfwjQxgNUok
fuYtLDH9saikHTSl9AazKaS4Df688CbONj5/hjAh60erbYx3+ET4d+K6yGosP644
GCk5aLFEPW+tpFgZ1EsEqwPvnae4HwbsacqotAZ5WbydtRmjXgzUyXqAaSNvckSk
UrIwozraPKa4FMhFZ/Lts9KPYVnCWTrnQ/VLnzImeFch4nXR7BzFkNIwRjCabw3p
XL/iUXncAv77qRXw0mYtpvz21LM0zFy+pc6LuulNfxJXN0TlgkzTAgaW80l1Y4Oy
A9W/j7mgBMnFqj4pB/Pp0WYeP+DrU50w/GUUBDb4iwF1TiNAPc9tfaWrOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGGU9+HL6KCEmgVjDzypfbuqWUxtMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWVpUMzRjdm9vSVNhQldNUFBLbDl1NnBaVEcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKg6xBwwA
MA0GCSqGSIb3DQEBCwUAA4IBAQCc21M0AEGDj8/An7uxZVlUCews1VFqipEx2gwg
8Q35gCwJyoAmJRq99cXAVL3m2ywmJsUS3BdAjik+lnFbedO4ZDkjtCeY05xZkHAF
cB2filQKQBkkVnvXnM3DSRTak3UJ2ccYYMtCYyEyGwpaRyCU7UB8bvgQM32mncJM
/mLfhjzhyRM3jWIWu4PbBrHrlwriavQyf9fIiuLvbIyLwkwFmXGEdI4D6H2CPex1
gHKNr/mtYX7YThikyknW2Fnzba9Zu+1rjlNKwDWYDnzA9vtW875mH0GybdsTq5MX
zdD8I/+ma1U0zVpcVpqkxor7IgvyY4Ag/OrRDP/NWAOWESw0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:33 2024 by rpki-client on console-fra.rpki-client.org