Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yl_1bL4j1e1wF8-qL4ri-jMmyyU.roa
File: yl_1bL4j1e1wF8-qL4ri-jMmyyU.roa (raw, json)
Hash identifier: qxqEj7d+XPJjPTscg6b0ha1G36MaV7qb74GGsqGRDj4=
Subject key identifier: CA:5F:F5:6C:BE:23:D5:ED:70:17:CF:AA:2F:8A:E2:FA:33:26:CB:25
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AC354AEA09F42917B44E2BF727912
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yl_1bL4j1e1wF8-qL4ri-jMmyyU.roa
Signing time: Tue 24 Jan 2023 16:09:37 +0000
ROA not before: Tue 24 Jan 2023 16:09:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138211
IP address blocks: 2a0e:b107:6d0::/44 maxlen: 48
2a0e:b107:580::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:c3:54:ae:a0:9f:42:91:7b:44:e2:bf:72:79:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca5ff56cbe23d5ed7017cfaa2f8ae2fa3326cb25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c5:10:4b:37:50:23:bb:de:35:8e:c9:9f:9f:
40:c5:80:1a:d2:ae:2b:a1:ae:6e:70:9c:b6:c6:05:
a7:de:7f:3e:e3:1f:7a:22:f1:f6:8e:d7:8f:8b:4b:
6e:9c:62:7e:04:40:d3:f5:15:dc:e8:25:cf:dc:ee:
f1:e2:13:df:79:6f:c7:05:fd:3d:a8:2f:48:0d:cf:
36:61:db:a4:57:3d:3f:fe:7b:8d:bf:59:0b:1b:54:
3e:26:50:0e:43:2c:21:43:ea:45:3a:a6:42:3c:0e:
81:af:3e:be:78:f0:2b:c2:92:7a:32:85:c3:79:5e:
87:9f:d1:18:42:89:c7:38:da:16:89:66:29:e7:40:
61:10:bc:c9:27:dd:28:af:f2:38:2c:b8:62:4b:37:
75:08:b4:f0:2f:c1:04:72:a1:32:f4:71:e0:50:82:
0f:9a:c4:67:65:db:18:bc:07:38:a5:e1:3e:b2:12:
5b:c2:83:88:3f:05:0d:37:83:fd:53:a8:46:15:d0:
c8:05:5d:fb:2c:a8:29:41:d8:a7:8b:ea:48:e3:8e:
76:d9:72:34:b3:69:9b:98:9d:47:16:71:8f:ea:1a:
19:9a:f4:d0:a7:c0:ff:e1:0c:0f:9a:24:b7:65:4b:
71:0e:de:89:32:23:19:ab:39:f2:fa:d5:6e:15:95:
f7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:5F:F5:6C:BE:23:D5:ED:70:17:CF:AA:2F:8A:E2:FA:33:26:CB:25
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yl_1bL4j1e1wF8-qL4ri-jMmyyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:580::/44
2a0e:b107:6d0::/44
Signature Algorithm: sha256WithRSAEncryption
af:2a:ae:98:c6:77:3a:e5:54:66:30:0e:b5:97:10:55:16:85:
78:45:e3:1c:44:91:5a:f1:a9:27:3d:e1:3e:54:4d:0d:d1:09:
37:8c:bd:8a:18:ec:49:2f:26:dc:e0:7b:23:2c:d1:0a:cb:4f:
3b:c9:52:1d:10:87:7a:1e:c2:06:30:9f:63:d2:10:eb:3e:82:
0c:d1:44:6c:fe:c5:eb:c0:e1:1a:6e:3d:ca:a6:aa:c2:9a:d9:
f6:d5:94:85:a4:44:ee:12:cd:6f:0c:5d:18:80:56:d6:cf:a6:
3e:85:b2:16:5f:9d:5b:dd:75:68:68:bf:1b:fa:9b:5c:23:59:
2f:61:23:c1:f8:63:bd:76:de:fa:a5:25:66:53:10:8d:14:f2:
5e:82:81:7a:2c:ea:f3:b2:d1:dd:45:56:14:75:2d:c2:06:ef:
46:19:a5:c8:f2:fa:bf:95:04:07:d8:72:da:35:52:ad:e2:23:
98:80:6f:70:39:32:eb:f8:ab:e7:d1:53:3e:00:18:d1:ea:98:
6a:f8:d2:d7:4c:d1:33:88:6d:7d:f0:21:76:65:13:bc:f9:23:
e5:f5:59:eb:16:6a:54:be:45:aa:32:67:73:75:e1:a6:8a:b6:
5b:d9:66:90:aa:e1:eb:ae:62:e2:d7:17:2a:92:26:64:cb:77:
77:e2:7d:45
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXkisNUrqCfQpF7ROK/cnkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTVmZjU2Y2JlMjNkNWVkNzAxN2NmYWEyZjhhZTJmYTMzMjZjYjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsUQSzdQI7veNY7Jn59AxYAa0q4r
oa5ucJy2xgWn3n8+4x96IvH2jtePi0tunGJ+BEDT9RXc6CXP3O7x4hPfeW/HBf09
qC9IDc82YdukVz0//nuNv1kLG1Q+JlAOQywhQ+pFOqZCPA6Brz6+ePArwpJ6MoXD
eV6Hn9EYQonHONoWiWYp50BhELzJJ90or/I4LLhiSzd1CLTwL8EEcqEy9HHgUIIP
msRnZdsYvAc4peE+shJbwoOIPwUNN4P9U6hGFdDIBV37LKgpQdini+pI44522XI0
s2mbmJ1HFnGP6hoZmvTQp8D/4QwPmiS3ZUtxDt6JMiMZqzny+tVuFZX31wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMpf9Wy+I9XtcBfPqi+K4vozJsslMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveWxfMWJMNGoxZTF3RjgtcUw0cmktak1teXlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBwWA
AwcEKg6xBwbQMA0GCSqGSIb3DQEBCwUAA4IBAQCvKq6Yxnc65VRmMA61lxBVFoV4
ReMcRJFa8aknPeE+VE0N0Qk3jL2KGOxJLybc4HsjLNEKy087yVIdEId6HsIGMJ9j
0hDrPoIM0URs/sXrwOEabj3KpqrCmtn21ZSFpETuEs1vDF0YgFbWz6Y+hbIWX51b
3XVoaL8b+ptcI1kvYSPB+GO9dt76pSVmUxCNFPJegoF6LOrzstHdRVYUdS3CBu9G
GaXI8vq/lQQH2HLaNVKt4iOYgG9wOTLr+Kvn0VM+ABjR6phq+NLXTNEziG198CF2
ZRO8+SPl9VnrFmpUvkWqMmdzdeGmirZb2WaQquHrrmLi1xcqkiZky3d34n1F
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:40 2024 by rpki-client on console-fra.rpki-client.org