Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/YBoI0IatzQzDynh3WgGejHE4oVA.roa
File: YBoI0IatzQzDynh3WgGejHE4oVA.roa (raw, json)
Hash identifier: ZYt19y6BIGIH4FQzIQUnnuBpo3ileTWkXfE7MCYVS4k=
Subject key identifier: 60:1A:08:D0:86:AD:CD:0C:C3:CA:78:77:5A:01:9E:8C:71:38:A1:50
Certificate issuer: /CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Certificate serial: 0192B969E20177A168FBE52FFF98DC2369AD
Authority key identifier: C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/YBoI0IatzQzDynh3WgGejHE4oVA.roa
Signing time: Wed 23 Oct 2024 12:46:16 +0000
ROA not before: Wed 23 Oct 2024 12:46:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215828
IP address blocks: 2a07:2486::/48 maxlen: 48
2a07:2486:1::/48 maxlen: 48
2a07:2486:333::/48 maxlen: 48
2a07:2486:4010::/44 maxlen: 44
2a07:2486:401f::/48 maxlen: 48
2a07:2487::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 26 Oct 2024 19:54:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:69:e2:01:77:a1:68:fb:e5:2f:ff:98:dc:23:69:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Validity
Not Before: Oct 23 12:46:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=601a08d086adcd0cc3ca78775a019e8c7138a150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:57:3f:3f:a4:77:ed:d1:41:9c:7c:38:9e:f4:
68:a1:24:1e:75:f7:8a:3f:aa:5a:55:b7:ae:25:26:
40:4e:85:9b:c3:0f:d6:03:89:8c:09:03:ef:56:2d:
9b:52:be:be:42:7d:d9:e8:70:62:dd:72:ed:9c:ee:
15:38:47:e7:94:16:71:4c:8f:ed:aa:53:fd:17:29:
28:48:70:5b:dd:14:a7:ae:c8:07:e7:ad:71:3e:04:
19:c9:ae:04:61:af:f8:52:9f:55:5b:a7:51:01:3c:
0f:1b:ca:54:3c:19:c2:a3:58:a8:26:a1:8a:4c:b4:
25:6e:c1:4f:0c:4d:f7:c7:27:3d:72:5c:4a:35:50:
cb:ec:cc:8e:d3:ac:04:d1:79:45:ba:90:45:d2:36:
8c:36:1d:43:08:20:b7:71:4e:44:fc:3e:b1:2e:39:
a9:91:6c:f7:a6:a8:cd:d4:3e:f3:92:1b:09:7e:e0:
1c:b9:ed:e3:e0:54:84:60:ca:af:f5:b9:13:1d:db:
1f:aa:33:e0:74:07:3e:e5:f6:a8:53:5f:09:28:bf:
bc:d3:75:42:f3:b2:c2:7e:5e:7b:f8:e2:7c:46:62:
03:42:7f:b6:dc:2d:d9:11:71:20:fa:c3:49:98:00:
26:96:56:90:19:ee:70:61:22:51:cb:8e:9c:bc:b2:
cb:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:1A:08:D0:86:AD:CD:0C:C3:CA:78:77:5A:01:9E:8C:71:38:A1:50
X509v3 Authority Key Identifier:
keyid:C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/YBoI0IatzQzDynh3WgGejHE4oVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2486::/47
2a07:2486:333::/48
2a07:2486:4010::/44
2a07:2487::/32
Signature Algorithm: sha256WithRSAEncryption
47:f0:f2:f5:94:a7:29:f2:2d:08:e2:18:53:ad:6c:d7:04:17:
27:e2:51:78:97:51:9a:51:24:84:d4:d2:bb:65:49:48:ba:2a:
19:93:fe:e4:7d:56:be:3d:12:2d:b5:9e:05:2d:e7:69:2c:b7:
d4:c8:e1:72:92:7b:4e:c3:54:4f:aa:50:20:86:73:a8:8c:15:
06:d5:b3:ab:23:97:90:4b:57:21:61:8f:0a:50:0e:01:bd:b5:
25:04:ce:8e:3b:d1:6f:c0:cf:08:e3:3b:fe:ad:f2:a0:80:f3:
e5:38:c5:dc:c5:d2:83:1c:9e:ab:e3:e0:45:93:cb:f1:5d:91:
ee:64:50:db:60:4b:0b:96:58:6b:e2:3f:98:f3:5c:09:a4:08:
07:03:82:76:dc:e1:28:c5:82:fd:59:84:39:c8:fa:28:29:20:
d5:16:cd:57:50:fd:ae:86:5b:22:49:ce:e4:88:0e:97:e1:db:
92:e4:57:24:ee:39:9c:03:83:c7:f6:98:a7:a9:ae:2e:01:4b:
52:e9:05:55:d3:06:2f:e0:a4:ea:5b:ce:5e:51:07:0a:fd:f5:
7a:4d:1a:2c:f4:e8:69:6e:36:5d:cb:7e:5e:52:68:9a:45:5f:
e9:c0:be:fe:cd:93:c6:d0:c7:fa:93:2a:90:2c:79:63:d6:49:
84:80:6b:b4
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZK5aeIBd6Fo++Uv/5jcI2mtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzZlOGMyMTZmMDVhOWQ5ZTAzMjdmMTIyMmJmMTIxOThh
YmE1ZGEwHhcNMjQxMDIzMTI0NjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDFhMDhkMDg2YWRjZDBjYzNjYTc4Nzc1YTAxOWU4YzcxMzhhMTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlc/P6R37dFBnHw4nvRooSQedfeK
P6paVbeuJSZAToWbww/WA4mMCQPvVi2bUr6+Qn3Z6HBi3XLtnO4VOEfnlBZxTI/t
qlP9FykoSHBb3RSnrsgH561xPgQZya4EYa/4Up9VW6dRATwPG8pUPBnCo1ioJqGK
TLQlbsFPDE33xyc9clxKNVDL7MyO06wE0XlFupBF0jaMNh1DCCC3cU5E/D6xLjmp
kWz3pqjN1D7zkhsJfuAcue3j4FSEYMqv9bkTHdsfqjPgdAc+5faoU18JKL+803VC
87LCfl57+OJ8RmIDQn+23C3ZEXEg+sNJmAAmllaQGe5wYSJRy46cvLLLswIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGAaCNCGrc0Mw8p4d1oBnoxxOKFQMB8GA1UdIwQY
MBaAFMI26MIW8FqdngMn8SIr8SGYq6XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgt
Mzg0ZmZjZTc3ZjUyLzEvWUJvSTBJYXR6UXpEeW5oM1dnR2VqSEU0b1ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgtMzg0ZmZjZTc3ZjUy
LzEvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAAjAiAwcBKgckhgAA
AwcAKgckhgMzAwcEKgckhkAQAwUAKgckhzANBgkqhkiG9w0BAQsFAAOCAQEAR/Dy
9ZSnKfItCOIYU61s1wQXJ+JReJdRmlEkhNTSu2VJSLoqGZP+5H1Wvj0SLbWeBS3n
aSy31MjhcpJ7TsNUT6pQIIZzqIwVBtWzqyOXkEtXIWGPClAOAb21JQTOjjvRb8DP
COM7/q3yoIDz5TjF3MXSgxyeq+PgRZPL8V2R7mRQ22BLC5ZYa+I/mPNcCaQIBwOC
dtzhKMWC/VmEOcj6KCkg1RbNV1D9roZbIknO5IgOl+HbkuRXJO45nAODx/aYp6mu
LgFLUukFVdMGL+Ck6lvOXlEHCv31ek0aLPToaW42Xct+XlJomkVf6cC+/s2TxtDH
+pMqkCx5Y9ZJhIBrtA==
-----END CERTIFICATE-----
Generated at Sat Oct 26 22:53:51 2024 by rpki-client on console-ams.rpki-client.org