Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/d29730-515a-4bfb-ad55-e038d81b3f97/1/Y6Dt40G1DBswykKSQU7my8WjqNY.roa
File: Y6Dt40G1DBswykKSQU7my8WjqNY.roa (raw, json)
Hash identifier: 6ZtfJrpFQPmN2YlO6yx/f4FUkarMv+WlQ3wrEJYs+PU=
Subject key identifier: 63:A0:ED:E3:41:B5:0C:1B:30:CA:42:92:41:4E:E6:CB:C5:A3:A8:D6
Certificate issuer: /CN=493469544203082d2c3c1ddf0f0bbd90bdc56941
Certificate serial: 018CC492F9B660231C9724B71ECD6A18826B
Authority key identifier: 49:34:69:54:42:03:08:2D:2C:3C:1D:DF:0F:0B:BD:90:BD:C5:69:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STRpVEIDCC0sPB3fDwu9kL3FaUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/d29730-515a-4bfb-ad55-e038d81b3f97/1/Y6Dt40G1DBswykKSQU7my8WjqNY.roa
Signing time: Mon 01 Jan 2024 10:30:15 +0000
ROA not before: Mon 01 Jan 2024 10:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206884
IP address blocks: 2001:678:8f8::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:f9:b6:60:23:1c:97:24:b7:1e:cd:6a:18:82:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=493469544203082d2c3c1ddf0f0bbd90bdc56941
Validity
Not Before: Jan 1 10:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63a0ede341b50c1b30ca4292414ee6cbc5a3a8d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:80:25:63:c8:37:35:e5:c2:0b:46:5f:46:e6:
68:81:b8:72:39:ba:aa:86:a6:02:3b:7d:c3:35:28:
3d:64:95:e4:f9:e6:c7:84:36:a8:f1:4b:4c:7c:e9:
0a:c3:15:58:b6:04:b0:ad:7f:37:1b:d3:8c:7f:0f:
b7:02:51:f3:56:58:90:24:90:64:1a:03:2c:47:80:
77:fc:81:9b:33:66:c4:8f:71:c2:63:cd:49:df:f3:
51:bf:7c:19:ad:92:5e:65:05:88:c6:18:17:4a:fe:
4b:ae:0f:41:2f:db:98:12:25:66:79:d6:43:9f:f4:
77:2d:b7:73:a3:b3:1f:e7:e7:02:c4:e8:ac:a4:26:
37:43:99:ef:e4:fc:a3:e5:84:9f:35:80:79:a8:c2:
69:0b:79:c4:23:21:19:c5:a7:3e:7f:08:bb:e1:26:
ce:29:db:2d:f6:30:99:aa:4e:61:85:27:db:fe:6a:
d9:0d:82:80:54:9e:b2:ef:57:27:9d:ce:4d:d2:81:
08:3a:a3:de:84:d3:b3:b6:d1:57:f1:71:50:4d:be:
f5:0a:48:90:ac:81:ce:61:a4:c1:98:40:34:5a:d9:
2f:b2:a1:c4:88:17:95:c9:82:62:da:60:de:18:21:
18:22:71:1c:54:94:e5:31:29:2e:06:f3:3a:15:4c:
29:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:A0:ED:E3:41:B5:0C:1B:30:CA:42:92:41:4E:E6:CB:C5:A3:A8:D6
X509v3 Authority Key Identifier:
keyid:49:34:69:54:42:03:08:2D:2C:3C:1D:DF:0F:0B:BD:90:BD:C5:69:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STRpVEIDCC0sPB3fDwu9kL3FaUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/d29730-515a-4bfb-ad55-e038d81b3f97/1/Y6Dt40G1DBswykKSQU7my8WjqNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/d29730-515a-4bfb-ad55-e038d81b3f97/1/STRpVEIDCC0sPB3fDwu9kL3FaUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:8f8::/48
Signature Algorithm: sha256WithRSAEncryption
76:0a:3c:56:9e:45:9d:fc:f1:00:8e:e2:69:0e:e5:aa:d6:c2:
95:73:e2:59:e5:a3:42:75:59:79:e7:ec:73:47:df:f9:68:da:
fe:3c:be:cf:d3:3d:61:c7:f2:f8:f6:10:ca:d3:02:4b:e8:66:
03:0c:8f:b8:01:59:c4:3c:e5:98:23:38:a1:0b:de:79:19:83:
79:d3:4e:7f:40:a2:67:42:f6:ac:c8:0f:ee:a0:54:90:1b:ad:
a7:e6:60:43:c6:13:1d:e0:5b:e5:d4:18:43:cc:39:c6:7a:17:
28:ad:06:c8:09:ca:73:74:89:62:37:f7:c4:7f:b5:10:93:e7:
46:f3:00:0b:dc:19:85:84:e4:46:a4:83:a9:d7:c1:d6:97:c7:
08:77:76:a8:ba:5a:58:31:17:bb:78:f2:69:57:3d:e7:ea:2e:
35:74:a9:e0:64:7f:fb:95:91:8a:61:de:da:0a:b4:76:db:e3:
da:61:1a:fa:a9:48:14:f3:77:22:e0:de:38:d7:68:7b:ac:d8:
c4:29:4d:7b:40:1a:ea:86:4b:89:07:b8:95:43:80:e1:bb:62:
cc:3b:99:25:36:98:05:34:c0:ff:cc:c1:4b:35:e0:21:eb:f2:
84:d4:13:78:a7:76:4f:32:4a:ee:b0:d8:33:a0:7b:03:42:e6:
a8:30:50:e2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEkvm2YCMclyS3Hs1qGIJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MzQ2OTU0NDIwMzA4MmQyYzNjMWRkZjBmMGJiZDkwYmRj
NTY5NDEwHhcNMjQwMTAxMTAzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2EwZWRlMzQxYjUwYzFiMzBjYTQyOTI0MTRlZTZjYmM1YTNhOGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIAlY8g3NeXCC0ZfRuZogbhyObqq
hqYCO33DNSg9ZJXk+ebHhDao8UtMfOkKwxVYtgSwrX83G9OMfw+3AlHzVliQJJBk
GgMsR4B3/IGbM2bEj3HCY81J3/NRv3wZrZJeZQWIxhgXSv5Lrg9BL9uYEiVmedZD
n/R3Lbdzo7Mf5+cCxOispCY3Q5nv5Pyj5YSfNYB5qMJpC3nEIyEZxac+fwi74SbO
Kdst9jCZqk5hhSfb/mrZDYKAVJ6y71cnnc5N0oEIOqPehNOzttFX8XFQTb71CkiQ
rIHOYaTBmEA0WtkvsqHEiBeVyYJi2mDeGCEYInEcVJTlMSkuBvM6FUwpbwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGOg7eNBtQwbMMpCkkFO5svFo6jWMB8GA1UdIwQY
MBaAFEk0aVRCAwgtLDwd3w8LvZC9xWlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RScFZFSURDQzBzUEIzZkR3dTlrTDNGYVVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9kMjk3MzAtNTE1YS00YmZiLWFkNTUt
ZTAzOGQ4MWIzZjk3LzEvWTZEdDQwRzFEQnN3eWtLU1FVN215OFdqcU5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9kMjk3MzAtNTE1YS00YmZiLWFkNTUtZTAzOGQ4MWIzZjk3
LzEvU1RScFZFSURDQzBzUEIzZkR3dTlrTDNGYVVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAj4
MA0GCSqGSIb3DQEBCwUAA4IBAQB2CjxWnkWd/PEAjuJpDuWq1sKVc+JZ5aNCdVl5
5+xzR9/5aNr+PL7P0z1hx/L49hDK0wJL6GYDDI+4AVnEPOWYIzihC955GYN5005/
QKJnQvasyA/uoFSQG62n5mBDxhMd4Fvl1BhDzDnGehcorQbICcpzdIliN/fEf7UQ
k+dG8wAL3BmFhORGpIOp18HWl8cId3aoulpYMRe7ePJpVz3n6i41dKngZH/7lZGK
Yd7aCrR22+PaYRr6qUgU83ci4N4412h7rNjEKU17QBrqhkuJB7iVQ4Dhu2LMO5kl
NpgFNMD/zMFLNeAh6/KE1BN4p3ZPMkrusNgzoHsDQuaoMFDi
-----END CERTIFICATE-----
Generated at Wed Apr 16 05:09:03 2025 by rpki-client