Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/cfd488-a25d-439a-bd17-4beb5dff1701/1/yu80PSw4JrU-Kw1-QjW0P9tz55M.roa
File: yu80PSw4JrU-Kw1-QjW0P9tz55M.roa (raw, json)
Hash identifier: j2b3FaxfsJkwHEUSVNZCkJ7yKDldgLEH3nnlUxPmql8=
Subject key identifier: CA:EF:34:3D:2C:38:26:B5:3E:2B:0D:7E:42:35:B4:3F:DB:73:E7:93
Certificate issuer: /CN=ccefffc15a83a38bdda8cfe120c335267dce50f3
Certificate serial: 018C4FAC98FDA28FA2E416A2EF076CFE433D
Authority key identifier: CC:EF:FF:C1:5A:83:A3:8B:DD:A8:CF:E1:20:C3:35:26:7D:CE:50:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zO__wVqDo4vdqM_hIMM1Jn3OUPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/cfd488-a25d-439a-bd17-4beb5dff1701/1/yu80PSw4JrU-Kw1-QjW0P9tz55M.roa
Signing time: Sat 09 Dec 2023 17:42:40 +0000
ROA not before: Sat 09 Dec 2023 17:42:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 2a02:fa8:c800::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4f:ac:98:fd:a2:8f:a2:e4:16:a2:ef:07:6c:fe:43:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccefffc15a83a38bdda8cfe120c335267dce50f3
Validity
Not Before: Dec 9 17:42:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=caef343d2c3826b53e2b0d7e4235b43fdb73e793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ea:a5:09:75:89:fd:a0:ac:e6:89:d2:60:b5:
22:bc:23:fc:5b:86:59:88:96:08:a2:9e:31:cc:67:
75:10:93:bc:07:45:97:da:0e:bd:2d:3b:fd:2a:5c:
c0:5f:21:c5:29:30:6c:29:17:99:bb:ff:27:7a:41:
8a:6b:d0:7a:6d:c6:dc:a5:b9:5a:8b:be:2f:1f:70:
e9:5c:d4:29:12:f1:11:fc:8b:b5:c5:9a:25:78:1f:
4c:85:a8:72:9e:d5:1b:1f:b3:1c:69:25:cd:00:d4:
02:14:d5:b0:56:3a:a8:b4:10:1a:35:72:40:68:9d:
1b:c5:87:8f:9d:da:22:c5:c0:96:f5:f3:80:3f:e1:
25:07:86:c5:d3:64:7d:e7:52:8c:3a:d0:1f:5d:36:
35:81:64:c4:c0:cf:8c:6b:ee:e6:55:e6:ff:26:c1:
90:af:7c:39:e0:ad:a3:4a:a1:8e:46:b0:ee:15:e6:
62:2c:f9:74:39:62:85:fd:ac:c6:de:19:2f:a4:64:
5f:02:31:a1:b0:f2:c0:fe:49:61:f5:8d:ae:11:8e:
63:d7:e0:9d:31:76:61:c5:bb:14:00:46:60:f2:e7:
9c:98:78:bc:61:63:30:bc:e8:78:53:0f:a0:40:28:
ea:3f:b1:c0:df:33:4c:ed:9b:e0:e7:2a:5f:cb:e7:
5c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:EF:34:3D:2C:38:26:B5:3E:2B:0D:7E:42:35:B4:3F:DB:73:E7:93
X509v3 Authority Key Identifier:
keyid:CC:EF:FF:C1:5A:83:A3:8B:DD:A8:CF:E1:20:C3:35:26:7D:CE:50:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zO__wVqDo4vdqM_hIMM1Jn3OUPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/cfd488-a25d-439a-bd17-4beb5dff1701/1/yu80PSw4JrU-Kw1-QjW0P9tz55M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/cfd488-a25d-439a-bd17-4beb5dff1701/1/zO__wVqDo4vdqM_hIMM1Jn3OUPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:fa8:c800::/40
Signature Algorithm: sha256WithRSAEncryption
1c:9a:33:a8:ba:4e:14:a2:28:4b:7d:0d:31:6e:e3:83:70:3a:
eb:b9:0d:6c:d7:ac:01:89:b0:42:38:6e:d7:98:3b:39:c0:3d:
dd:a0:de:b0:77:6c:dd:32:14:cb:6d:22:11:b4:65:06:33:a3:
6f:0e:8d:01:15:dc:58:73:c8:4c:b3:28:8a:fb:76:db:f3:85:
2b:ba:27:76:3c:18:60:42:fa:cb:73:ec:6d:27:4e:5c:d6:85:
8f:57:61:ef:b6:6b:ab:37:6a:f9:85:5a:d9:4a:57:09:29:91:
a8:e5:9f:c4:21:ad:01:f0:28:3a:7c:78:e5:a9:93:b6:36:df:
b3:00:00:ed:bb:cc:61:3e:36:d1:2b:b2:e6:ff:72:14:a9:28:
75:b0:66:9d:e8:55:64:1f:d4:71:91:37:46:b3:aa:90:42:6f:
d9:3f:30:ab:da:5d:5e:09:43:b0:bd:35:99:34:9f:81:38:08:
62:a3:e6:a1:5f:48:e5:aa:0a:a8:49:b1:b1:79:f9:1a:a9:2d:
32:61:c3:b0:60:a0:ba:51:c9:28:e8:13:21:6a:f9:13:6c:03:
e9:a6:6a:10:f5:7a:7f:2e:cc:d7:90:05:bb:fb:2a:80:7c:4b:
0c:fa:5d:54:70:71:98:fc:62:b8:a8:c9:74:39:5e:f1:a4:37:
eb:8c:0c:02
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYxPrJj9oo+i5Bai7wds/kM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZWZmZmMxNWE4M2EzOGJkZGE4Y2ZlMTIwYzMzNTI2N2Rj
ZTUwZjMwHhcNMjMxMjA5MTc0MjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWVmMzQzZDJjMzgyNmI1M2UyYjBkN2U0MjM1YjQzZmRiNzNlNzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+qlCXWJ/aCs5onSYLUivCP8W4ZZ
iJYIop4xzGd1EJO8B0WX2g69LTv9KlzAXyHFKTBsKReZu/8nekGKa9B6bcbcpbla
i74vH3DpXNQpEvER/Iu1xZoleB9MhahyntUbH7McaSXNANQCFNWwVjqotBAaNXJA
aJ0bxYePndoixcCW9fOAP+ElB4bF02R951KMOtAfXTY1gWTEwM+Ma+7mVeb/JsGQ
r3w54K2jSqGORrDuFeZiLPl0OWKF/azG3hkvpGRfAjGhsPLA/klh9Y2uEY5j1+Cd
MXZhxbsUAEZg8uecmHi8YWMwvOh4Uw+gQCjqP7HA3zNM7Zvg5ypfy+dc9wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMrvND0sOCa1PisNfkI1tD/bc+eTMB8GA1UdIwQY
MBaAFMzv/8Fag6OL3ajP4SDDNSZ9zlDzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek9fX3dWcURvNHZkcU1faElNTTFKbjNPVVBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jZmQ0ODgtYTI1ZC00MzlhLWJkMTct
NGJlYjVkZmYxNzAxLzEveXU4MFBTdzRKclUtS3cxLVFqVzBQOXR6NTVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jZmQ0ODgtYTI1ZC00MzlhLWJkMTctNGJlYjVkZmYxNzAx
LzEvek9fX3dWcURvNHZkcU1faElNTTFKbjNPVVBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgIPqMgw
DQYJKoZIhvcNAQELBQADggEBAByaM6i6ThSiKEt9DTFu44NwOuu5DWzXrAGJsEI4
bteYOznAPd2g3rB3bN0yFMttIhG0ZQYzo28OjQEV3FhzyEyzKIr7dtvzhSu6J3Y8
GGBC+stz7G0nTlzWhY9XYe+2a6s3avmFWtlKVwkpkajln8QhrQHwKDp8eOWpk7Y2
37MAAO27zGE+NtErsub/chSpKHWwZp3oVWQf1HGRN0azqpBCb9k/MKvaXV4JQ7C9
NZk0n4E4CGKj5qFfSOWqCqhJsbF5+RqpLTJhw7BgoLpRySjoEyFq+RNsA+mmahD1
en8uzNeQBbv7KoB8Swz6XVRwcZj8YrioyXQ5XvGkN+uMDAI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:05 2024 by rpki-client on console-fra.rpki-client.org