Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/yP1oyMWws2gcuWD-3LdfPVjjZ2s.roa
File: yP1oyMWws2gcuWD-3LdfPVjjZ2s.roa (raw, json)
Hash identifier: dfpqKFtjTXPhAPEfWQf2xmkVcfZY0O9I7jXq/F0pxM4=
Subject key identifier: C8:FD:68:C8:C5:B0:B3:68:1C:B9:60:FE:DC:B7:5F:3D:58:E3:67:6B
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 018D6E963D16E8BD9B49577D3CD5E976DA86
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/yP1oyMWws2gcuWD-3LdfPVjjZ2s.roa
Signing time: Sat 03 Feb 2024 10:49:16 +0000
ROA not before: Sat 03 Feb 2024 10:49:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60721
IP address blocks: 2a0b:a280::/29 maxlen: 29
2a0b:a280::/32 maxlen: 32
2a0b:a281::/32 maxlen: 32
2a0b:a282::/32 maxlen: 32
2a0b:a283::/32 maxlen: 32
2a0b:a284::/32 maxlen: 32
2a0b:a285::/32 maxlen: 32
2a0b:a286::/32 maxlen: 32
2a0b:a287::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 08 Feb 2024 18:53:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6e:96:3d:16:e8:bd:9b:49:57:7d:3c:d5:e9:76:da:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Feb 3 10:49:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8fd68c8c5b0b3681cb960fedcb75f3d58e3676b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c7:58:25:e0:3b:48:f5:e2:ee:37:de:3b:2b:
f2:84:8e:f4:be:e6:ab:5a:43:08:55:c1:97:ee:c1:
54:e2:e1:3a:d5:1e:c8:1d:f3:b4:64:7d:d7:0e:76:
5d:14:d5:4c:46:f6:5b:67:5f:51:f3:be:8c:60:d1:
0b:98:a3:b4:10:80:ce:06:15:2e:ca:be:de:be:3a:
08:18:e1:a2:8d:37:73:7a:fe:fa:2e:39:6a:1a:e4:
01:0e:6c:8d:c2:8b:d1:07:77:a2:c0:db:e4:d4:66:
f1:8d:cf:d7:de:88:04:0f:72:8c:ef:46:de:f5:08:
21:12:ca:50:ff:4e:eb:1f:10:ec:40:10:bd:27:6c:
c8:16:eb:52:a2:cf:d4:ce:e2:cf:ca:40:15:28:01:
a7:26:4a:8a:f4:ec:57:94:f8:bd:63:59:fe:d5:ca:
7e:0b:6d:7b:7f:9d:b3:7c:56:1e:c4:c2:e8:24:80:
a5:2b:4b:09:77:7c:c1:bc:cf:6a:24:10:bc:ae:5a:
f6:b0:22:7d:49:4e:c7:4d:e5:ae:df:31:b5:e0:f5:
a5:63:ac:16:aa:f4:9f:70:bf:ac:b6:2b:1d:a1:9b:
5c:53:58:a0:8e:ef:21:75:1a:c8:36:89:f3:ac:0e:
58:1f:d4:87:37:7e:5c:4d:26:76:27:5d:6f:6d:fa:
9c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:FD:68:C8:C5:B0:B3:68:1C:B9:60:FE:DC:B7:5F:3D:58:E3:67:6B
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/yP1oyMWws2gcuWD-3LdfPVjjZ2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:a280::/29
Signature Algorithm: sha256WithRSAEncryption
81:11:a9:04:0b:dc:15:4b:78:69:1d:32:b5:53:73:4a:51:5e:
8f:eb:19:87:47:91:d9:83:1a:14:cf:95:63:73:6e:86:22:c2:
05:4a:77:89:cf:ff:e1:1b:41:0c:47:53:0c:f0:bf:72:af:c1:
78:b1:e3:a0:48:41:e3:04:85:d8:ac:ae:6e:79:0e:ae:4b:28:
46:7c:f1:bf:4f:d4:d6:98:45:5a:47:e8:e2:6b:85:fc:76:88:
a9:a9:9a:bc:9b:c3:de:87:76:01:13:29:e4:c5:6a:2f:9d:0f:
e7:e0:1c:95:03:b4:6e:b2:e0:83:64:77:a4:a4:eb:c7:03:77:
a2:03:8d:90:f1:02:c3:7e:4b:e8:b2:86:d7:df:4f:13:69:b3:
24:84:87:a9:4c:16:e6:fd:a5:73:fc:07:4c:05:1d:35:94:21:
9c:02:18:c2:e1:7e:42:17:4b:f8:8c:00:80:13:ca:8b:6d:65:
71:76:12:93:bd:ca:ed:6d:61:39:ca:d8:9b:ee:21:d1:4b:ca:
8d:33:57:48:73:f4:16:ce:bc:98:56:9d:5b:08:51:a0:c7:27:
ae:ee:cf:e8:74:10:b1:bc:5d:28:9d:3f:45:e7:4c:19:1f:de:
0d:b0:9d:8b:84:18:99:41:b0:ff:86:3a:99:40:c1:99:4b:88:
01:27:4c:58
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY1ulj0W6L2bSVd9PNXpdtqGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjQwMjAzMTA0OTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGZkNjhjOGM1YjBiMzY4MWNiOTYwZmVkY2I3NWYzZDU4ZTM2NzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsdYJeA7SPXi7jfeOyvyhI70vuar
WkMIVcGX7sFU4uE61R7IHfO0ZH3XDnZdFNVMRvZbZ19R876MYNELmKO0EIDOBhUu
yr7evjoIGOGijTdzev76LjlqGuQBDmyNwovRB3eiwNvk1Gbxjc/X3ogED3KM70be
9QghEspQ/07rHxDsQBC9J2zIFutSos/UzuLPykAVKAGnJkqK9OxXlPi9Y1n+1cp+
C217f52zfFYexMLoJIClK0sJd3zBvM9qJBC8rlr2sCJ9SU7HTeWu3zG14PWlY6wW
qvSfcL+stisdoZtcU1igju8hdRrINonzrA5YH9SHN35cTSZ2J11vbfqcJwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMj9aMjFsLNoHLlg/ty3Xz1Y42drMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEveVAxb3lNV3dzMmdjdVdELTNMZGZQVmpqWjJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKguigDAN
BgkqhkiG9w0BAQsFAAOCAQEAgRGpBAvcFUt4aR0ytVNzSlFej+sZh0eR2YMaFM+V
Y3NuhiLCBUp3ic//4RtBDEdTDPC/cq/BeLHjoEhB4wSF2KyubnkOrksoRnzxv0/U
1phFWkfo4muF/HaIqamavJvD3od2ARMp5MVqL50P5+AclQO0brLgg2R3pKTrxwN3
ogONkPECw35L6LKG199PE2mzJISHqUwW5v2lc/wHTAUdNZQhnAIYwuF+QhdL+IwA
gBPKi21lcXYSk73K7W1hOcrYm+4h0UvKjTNXSHP0Fs68mFadWwhRoMcnru7P6HQQ
sbxdKJ0/RedMGR/eDbCdi4QYmUGw/4Y6mUDBmUuIASdMWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:30 2024 by rpki-client on console-fra.rpki-client.org