Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/999cf5-812f-4e0a-8ea1-618238b7b942/1/Y3cqm_SKUVIKboDdk96dj-yn9H4.roa
File: Y3cqm_SKUVIKboDdk96dj-yn9H4.roa (raw, json)
Hash identifier: uaXFFykwCZYmndOr2yOXAhu7tu1dDU2+8VDY+HcItis=
Subject key identifier: 63:77:2A:9B:F4:8A:51:52:0A:6E:80:DD:93:DE:9D:8F:EC:A7:F4:7E
Certificate issuer: /CN=b1b34e006765b154f37b6d3484588189511fb200
Certificate serial: 018CC56E0C11B9ADC77525DC7204E574CE6A
Authority key identifier: B1:B3:4E:00:67:65:B1:54:F3:7B:6D:34:84:58:81:89:51:1F:B2:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sbNOAGdlsVTze200hFiBiVEfsgA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/999cf5-812f-4e0a-8ea1-618238b7b942/1/Y3cqm_SKUVIKboDdk96dj-yn9H4.roa
Signing time: Mon 01 Jan 2024 14:29:32 +0000
ROA not before: Mon 01 Jan 2024 14:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13045
IP address blocks: 2001:678:7d4::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:0c:11:b9:ad:c7:75:25:dc:72:04:e5:74:ce:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1b34e006765b154f37b6d3484588189511fb200
Validity
Not Before: Jan 1 14:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63772a9bf48a51520a6e80dd93de9d8feca7f47e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ef:06:1c:58:43:33:a9:9a:ae:37:66:38:ea:
a0:a7:b3:9f:9b:51:bd:79:b2:25:9a:b2:cc:68:81:
f0:1c:da:fb:f6:66:59:e9:60:be:6b:d6:26:a6:b4:
11:73:ba:a2:a3:53:f2:cc:fd:fe:48:5f:df:31:ec:
b5:de:1e:aa:e7:82:99:63:4f:44:e7:6b:5e:11:b7:
05:5d:13:76:9a:6b:b5:20:f5:8b:5d:19:60:23:30:
f8:86:f4:d0:13:b9:e9:79:f4:75:08:39:34:56:93:
6c:3a:20:52:d8:e2:8d:73:b1:92:48:cb:46:04:18:
11:9a:c8:ab:66:4d:9f:1e:f6:ce:91:2b:5c:a8:05:
c6:cc:1d:8d:e2:cc:c4:12:1c:33:e0:16:a7:20:75:
52:f0:23:f3:2e:1b:11:66:c3:b6:37:7e:f7:7c:00:
03:9a:bc:71:a8:87:95:d6:8c:d6:de:f7:f5:b4:54:
4c:fa:c7:b2:40:d8:c5:4f:ca:24:af:8a:0e:06:cf:
b8:05:04:ae:e1:bf:e4:82:cb:41:c1:80:8a:62:d5:
b0:f2:5b:04:6f:d8:b9:c6:65:db:7f:cb:47:af:34:
a4:8a:cc:a8:8f:d3:f8:5f:0b:c8:b5:5c:74:ff:4b:
2a:64:82:9a:24:8f:12:88:9f:8a:c1:9e:94:83:53:
fe:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:77:2A:9B:F4:8A:51:52:0A:6E:80:DD:93:DE:9D:8F:EC:A7:F4:7E
X509v3 Authority Key Identifier:
keyid:B1:B3:4E:00:67:65:B1:54:F3:7B:6D:34:84:58:81:89:51:1F:B2:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sbNOAGdlsVTze200hFiBiVEfsgA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/999cf5-812f-4e0a-8ea1-618238b7b942/1/Y3cqm_SKUVIKboDdk96dj-yn9H4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/999cf5-812f-4e0a-8ea1-618238b7b942/1/sbNOAGdlsVTze200hFiBiVEfsgA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:7d4::/48
Signature Algorithm: sha256WithRSAEncryption
1d:ab:e9:e7:c1:70:bf:db:b7:ec:5e:0d:89:85:62:85:b9:22:
36:e0:7d:1c:4a:7e:ea:0f:05:24:db:fa:79:69:f7:93:ad:b1:
b5:63:3e:9e:6d:9e:4e:d3:63:6b:82:65:4e:03:d1:fe:47:7a:
76:f6:ef:0a:74:25:ec:0e:4e:cf:a7:eb:51:5f:db:17:5e:4e:
d4:d3:61:56:66:9f:ef:e1:a6:02:eb:e0:66:02:19:53:b5:f6:
d7:03:72:66:05:8c:97:cb:e9:63:2d:b9:b7:4b:e9:47:49:ca:
ec:bc:04:13:47:a9:3f:fb:9d:78:9b:82:e8:05:88:7f:3e:b9:
a2:dd:50:2c:72:dc:b5:c8:ed:64:54:cf:d7:8a:ba:ca:4d:16:
50:31:d9:20:93:3d:01:8c:a3:24:ec:63:12:c4:94:01:71:f2:
e5:42:f7:7e:19:c8:23:dc:4c:af:8d:0c:83:65:0b:12:f7:e4:
87:ac:1a:28:d7:30:15:0f:8c:69:32:7a:24:4b:77:d9:2a:68:
de:75:02:fc:35:32:6b:e0:6e:18:1a:21:76:94:c6:40:68:ba:
0d:7a:4f:62:23:2d:47:c1:4e:30:37:48:02:ff:b2:74:eb:22:
ec:9c:04:64:3a:de:35:c8:da:49:5c:bf:3f:6d:42:fb:a7:96:
9f:f9:7a:8f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzFbgwRua3HdSXccgTldM5qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYjM0ZTAwNjc2NWIxNTRmMzdiNmQzNDg0NTg4MTg5NTEx
ZmIyMDAwHhcNMjQwMTAxMTQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mzc3MmE5YmY0OGE1MTUyMGE2ZTgwZGQ5M2RlOWQ4ZmVjYTdmNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjO8GHFhDM6marjdmOOqgp7Ofm1G9
ebIlmrLMaIHwHNr79mZZ6WC+a9YmprQRc7qio1PyzP3+SF/fMey13h6q54KZY09E
52teEbcFXRN2mmu1IPWLXRlgIzD4hvTQE7npefR1CDk0VpNsOiBS2OKNc7GSSMtG
BBgRmsirZk2fHvbOkStcqAXGzB2N4szEEhwz4BanIHVS8CPzLhsRZsO2N373fAAD
mrxxqIeV1ozW3vf1tFRM+seyQNjFT8okr4oOBs+4BQSu4b/kgstBwYCKYtWw8lsE
b9i5xmXbf8tHrzSkisyoj9P4XwvItVx0/0sqZIKaJI8SiJ+KwZ6Ug1P+sQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGN3Kpv0ilFSCm6A3ZPenY/sp/R+MB8GA1UdIwQY
MBaAFLGzTgBnZbFU83ttNIRYgYlRH7IAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2JOT0FHZGxzVlR6ZTIwMGhGaUJpVkVmc2dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy85OTljZjUtODEyZi00ZTBhLThlYTEt
NjE4MjM4YjdiOTQyLzEvWTNjcW1fU0tVVklLYm9EZGs5NmRqLXluOUg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy85OTljZjUtODEyZi00ZTBhLThlYTEtNjE4MjM4YjdiOTQy
LzEvc2JOT0FHZGxzVlR6ZTIwMGhGaUJpVkVmc2dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAfU
MA0GCSqGSIb3DQEBCwUAA4IBAQAdq+nnwXC/27fsXg2JhWKFuSI24H0cSn7qDwUk
2/p5afeTrbG1Yz6ebZ5O02NrgmVOA9H+R3p29u8KdCXsDk7Pp+tRX9sXXk7U02FW
Zp/v4aYC6+BmAhlTtfbXA3JmBYyXy+ljLbm3S+lHScrsvAQTR6k/+514m4LoBYh/
Prmi3VAscty1yO1kVM/XirrKTRZQMdkgkz0BjKMk7GMSxJQBcfLlQvd+Gcgj3Eyv
jQyDZQsS9+SHrBoo1zAVD4xpMnokS3fZKmjedQL8NTJr4G4YGiF2lMZAaLoNek9i
Iy1HwU4wN0gC/7J06yLsnARkOt41yNpJXL8/bUL7p5af+XqP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:20 2025 by rpki-client