Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/YEYIvHefuOjToIK7Sr58H35L4Pg.roa
File: YEYIvHefuOjToIK7Sr58H35L4Pg.roa (raw, json)
Hash identifier: TMnkPbT0GcrMzaGjfXOlDlDlbhOZfDhr6LDyUDY5xnY=
Subject key identifier: 60:46:08:BC:77:9F:B8:E8:D3:A0:82:BB:4A:BE:7C:1F:7E:4B:E0:F8
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 018EF6143FE161E2BD1BB8D5E5760F1D8FCC
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/YEYIvHefuOjToIK7Sr58H35L4Pg.roa
Signing time: Fri 19 Apr 2024 11:18:25 +0000
ROA not before: Fri 19 Apr 2024 11:18:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a0d:b9c4::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 23 Apr 2024 18:41:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f6:14:3f:e1:61:e2:bd:1b:b8:d5:e5:76:0f:1d:8f:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Apr 19 11:18:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=604608bc779fb8e8d3a082bb4abe7c1f7e4be0f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:08:9d:0c:1f:44:86:c9:48:f2:47:ab:bb:f5:
56:36:16:2f:bb:90:21:89:d0:5c:78:2f:97:42:cf:
b3:6b:43:1f:7f:4c:a2:bc:61:24:64:db:f0:3f:c3:
74:42:67:04:5e:5f:54:bd:ff:b0:6e:09:f9:c3:24:
e1:2e:0f:14:31:4a:27:4a:31:55:3e:1f:4f:1b:74:
08:01:30:e1:05:35:15:22:30:f7:92:b4:14:4f:20:
c9:07:08:57:d3:d8:84:f9:cb:e0:22:7d:a6:d1:f7:
00:35:ac:a5:ff:c7:e0:1a:25:aa:bf:f9:4d:29:63:
8f:e8:1c:66:8f:7b:0d:89:33:14:f0:45:cd:24:2a:
90:de:bc:fd:56:a4:f1:53:7c:2a:a5:20:33:67:1f:
a6:68:3b:12:df:7f:84:d5:55:3d:13:1e:e7:fc:3f:
4f:fa:f7:a3:12:ff:57:18:5c:62:9c:d5:cc:95:8c:
dc:7f:27:76:0c:2c:6e:f4:17:12:97:b9:96:a0:58:
81:21:f7:f2:00:b2:f7:99:9d:23:1c:11:cc:e9:00:
ae:f1:8a:7f:ca:71:1b:02:71:bc:47:e5:51:17:32:
ba:bd:a4:8c:77:b6:03:ba:05:a0:94:c9:31:e5:b7:
1b:ff:8c:ad:b1:e7:a6:e5:24:26:0f:61:7b:9f:fb:
7c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:46:08:BC:77:9F:B8:E8:D3:A0:82:BB:4A:BE:7C:1F:7E:4B:E0:F8
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/YEYIvHefuOjToIK7Sr58H35L4Pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b9c4::/32
Signature Algorithm: sha256WithRSAEncryption
32:ad:c0:2d:f0:be:a9:50:a7:a7:53:a8:5c:9a:6f:7e:91:76:
e1:72:23:3d:2a:2a:b9:1b:fe:55:4f:20:12:a3:8f:77:d8:e2:
2b:a0:1c:e6:01:38:b7:0d:c4:1b:71:14:d7:27:f5:4d:14:4e:
40:36:72:b8:a0:f0:70:a7:aa:1f:8b:49:c8:da:4e:79:1b:d7:
28:9a:fd:6e:ff:02:a8:11:70:dc:b3:06:d3:95:db:5a:c1:70:
81:9b:ac:75:c0:12:f6:8d:56:c2:ba:4a:7a:94:95:e9:2b:8f:
a5:b4:db:e0:71:5e:45:7b:5e:62:2d:e6:3c:7a:d3:30:3a:1b:
87:48:5d:a7:9c:2d:c6:27:8d:60:d7:fe:c4:68:42:5d:68:b9:
b3:b2:77:28:b8:c0:09:76:f2:84:f8:af:fe:33:89:d6:1c:3b:
6d:53:54:73:78:1b:18:41:f5:7b:a3:56:7a:e7:ab:ac:6d:7e:
57:83:01:19:e7:c5:18:50:19:c0:eb:e8:4d:01:67:3f:60:f1:
20:2b:8f:fa:b0:7c:8e:a1:eb:94:51:4b:3a:be:0b:33:36:ec:
96:49:3c:7a:8b:c8:5f:7b:8c:0e:25:2b:59:d7:21:88:06:a6:
95:06:2b:ba:c6:d8:42:47:52:52:ca:fa:9a:13:0b:bd:31:e1:
72:ed:19:72
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY72FD/hYeK9G7jV5XYPHY/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjQwNDE5MTExODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDQ2MDhiYzc3OWZiOGU4ZDNhMDgyYmI0YWJlN2MxZjdlNGJlMGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgidDB9EhslI8keru/VWNhYvu5Ah
idBceC+XQs+za0Mff0yivGEkZNvwP8N0QmcEXl9Uvf+wbgn5wyThLg8UMUonSjFV
Ph9PG3QIATDhBTUVIjD3krQUTyDJBwhX09iE+cvgIn2m0fcANayl/8fgGiWqv/lN
KWOP6Bxmj3sNiTMU8EXNJCqQ3rz9VqTxU3wqpSAzZx+maDsS33+E1VU9Ex7n/D9P
+vejEv9XGFxinNXMlYzcfyd2DCxu9BcSl7mWoFiBIffyALL3mZ0jHBHM6QCu8Yp/
ynEbAnG8R+VRFzK6vaSMd7YDugWglMkx5bcb/4ytseem5SQmD2F7n/t8DwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGBGCLx3n7jo06CCu0q+fB9+S+D4MB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvWUVZSXZIZWZ1T2pUb0lLN1NyNThIMzVMNFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg25xDAN
BgkqhkiG9w0BAQsFAAOCAQEAMq3ALfC+qVCnp1OoXJpvfpF24XIjPSoquRv+VU8g
EqOPd9jiK6Ac5gE4tw3EG3EU1yf1TRROQDZyuKDwcKeqH4tJyNpOeRvXKJr9bv8C
qBFw3LMG05XbWsFwgZusdcAS9o1WwrpKepSV6SuPpbTb4HFeRXteYi3mPHrTMDob
h0hdp5wtxieNYNf+xGhCXWi5s7J3KLjACXbyhPiv/jOJ1hw7bVNUc3gbGEH1e6NW
euerrG1+V4MBGefFGFAZwOvoTQFnP2DxICuP+rB8jqHrlFFLOr4LMzbslkk8eovI
X3uMDiUrWdchiAamlQYrusbYQkdSUsr6mhMLvTHhcu0Zcg==
-----END CERTIFICATE-----
Generated at Tue Apr 23 21:00:44 2024 by rpki-client on console-fra.rpki-client.org