Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4aa5a7-8bec-4247-a15f-5a3612352b37/1/yil-i8cAnOl5qnTClU7qPnqdIuU.roa
File: yil-i8cAnOl5qnTClU7qPnqdIuU.roa (raw, json)
Hash identifier: EymTDlfA1ToaMHTTSx0gGlKgcMeq9SrJOmk8zxrHtBY=
Subject key identifier: CA:29:7E:8B:C7:00:9C:E9:79:AA:74:C2:95:4E:EA:3E:7A:9D:22:E5
Certificate issuer: /CN=b360f0097be481c21bb1d51c85d44f6574158aa9
Certificate serial: 018D87D6C456BB36A9C61C78C04DBC71B420
Authority key identifier: B3:60:F0:09:7B:E4:81:C2:1B:B1:D5:1C:85:D4:4F:65:74:15:8A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s2DwCXvkgcIbsdUchdRPZXQViqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/4aa5a7-8bec-4247-a15f-5a3612352b37/1/yil-i8cAnOl5qnTClU7qPnqdIuU.roa
Signing time: Thu 08 Feb 2024 08:30:15 +0000
ROA not before: Thu 08 Feb 2024 08:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a14:2a00:100::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:87:d6:c4:56:bb:36:a9:c6:1c:78:c0:4d:bc:71:b4:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b360f0097be481c21bb1d51c85d44f6574158aa9
Validity
Not Before: Feb 8 08:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca297e8bc7009ce979aa74c2954eea3e7a9d22e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:91:d4:43:a8:c5:18:a1:9b:24:d3:48:3a:be:
fc:67:fe:e0:e4:51:48:f7:55:2b:99:26:0e:18:cd:
26:18:9c:c0:ef:5e:ba:20:02:80:15:70:9d:74:df:
7f:69:63:15:59:41:21:71:a2:98:f8:a7:89:1c:1a:
f2:17:e4:1c:80:66:40:f3:63:12:f3:75:84:1a:b7:
06:c9:45:b4:5f:7e:a4:e9:72:19:8a:52:22:04:49:
05:61:2e:ee:a8:1f:3f:ed:53:d2:80:7e:51:92:ee:
9f:a5:86:72:06:2d:38:ad:fe:0b:7d:7c:f1:73:8d:
71:9e:0c:94:4e:bd:ce:39:29:c4:ee:60:59:f6:f3:
fb:e9:a4:da:61:85:0a:8c:14:3c:19:bf:e6:22:eb:
bd:85:80:59:c0:36:02:73:bd:7c:ed:81:e8:7d:41:
1b:de:81:4c:41:0f:c3:a1:00:54:00:a1:b4:6a:65:
d2:33:31:11:cb:90:a0:02:b9:8e:1f:32:0c:e0:9c:
76:bc:7b:7c:4f:6e:28:2a:dc:86:f6:b8:d1:2e:4a:
e4:d7:4d:3a:66:ca:c9:fb:ba:98:c9:3f:4e:f0:4d:
20:f4:a1:8c:b0:3f:36:c4:e4:b2:cb:4f:c9:82:78:
74:08:1e:0e:58:26:90:9f:63:c5:23:09:35:25:c6:
0f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:29:7E:8B:C7:00:9C:E9:79:AA:74:C2:95:4E:EA:3E:7A:9D:22:E5
X509v3 Authority Key Identifier:
keyid:B3:60:F0:09:7B:E4:81:C2:1B:B1:D5:1C:85:D4:4F:65:74:15:8A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s2DwCXvkgcIbsdUchdRPZXQViqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4aa5a7-8bec-4247-a15f-5a3612352b37/1/yil-i8cAnOl5qnTClU7qPnqdIuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4aa5a7-8bec-4247-a15f-5a3612352b37/1/s2DwCXvkgcIbsdUchdRPZXQViqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:2a00:100::/40
Signature Algorithm: sha256WithRSAEncryption
72:09:3a:be:eb:da:1d:c7:18:bd:7d:b2:0d:cc:6e:2d:d6:9b:
dd:4a:4d:69:67:64:6b:b1:cc:92:e1:fc:04:a2:7a:de:a6:27:
85:a9:49:90:2f:27:c3:8a:93:d4:78:ee:e1:2a:ab:ea:a5:ad:
8c:7f:77:75:a4:36:48:98:1b:de:0d:d3:82:da:37:c3:29:17:
ac:02:f2:56:36:0a:77:01:2b:4a:72:bf:5a:43:cd:46:17:34:
fc:15:c0:ef:89:7e:56:9c:ca:f3:09:8a:4d:81:a4:1f:aa:2e:
c8:d8:0c:a4:98:83:17:35:b0:68:60:d9:c9:a8:cd:c8:31:e4:
5f:c9:d9:d7:cd:bf:95:c1:24:b9:ef:d0:1f:7e:a2:8b:37:e2:
4f:14:69:3a:ea:23:91:80:a4:9e:4a:be:b4:48:49:e5:96:4d:
16:75:ae:28:6f:b8:bd:ff:28:c6:c4:7c:62:5d:cb:c6:21:c3:
c9:72:8a:bb:59:4e:77:c6:69:fb:30:0f:9d:c2:2a:59:83:b0:
f7:33:22:22:f6:32:bd:2a:7d:98:5a:d6:e4:a1:3b:fc:9b:a9:
07:b7:2e:f1:f8:37:c1:23:0f:c3:3d:86:75:64:bb:a5:ab:dd:
ca:63:76:e5:a1:80:b3:86:7e:28:fc:54:04:b1:5c:84:21:e1:
8c:6f:4a:bb
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAY2H1sRWuzapxhx4wE28cbQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNjBmMDA5N2JlNDgxYzIxYmIxZDUxYzg1ZDQ0ZjY1NzQx
NThhYTkwHhcNMjQwMjA4MDgzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTI5N2U4YmM3MDA5Y2U5NzlhYTc0YzI5NTRlZWEzZTdhOWQyMmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5HUQ6jFGKGbJNNIOr78Z/7g5FFI
91UrmSYOGM0mGJzA7166IAKAFXCddN9/aWMVWUEhcaKY+KeJHBryF+QcgGZA82MS
83WEGrcGyUW0X36k6XIZilIiBEkFYS7uqB8/7VPSgH5Rku6fpYZyBi04rf4LfXzx
c41xngyUTr3OOSnE7mBZ9vP76aTaYYUKjBQ8Gb/mIuu9hYBZwDYCc7187YHofUEb
3oFMQQ/DoQBUAKG0amXSMzERy5CgArmOHzIM4Jx2vHt8T24oKtyG9rjRLkrk1006
ZsrJ+7qYyT9O8E0g9KGMsD82xOSyy0/Jgnh0CB4OWCaQn2PFIwk1JcYP9QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMopfovHAJzpeap0wpVO6j56nSLlMB8GA1UdIwQY
MBaAFLNg8Al75IHCG7HVHIXUT2V0FYqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczJEd0NYdmtnY0lic2RVY2hkUlBaWFFWaXFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80YWE1YTctOGJlYy00MjQ3LWExNWYt
NWEzNjEyMzUyYjM3LzEveWlsLWk4Y0FuT2w1cW5UQ2xVN3FQbnFkSXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80YWE1YTctOGJlYy00MjQ3LWExNWYtNWEzNjEyMzUyYjM3
LzEvczJEd0NYdmtnY0lic2RVY2hkUlBaWFFWaXFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhQqAAEw
DQYJKoZIhvcNAQELBQADggEBAHIJOr7r2h3HGL19sg3Mbi3Wm91KTWlnZGuxzJLh
/ASiet6mJ4WpSZAvJ8OKk9R47uEqq+qlrYx/d3WkNkiYG94N04LaN8MpF6wC8lY2
CncBK0pyv1pDzUYXNPwVwO+JflacyvMJik2BpB+qLsjYDKSYgxc1sGhg2cmozcgx
5F/J2dfNv5XBJLnv0B9+oos34k8UaTrqI5GApJ5KvrRISeWWTRZ1rihvuL3/KMbE
fGJdy8Yhw8lyirtZTnfGafswD53CKlmDsPczIiL2Mr0qfZha1uShO/ybqQe3LvH4
N8EjD8M9hnVku6Wr3cpjduWhgLOGfij8VASxXIQh4YxvSrs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:48:02 2025 by rpki-client