Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ytAs-E1B3dWGiGnLALS1HnuLXHU.roa
File: ytAs-E1B3dWGiGnLALS1HnuLXHU.roa (raw, json)
Hash identifier: u1gMc7YemVgWuOxbueZhi/gEmDdj7blTDtbUw/1Qf4c=
Subject key identifier: CA:D0:2C:F8:4D:41:DD:D5:86:88:69:CB:00:B4:B5:1E:7B:8B:5C:75
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0188E84EC8C033860FBA0A2CD89DF8A10294
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ytAs-E1B3dWGiGnLALS1HnuLXHU.roa
Signing time: Fri 23 Jun 2023 12:50:57 +0000
ROA not before: Fri 23 Jun 2023 12:50:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202002
IP address blocks: 2a0e:b107:1d11::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e8:4e:c8:c0:33:86:0f:ba:0a:2c:d8:9d:f8:a1:02:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 23 12:50:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cad02cf84d41ddd5868869cb00b4b51e7b8b5c75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:d2:d5:d6:20:b8:0b:db:c5:0c:66:d8:8d:fe:
a7:da:72:e4:18:63:61:be:2a:e1:31:cd:91:95:b7:
8a:73:0d:aa:52:b1:14:57:a1:fb:43:bc:1c:df:e0:
22:ba:ff:47:84:73:e9:8a:4b:72:e9:ea:e5:91:c7:
06:37:2d:cb:ab:04:0b:b0:19:cb:a9:bc:f0:69:4d:
da:f0:35:fd:0a:d9:76:d0:94:00:33:88:5c:fb:71:
ee:94:1c:0f:5a:60:3d:c6:a8:a1:e0:20:6a:c9:3e:
e7:a1:a3:45:c4:90:eb:2a:b4:55:1b:a8:9f:18:5b:
d4:6b:11:ab:4d:6f:53:a7:dc:3a:ff:23:eb:c7:2c:
5d:db:78:8f:3b:53:9e:3e:55:30:9e:aa:02:6a:7a:
26:2b:ea:fd:70:4a:d7:44:7e:da:7b:88:3e:17:f7:
8a:35:27:69:de:a3:0c:a3:34:f5:04:aa:d3:8b:31:
07:44:0c:68:f7:58:4e:92:a2:ce:54:2d:a6:dc:07:
54:41:0c:6e:e8:5c:db:c9:ca:b2:c0:da:de:b2:06:
aa:d3:8d:3e:93:d9:a5:99:b7:e3:52:99:14:04:14:
49:d4:4f:8b:5d:fb:f2:46:65:ab:0b:cb:95:8a:6b:
3f:1d:a7:34:54:b1:7f:d6:3a:48:7b:8c:86:e3:25:
ee:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D0:2C:F8:4D:41:DD:D5:86:88:69:CB:00:B4:B5:1E:7B:8B:5C:75
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ytAs-E1B3dWGiGnLALS1HnuLXHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1d11::/48
Signature Algorithm: sha256WithRSAEncryption
46:05:78:b5:9e:24:b1:5c:c8:d0:6b:4a:e7:4a:92:c4:14:f8:
cf:95:2b:39:cf:1d:a5:0a:2e:67:a0:f1:57:fe:49:40:e5:47:
de:91:4d:4f:c5:57:cb:38:cf:98:dd:16:f6:e3:85:94:4e:14:
10:60:59:43:8d:38:ef:28:cd:f7:f3:cf:42:1d:46:80:e6:85:
92:ee:43:4a:06:d2:89:74:27:37:ef:82:85:e8:23:86:e5:32:
c1:92:56:ec:a3:80:d2:66:e5:55:43:d5:ca:a4:5c:4e:da:df:
38:60:1d:a3:99:ab:d2:c0:12:b0:5a:a5:fe:2a:6c:14:41:32:
aa:b6:58:63:e7:0d:ff:41:95:1e:5c:e8:51:6f:83:24:43:b8:
a1:e2:f7:60:c7:46:b1:f5:97:e9:0b:ad:7b:15:5e:b9:77:5d:
ea:79:1f:3d:41:19:d1:3f:8d:cf:b1:9f:45:d9:1f:84:aa:e7:
28:bb:85:10:29:42:4f:3d:ce:c4:04:21:4a:67:01:83:e2:ff:
e7:74:f8:57:b2:98:8d:d0:89:0f:52:6e:4d:e0:57:d8:d7:af:
81:5b:94:a2:19:fa:18:b9:e6:14:55:e0:64:08:cb:94:0a:53:
8f:05:c3:ec:f9:9a:fd:b3:e7:76:17:55:d4:94:4b:af:f2:25:
88:27:79:ac
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYjoTsjAM4YPugos2J34oQKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNjIzMTI1MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWQwMmNmODRkNDFkZGQ1ODY4ODY5Y2IwMGI0YjUxZTdiOGI1Yzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8tLV1iC4C9vFDGbYjf6n2nLkGGNh
virhMc2RlbeKcw2qUrEUV6H7Q7wc3+Aiuv9HhHPpikty6erlkccGNy3LqwQLsBnL
qbzwaU3a8DX9Ctl20JQAM4hc+3HulBwPWmA9xqih4CBqyT7noaNFxJDrKrRVG6if
GFvUaxGrTW9Tp9w6/yPrxyxd23iPO1OePlUwnqoCanomK+r9cErXRH7ae4g+F/eK
NSdp3qMMozT1BKrTizEHRAxo91hOkqLOVC2m3AdUQQxu6FzbycqywNresgaq040+
k9mlmbfjUpkUBBRJ1E+LXfvyRmWrC8uVims/Hac0VLF/1jpIe4yG4yXuOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMrQLPhNQd3VhohpywC0tR57i1x1MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveXRBcy1FMUIzZFdHaUduTEFMUzFIbnVMWEhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBx0R
MA0GCSqGSIb3DQEBCwUAA4IBAQBGBXi1niSxXMjQa0rnSpLEFPjPlSs5zx2lCi5n
oPFX/klA5UfekU1PxVfLOM+Y3Rb244WUThQQYFlDjTjvKM33889CHUaA5oWS7kNK
BtKJdCc374KF6COG5TLBklbso4DSZuVVQ9XKpFxO2t84YB2jmavSwBKwWqX+KmwU
QTKqtlhj5w3/QZUeXOhRb4MkQ7ih4vdgx0ax9ZfpC617FV65d13qeR89QRnRP43P
sZ9F2R+Equcou4UQKUJPPc7EBCFKZwGD4v/ndPhXspiN0IkPUm5N4FfY16+BW5Si
GfoYueYUVeBkCMuUClOPBcPs+Zr9s+d2F1XUlEuv8iWIJ3ms
-----END CERTIFICATE-----
Generated at Wed Jul 26 06:49:57 2023 by rpki-client on console-fra.rpki-client.org