Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/yLZc-qeNikoILSW0WqebEgDFUaI.roa
File: yLZc-qeNikoILSW0WqebEgDFUaI.roa (raw, json)
Hash identifier: fyU5gH2qFglmeOhjB7ETy/2/qJDPHL047g55G+VtSLo=
Subject key identifier: C8:B6:5C:FA:A7:8D:8A:4A:08:2D:25:B4:5A:A7:9B:12:00:C5:51:A2
Certificate issuer: /CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Certificate serial: 018CC726FCE2DF300CE831909EAFEAFA332D
Authority key identifier: 36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/yLZc-qeNikoILSW0WqebEgDFUaI.roa
Signing time: Mon 01 Jan 2024 22:31:10 +0000
ROA not before: Mon 01 Jan 2024 22:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208024
IP address blocks: 2a0c:2f07:72::/48 maxlen: 48
2a0c:2f07:73::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 01 Mar 2024 12:32:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:fc:e2:df:30:0c:e8:31:90:9e:af:ea:fa:33:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Validity
Not Before: Jan 1 22:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8b65cfaa78d8a4a082d25b45aa79b1200c551a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:49:b1:51:ea:f4:07:7e:8a:0b:90:a0:96:b9:
93:04:34:6c:af:ef:4c:63:08:ba:20:3e:5e:3b:5e:
01:9c:e8:ad:cd:f9:24:2f:70:90:09:b1:f4:fe:30:
f2:39:df:24:b1:9c:eb:91:61:7c:df:5b:67:d5:c0:
4e:43:ae:8e:66:d5:e9:78:ae:1f:82:f8:e7:9b:1b:
26:2b:64:43:60:b0:e1:cd:86:5b:1f:b8:fc:a8:6a:
47:96:17:89:75:11:4e:5f:fa:60:34:86:63:b5:5b:
ab:8f:ff:1d:84:c5:85:b7:d8:2f:3f:49:5a:5e:2d:
a5:ad:2c:17:25:c1:f6:1b:73:7d:69:ad:37:15:5c:
98:d2:2e:44:85:86:ca:ed:07:0e:45:c4:ab:c8:ae:
58:dc:b0:72:91:9f:8f:99:bb:6e:55:35:f1:5d:84:
b1:91:4e:c1:70:61:a3:cf:a4:e0:43:be:01:ff:b1:
2c:9d:52:a4:11:9c:2b:3d:b3:d5:12:21:4b:c4:60:
bd:0f:07:6c:81:12:46:14:b6:8f:c0:24:65:9c:f4:
3c:49:f4:3a:3e:29:0d:4d:c7:55:87:a1:b3:d1:9f:
f5:98:2d:7b:72:49:6a:22:4c:e8:0d:6a:7b:a6:24:
43:54:df:06:cb:4a:f3:22:08:60:86:f9:8c:a6:16:
51:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B6:5C:FA:A7:8D:8A:4A:08:2D:25:B4:5A:A7:9B:12:00:C5:51:A2
X509v3 Authority Key Identifier:
keyid:36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/yLZc-qeNikoILSW0WqebEgDFUaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/NpHSlQFF3OrADAyk61NtkoZ7ONM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:2f07:72::/47
Signature Algorithm: sha256WithRSAEncryption
a1:d0:42:d7:9c:0a:a1:c4:12:7d:9f:cd:5d:70:e6:2b:57:e2:
6f:3d:9a:20:a3:6f:cb:22:81:78:b2:fe:ac:d8:0e:8f:20:44:
98:13:14:12:14:0e:43:00:e9:a2:da:59:b9:68:52:df:84:13:
73:2d:0d:50:a6:ea:1a:08:97:6c:c3:3b:ef:0c:f8:26:ba:0d:
62:f0:8a:7a:8d:ef:08:90:d8:bf:2d:42:35:4e:63:bc:b4:74:
b3:1a:6c:f9:ff:10:96:a2:aa:94:ac:7f:12:46:1b:6c:ec:b9:
8a:c3:ee:02:92:f0:2b:fb:d8:ed:95:77:cb:7f:88:ab:95:25:
aa:c4:02:01:e1:03:23:0e:dd:ef:84:40:d6:41:3c:02:2a:e6:
32:12:81:a4:26:2c:a6:59:e0:2c:23:ee:0c:5b:b1:fe:3f:c1:
0b:ad:4b:a4:b3:2b:6a:a7:bc:44:d2:ab:dd:3a:97:ed:de:4c:
e2:83:a9:a1:5b:ac:0b:85:ea:e5:c3:dc:16:bf:dc:8d:5c:6a:
10:cc:bd:12:0e:3f:4f:8a:b9:20:7f:ca:70:8e:cc:30:99:b7:
b1:31:98:c2:b8:37:9f:ef:40:44:01:90:3e:ac:de:d4:bd:62:
33:a3:59:ac:96:f2:fe:3f:ae:0d:68:a1:b0:f9:bb:2f:44:24:
5f:02:8b:6b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHJvzi3zAM6DGQnq/q+jMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTFkMjk1MDE0NWRjZWFjMDBjMGNhNGViNTM2ZDkyODY3
YjM4ZDMwHhcNMjQwMTAxMjIzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGI2NWNmYWE3OGQ4YTRhMDgyZDI1YjQ1YWE3OWIxMjAwYzU1MWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0mxUer0B36KC5CglrmTBDRsr+9M
Ywi6ID5eO14BnOitzfkkL3CQCbH0/jDyOd8ksZzrkWF831tn1cBOQ66OZtXpeK4f
gvjnmxsmK2RDYLDhzYZbH7j8qGpHlheJdRFOX/pgNIZjtVurj/8dhMWFt9gvP0la
Xi2lrSwXJcH2G3N9aa03FVyY0i5EhYbK7QcORcSryK5Y3LBykZ+PmbtuVTXxXYSx
kU7BcGGjz6TgQ74B/7EsnVKkEZwrPbPVEiFLxGC9DwdsgRJGFLaPwCRlnPQ8SfQ6
PikNTcdVh6Gz0Z/1mC17cklqIkzoDWp7piRDVN8Gy0rzIghghvmMphZRjwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMi2XPqnjYpKCC0ltFqnmxIAxVGiMB8GA1UdIwQY
MBaAFDaR0pUBRdzqwAwMpOtTbZKGezjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEt
MWRlYzQwNTg0ODA2LzEveUxaYy1xZU5pa29JTFNXMFdxZWJFZ0RGVWFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEtMWRlYzQwNTg0ODA2
LzEvTnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKgwvBwBy
MA0GCSqGSIb3DQEBCwUAA4IBAQCh0ELXnAqhxBJ9n81dcOYrV+JvPZogo2/LIoF4
sv6s2A6PIESYExQSFA5DAOmi2lm5aFLfhBNzLQ1QpuoaCJdswzvvDPgmug1i8Ip6
je8IkNi/LUI1TmO8tHSzGmz5/xCWoqqUrH8SRhts7LmKw+4CkvAr+9jtlXfLf4ir
lSWqxAIB4QMjDt3vhEDWQTwCKuYyEoGkJiymWeAsI+4MW7H+P8ELrUuksytqp7xE
0qvdOpft3kzig6mhW6wLherlw9wWv9yNXGoQzL0SDj9Pirkgf8pwjswwmbexMZjC
uDef70BEAZA+rN7UvWIzo1mslvL+P64NaKGw+bsvRCRfAotr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:42 2024 by rpki-client on console-ams.rpki-client.org