Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/yycNpZCzoa72Wc0AZyyv23cqo7k.roa
File: yycNpZCzoa72Wc0AZyyv23cqo7k.roa (raw, json)
Hash identifier: +bq0i6sjUjk/ivejNlj1YofUpbAXlkg479dIaxqaabo=
Subject key identifier: CB:27:0D:A5:90:B3:A1:AE:F6:59:CD:00:67:2C:AF:DB:77:2A:A3:B9
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 0194236A1351E5EAE4489FC40A8A14E80387
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/yycNpZCzoa72Wc0AZyyv23cqo7k.roa
Signing time: Wed 01 Jan 2025 19:49:01 +0000
ROA not before: Wed 01 Jan 2025 19:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.206.2.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 05 Feb 2025 14:51:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:13:51:e5:ea:e4:48:9f:c4:0a:8a:14:e8:03:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Jan 1 19:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb270da590b3a1aef659cd00672cafdb772aa3b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:98:3c:ad:75:53:87:36:4d:5d:80:b4:2b:f0:
5e:e0:48:c3:6d:a6:25:6a:19:60:4a:91:59:12:83:
fb:b4:ba:11:63:13:c1:11:d8:ff:5e:99:c5:63:27:
02:cf:8b:36:a1:f9:35:bf:6d:58:55:2f:a7:a9:95:
16:8c:76:72:a8:5b:c5:ee:14:a4:73:57:d3:1e:8e:
73:0d:8b:ec:e0:1f:e9:a2:09:d2:39:8e:8d:09:36:
83:89:30:88:73:af:95:45:a3:d6:0d:26:d8:fb:de:
e8:ee:87:3f:70:19:a9:da:58:db:84:53:a5:4b:25:
52:5e:05:99:03:a8:31:a6:3c:40:c8:a2:ec:8b:a7:
bb:6e:15:e2:26:7c:d5:32:18:17:75:eb:cc:3a:49:
4f:21:b3:e8:54:86:ce:eb:31:43:0e:84:ac:fd:2c:
7c:85:f4:43:63:aa:19:39:3b:1d:91:cf:4b:d5:ba:
ad:c5:55:42:76:0e:ef:e8:3e:ab:3a:81:7a:6f:a2:
c7:7c:c0:5e:ca:3e:38:60:99:5a:4b:65:b5:24:eb:
03:51:18:fb:a1:05:32:06:ad:72:59:7a:aa:7b:98:
48:79:94:6a:6d:ec:c3:a3:39:70:5e:2a:64:85:1f:
5b:1a:5c:15:23:82:fb:5c:87:26:13:1b:39:71:c9:
3a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:27:0D:A5:90:B3:A1:AE:F6:59:CD:00:67:2C:AF:DB:77:2A:A3:B9
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/yycNpZCzoa72Wc0AZyyv23cqo7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.2.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:be:5c:d2:98:bd:a2:15:11:58:a1:c0:7c:9d:9f:80:a2:4f:
ef:8d:1f:17:6e:bd:c5:b5:c2:b7:64:1d:91:36:14:83:d1:a1:
b4:e2:2b:1f:c5:ab:b8:9d:51:b5:90:e1:bb:22:f7:a7:2e:b2:
fe:f3:99:b1:78:f1:5f:8a:63:03:3a:ff:ea:12:60:53:f4:0e:
26:04:6c:3d:a1:bb:1d:77:dd:7e:a4:8c:fe:72:8b:7b:e2:4a:
b1:51:ad:b2:6e:f3:fa:66:dd:84:c8:da:e9:7d:16:ce:b5:c1:
ea:a5:b5:31:d1:5a:9a:c4:75:ed:48:dc:7e:5a:20:9e:2c:34:
17:f6:0a:35:92:d1:81:9a:c9:82:e0:22:9b:f1:10:15:6b:f8:
60:26:44:48:3a:c5:40:60:4e:50:1b:3e:72:06:39:02:55:17:
84:bc:dc:48:60:fc:a6:80:af:9c:2b:8f:5b:0e:6c:cd:6f:e8:
34:e4:b1:f1:fb:65:1b:91:00:9c:f8:ef:b5:6c:fd:40:4a:7e:
57:fb:6d:fc:63:a0:0c:8c:bf:24:0e:df:eb:c5:ac:b5:93:39:
8d:b8:89:f1:f6:ec:b4:1f:11:df:88:bb:2e:e3:c2:ad:fe:58:
41:ea:77:a9:74:45:cf:40:36:4e:ea:7c:1b:24:14:da:ea:ca:
93:c1:be:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjahNR5erkSJ/ECooU6AOHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjUwMTAxMTk0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjI3MGRhNTkwYjNhMWFlZjY1OWNkMDA2NzJjYWZkYjc3MmFhM2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJg8rXVThzZNXYC0K/Be4EjDbaYl
ahlgSpFZEoP7tLoRYxPBEdj/XpnFYycCz4s2ofk1v21YVS+nqZUWjHZyqFvF7hSk
c1fTHo5zDYvs4B/pognSOY6NCTaDiTCIc6+VRaPWDSbY+97o7oc/cBmp2ljbhFOl
SyVSXgWZA6gxpjxAyKLsi6e7bhXiJnzVMhgXdevMOklPIbPoVIbO6zFDDoSs/Sx8
hfRDY6oZOTsdkc9L1bqtxVVCdg7v6D6rOoF6b6LHfMBeyj44YJlaS2W1JOsDURj7
oQUyBq1yWXqqe5hIeZRqbezDozlwXipkhR9bGlwVI4L7XIcmExs5cck6aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMsnDaWQs6Gu9lnNAGcsr9t3KqO5MB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEveXljTnBaQ3pvYTcyV2MwQVp5eXYyM2NxbzdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUs4CMA0G
CSqGSIb3DQEBCwUAA4IBAQBrvlzSmL2iFRFYocB8nZ+Aok/vjR8Xbr3FtcK3ZB2R
NhSD0aG04isfxau4nVG1kOG7IvenLrL+85mxePFfimMDOv/qEmBT9A4mBGw9obsd
d91+pIz+cot74kqxUa2ybvP6Zt2EyNrpfRbOtcHqpbUx0VqaxHXtSNx+WiCeLDQX
9go1ktGBmsmC4CKb8RAVa/hgJkRIOsVAYE5QGz5yBjkCVReEvNxIYPymgK+cK49b
DmzNb+g05LHx+2UbkQCc+O+1bP1ASn5X+238Y6AMjL8kDt/rxay1kzmNuInx9uy0
HxHfiLsu48Kt/lhB6nepdEXPQDZO6nwbJBTa6sqTwb5d
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:51 2025 by rpki-client