Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YitOU3i5iExtdpbl1cV4T8slY0M.roa
File: YitOU3i5iExtdpbl1cV4T8slY0M.roa (raw, json)
Hash identifier: iyOwegGs860snHwWL8xcQI+Rv2dxqKI/4Ldqqm+jNuk=
Subject key identifier: 62:2B:4E:53:78:B9:88:4C:6D:76:96:E5:D5:C5:78:4F:CB:25:63:43
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48B025F1DCE0E1F244B7E628C47D38D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YitOU3i5iExtdpbl1cV4T8slY0M.roa
Signing time: Tue 24 Jan 2023 16:09:53 +0000
ROA not before: Tue 24 Jan 2023 16:09:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212267
IP address blocks: 2a0e:b107:50::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8b:02:5f:1d:ce:0e:1f:24:4b:7e:62:8c:47:d3:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=622b4e5378b9884c6d7696e5d5c5784fcb256343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b3:cb:b9:bc:e3:49:d5:04:3a:cf:0e:9f:bc:
65:bb:37:33:2c:2d:65:93:68:18:da:d6:f8:e5:34:
c0:e8:15:d8:8c:b6:65:3e:f5:8d:aa:94:19:de:81:
ae:2d:b0:f2:8c:5a:03:21:76:a2:48:95:48:10:fe:
39:7c:97:b9:f1:e1:c3:65:9b:74:5d:5e:5e:74:a4:
ad:0a:14:94:e3:ad:e8:c4:c2:fe:90:3d:e5:fd:bf:
b3:72:b6:01:e4:03:7c:e2:9b:80:de:3c:87:2e:64:
b9:36:fe:bc:20:e6:06:07:0d:27:2e:1b:9c:d1:af:
a1:82:27:23:51:1b:9d:cd:ef:73:79:9f:0e:c5:d5:
6c:99:f9:e1:22:56:4e:b0:4f:b4:2f:33:6c:f6:cb:
bd:6c:90:36:97:cd:51:51:df:48:d6:bf:f1:ab:e8:
7c:40:53:de:9d:c2:e3:b7:e8:a2:6f:22:bf:e9:42:
62:b4:05:41:23:d6:72:a5:07:34:7d:c1:a9:40:d1:
94:af:9e:f5:a3:8e:d1:f2:76:c5:0d:ec:81:55:4b:
33:3e:54:2c:ad:ca:85:dd:a3:b8:dc:2c:e9:00:eb:
45:ce:4e:74:93:64:03:92:8a:b3:55:91:08:d8:4d:
d3:f9:24:a7:65:b3:19:54:fb:86:2a:57:1e:ac:11:
97:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:2B:4E:53:78:B9:88:4C:6D:76:96:E5:D5:C5:78:4F:CB:25:63:43
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YitOU3i5iExtdpbl1cV4T8slY0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:50::/44
Signature Algorithm: sha256WithRSAEncryption
ba:af:67:d8:5c:4a:69:68:63:f6:e7:99:11:7d:31:06:f3:bf:
4a:ee:a7:dd:5b:c4:b8:55:f9:cc:d3:7a:a2:28:29:1a:24:bd:
6e:06:81:e1:c4:5c:de:39:9e:89:0d:0e:81:b5:98:13:27:c2:
b1:4a:db:92:12:aa:82:71:61:ca:9d:4b:77:72:fa:19:42:0b:
d9:9a:c2:7b:18:d1:7e:54:50:bc:50:b1:71:a5:a9:53:31:82:
af:c2:12:5d:ac:23:01:c1:36:ba:34:3d:29:2c:45:6d:fb:a2:
21:2c:bd:53:81:26:e5:aa:56:f8:99:ef:ff:71:12:3c:8d:25:
c6:08:d5:01:1c:61:7a:83:06:36:79:7f:b7:08:56:3e:b0:9a:
ee:c8:76:25:f9:d6:4a:66:bf:63:10:85:ee:21:13:f9:8c:fc:
d2:d6:bb:59:f4:6f:70:5c:50:7e:17:da:0d:f5:01:f4:17:5f:
7b:21:0b:ab:80:8c:82:ca:fd:cc:3a:ab:1a:9b:2a:bb:80:0c:
68:80:4d:7b:46:76:a9:d0:5e:20:9a:8a:5c:83:82:ca:73:47:
ae:e5:1e:40:f2:d1:ee:82:1e:a3:d0:cf:18:34:a2:e2:2b:e0:
a6:1e:50:d7:43:d0:bb:0a:a6:2c:c5:5a:78:33:10:38:2c:53:
32:0c:6b:63
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkiwJfHc4OHyRLfmKMR9ONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjJiNGU1Mzc4Yjk4ODRjNmQ3Njk2ZTVkNWM1Nzg0ZmNiMjU2MzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbPLubzjSdUEOs8On7xluzczLC1l
k2gY2tb45TTA6BXYjLZlPvWNqpQZ3oGuLbDyjFoDIXaiSJVIEP45fJe58eHDZZt0
XV5edKStChSU463oxML+kD3l/b+zcrYB5AN84puA3jyHLmS5Nv68IOYGBw0nLhuc
0a+hgicjURudze9zeZ8OxdVsmfnhIlZOsE+0LzNs9su9bJA2l81RUd9I1r/xq+h8
QFPencLjt+iibyK/6UJitAVBI9ZypQc0fcGpQNGUr571o47R8nbFDeyBVUszPlQs
rcqF3aO43CzpAOtFzk50k2QDkoqzVZEI2E3T+SSnZbMZVPuGKlcerBGXZQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGIrTlN4uYhMbXaW5dXFeE/LJWNDMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWWl0T1UzaTVpRXh0ZHBibDFjVjRUOHNsWTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC6r2fYXEppaGP255kRfTEG879K7qfdW8S4VfnM
03qiKCkaJL1uBoHhxFzeOZ6JDQ6BtZgTJ8KxStuSEqqCcWHKnUt3cvoZQgvZmsJ7
GNF+VFC8ULFxpalTMYKvwhJdrCMBwTa6ND0pLEVt+6IhLL1TgSblqlb4me//cRI8
jSXGCNUBHGF6gwY2eX+3CFY+sJruyHYl+dZKZr9jEIXuIRP5jPzS1rtZ9G9wXFB+
F9oN9QH0F197IQurgIyCyv3MOqsamyq7gAxogE17Rnap0F4gmopcg4LKc0eu5R5A
8tHugh6j0M8YNKLiK+CmHlDXQ9C7CqYsxVp4MxA4LFMyDGtj
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:32 2024 by rpki-client on console-fra.rpki-client.org