Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/yDtMiDkGXNhBfkIvwO7Z86syhhM.roa
File: yDtMiDkGXNhBfkIvwO7Z86syhhM.roa (raw, json)
Hash identifier: oYtYavAblbfM+8iO5LmAFL76XFCXK4XXSrXK4vFHpCA=
Subject key identifier: C8:3B:4C:88:39:06:5C:D8:41:7E:42:2F:C0:EE:D9:F3:AB:32:86:13
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 01927DD08C11C123F932892779CFB6B4DD4A
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/yDtMiDkGXNhBfkIvwO7Z86syhhM.roa
Signing time: Fri 11 Oct 2024 23:01:12 +0000
ROA not before: Fri 11 Oct 2024 23:01:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57271
IP address blocks: 2a0d:b9c2::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 25 Oct 2024 10:32:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:d0:8c:11:c1:23:f9:32:89:27:79:cf:b6:b4:dd:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Oct 11 23:01:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c83b4c8839065cd8417e422fc0eed9f3ab328613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c8:ae:26:51:d5:48:1a:46:22:20:55:f3:c4:
38:9b:42:89:e0:a6:5c:e6:ff:e4:db:50:9f:a5:0b:
a2:51:5f:ad:d8:0a:ee:57:44:5a:5c:5f:12:29:85:
0b:45:ab:e9:c4:50:4e:01:3f:b8:3b:d1:d6:5d:94:
e7:c7:fe:63:aa:4d:35:0d:98:57:9f:fa:f5:5e:6d:
cf:55:9d:47:aa:de:ab:1b:35:28:87:8c:2d:aa:b8:
44:60:1f:39:0e:f3:0c:5a:f3:20:55:00:03:d7:2e:
3d:c4:0c:ee:ce:4b:1b:6c:91:49:ef:42:1b:83:86:
84:e7:b2:3c:c5:38:42:28:a5:31:bf:4e:94:17:5b:
c3:0e:42:51:5c:1c:9b:03:6b:45:79:8b:ed:4b:7a:
e8:fe:b7:18:61:60:d6:47:66:f0:75:3c:ff:20:74:
3e:9c:a7:cb:23:39:b9:ba:12:17:a8:7a:e9:84:ca:
a8:1a:28:e8:e6:18:32:ae:11:a6:f8:b8:5e:ab:a1:
f7:e3:e4:de:14:9c:d8:a7:99:5e:eb:2a:2e:8c:32:
a0:1b:7d:1c:fe:32:47:dc:89:52:8f:04:3b:17:29:
21:41:12:ce:71:7c:42:77:a8:bc:3f:34:fa:57:e2:
82:7e:c9:9c:46:a7:11:8b:18:d6:b6:e2:14:bf:4e:
31:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:3B:4C:88:39:06:5C:D8:41:7E:42:2F:C0:EE:D9:F3:AB:32:86:13
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/yDtMiDkGXNhBfkIvwO7Z86syhhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b9c2::/32
Signature Algorithm: sha256WithRSAEncryption
44:a6:c9:a0:19:25:25:b1:47:5b:13:ba:2d:ce:70:cc:85:66:
eb:4f:b9:83:4c:12:e8:5d:c8:2e:ea:7f:f9:9b:ac:2e:e7:20:
86:d1:9d:b0:f2:3c:02:98:62:6c:ce:59:79:00:43:e0:42:36:
5d:7a:32:5c:25:e9:94:ad:f7:95:db:55:9b:74:e5:0d:14:37:
54:51:f6:e9:f4:72:e4:47:f9:fc:77:f3:36:6b:29:60:8b:f5:
ec:44:cc:95:28:ab:9e:8d:a6:fd:8e:12:d2:2a:57:3d:4f:ed:
f8:2c:a1:c1:91:c7:10:91:97:9b:c0:5d:fc:63:a3:53:e3:a1:
5c:84:29:17:bc:e7:55:b0:8a:b7:fd:4f:03:09:29:5b:09:bd:
4f:e8:19:f0:93:50:4a:ec:2c:d5:d6:45:d5:85:1a:8f:98:45:
ae:df:6c:4f:6b:67:5c:10:8d:1e:6d:bd:30:0d:9a:21:31:d0:
ea:2e:27:7c:e8:3a:3a:07:8b:1b:d6:d6:a2:45:de:4a:de:24:
ba:de:b8:2e:94:2e:b9:02:73:3e:da:e0:9f:ca:15:62:2c:ee:
69:e5:e4:85:7f:a3:d6:6a:c0:56:59:89:ac:27:72:d3:e1:df:
ec:bd:7a:e8:2f:c0:3e:4b:13:06:09:7a:96:0c:55:80:69:bd:
c8:b0:89:6c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZJ90IwRwSP5Moknec+2tN1KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjQxMDExMjMwMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODNiNGM4ODM5MDY1Y2Q4NDE3ZTQyMmZjMGVlZDlmM2FiMzI4NjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsiuJlHVSBpGIiBV88Q4m0KJ4KZc
5v/k21CfpQuiUV+t2AruV0RaXF8SKYULRavpxFBOAT+4O9HWXZTnx/5jqk01DZhX
n/r1Xm3PVZ1Hqt6rGzUoh4wtqrhEYB85DvMMWvMgVQAD1y49xAzuzksbbJFJ70Ib
g4aE57I8xThCKKUxv06UF1vDDkJRXBybA2tFeYvtS3ro/rcYYWDWR2bwdTz/IHQ+
nKfLIzm5uhIXqHrphMqoGijo5hgyrhGm+Lheq6H34+TeFJzYp5le6youjDKgG30c
/jJH3IlSjwQ7FykhQRLOcXxCd6i8PzT6V+KCfsmcRqcRixjWtuIUv04xHwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMg7TIg5BlzYQX5CL8Du2fOrMoYTMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEveUR0TWlEa0dYTmhCZmtJdndPN1o4NnN5aGhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg25wjAN
BgkqhkiG9w0BAQsFAAOCAQEARKbJoBklJbFHWxO6Lc5wzIVm60+5g0wS6F3ILup/
+ZusLucghtGdsPI8AphibM5ZeQBD4EI2XXoyXCXplK33ldtVm3TlDRQ3VFH26fRy
5Ef5/HfzNmspYIv17ETMlSirno2m/Y4S0ipXPU/t+CyhwZHHEJGXm8Bd/GOjU+Oh
XIQpF7znVbCKt/1PAwkpWwm9T+gZ8JNQSuws1dZF1YUaj5hFrt9sT2tnXBCNHm29
MA2aITHQ6i4nfOg6OgeLG9bWokXeSt4kut64LpQuuQJzPtrgn8oVYizuaeXkhX+j
1mrAVlmJrCdy0+Hf7L166C/APksTBgl6lgxVgGm9yLCJbA==
-----END CERTIFICATE-----
Generated at Fri Oct 25 13:41:49 2024 by rpki-client on console-fra.rpki-client.org