Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/YOsoTjSG31QKLTmF8LzSSj_iZjU.roa
File: YOsoTjSG31QKLTmF8LzSSj_iZjU.roa (raw, json)
Hash identifier: d6goBtQPlee4mhpanCobvtGtkiUn/qfSOFJ8XnET2OU=
Subject key identifier: 60:EB:28:4E:34:86:DF:54:0A:2D:39:85:F0:BC:D2:4A:3F:E2:66:35
Certificate issuer: /CN=38203463eb944b25c65135ca47bdbdab646f3984
Certificate serial: 01856E141BD645231CB425546F551E175C49
Authority key identifier: 38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/YOsoTjSG31QKLTmF8LzSSj_iZjU.roa
Signing time: Sun 01 Jan 2023 16:04:49 +0000
ROA not before: Sun 01 Jan 2023 16:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50389
IP address blocks: 2a00:8860:300::/40 maxlen: 64
2a00:8861:300::/40 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:1b:d6:45:23:1c:b4:25:54:6f:55:1e:17:5c:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38203463eb944b25c65135ca47bdbdab646f3984
Validity
Not Before: Jan 1 16:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60eb284e3486df540a2d3985f0bcd24a3fe26635
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fb:2f:01:b3:78:b2:36:3c:f6:df:05:66:19:
98:3a:1c:51:0d:4e:27:33:b4:0e:74:58:f7:3a:6e:
da:64:70:92:42:c8:de:c3:2a:1f:a0:7e:c0:3f:9a:
09:be:81:1d:2c:c0:89:63:3f:d3:bf:14:c7:e5:76:
45:c3:e3:f3:67:3b:dd:fc:16:c7:6a:1c:76:97:3a:
3c:56:3a:6b:08:03:87:cb:d3:c0:6c:80:6a:7a:98:
6d:86:c0:d9:78:bf:ed:93:7e:39:fb:0d:5d:b5:75:
de:4d:88:4e:88:69:38:8a:31:44:40:97:3f:a2:90:
24:af:05:6a:1f:f8:8b:6f:62:66:d6:10:49:34:e9:
74:d7:8a:5e:f2:a8:86:d2:3d:f6:24:23:2e:8d:5a:
84:a1:6f:14:7a:f6:0a:8a:cc:e8:32:9d:74:72:a2:
99:69:d4:e3:27:20:dc:1d:3d:3a:1d:d8:ff:46:4a:
ed:6e:53:55:30:92:a3:cc:f3:49:7f:11:47:67:eb:
97:24:b3:d2:8e:e6:3a:f9:5f:eb:2d:72:ba:6d:ce:
07:4f:76:bc:68:d2:97:b0:ce:96:d2:7c:ee:c2:03:
f2:e1:2f:01:18:53:fa:4c:59:bb:6f:43:bc:9b:81:
fe:94:65:11:ed:04:ff:93:e1:51:30:54:33:d8:5d:
86:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:EB:28:4E:34:86:DF:54:0A:2D:39:85:F0:BC:D2:4A:3F:E2:66:35
X509v3 Authority Key Identifier:
keyid:38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/YOsoTjSG31QKLTmF8LzSSj_iZjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:8860:300::/40
2a00:8861:300::/40
Signature Algorithm: sha256WithRSAEncryption
54:f6:4b:da:b2:3c:4c:bc:0d:65:66:08:b9:17:77:b9:c0:b8:
8a:40:a3:f8:1d:d5:79:25:34:ac:4d:3e:38:68:ce:28:3d:56:
d2:16:68:3d:0c:de:bf:d2:48:c8:08:d2:ea:55:e3:6a:e8:26:
e8:33:c0:b9:27:4a:2d:4c:80:2b:69:5a:79:5c:51:5c:ed:7d:
10:2d:e0:f2:97:c4:3a:06:8c:10:46:b5:e0:9b:cb:2b:c1:f7:
32:86:00:d8:21:2f:35:27:60:e4:8f:68:f2:3f:88:a2:f4:fa:
27:05:ea:71:01:17:9a:ed:47:53:17:93:23:22:97:06:a7:e7:
c8:71:c6:e2:e6:b0:09:70:e8:ae:29:8c:47:19:81:4a:7b:11:
81:3b:dd:78:38:1f:0d:a8:0c:80:bd:d9:88:9e:43:06:ab:b5:
26:48:e7:e7:23:19:5f:e7:98:24:3f:fe:9f:6b:fb:53:ab:37:
22:ab:5b:a8:38:f6:86:f8:72:f4:ca:0e:4a:e0:1d:cb:c1:81:
85:46:c3:6f:eb:11:9b:32:b5:a5:1e:f5:60:07:7b:ec:2a:79:
9a:d1:67:5e:73:93:80:65:ea:1e:cd:dc:1e:ec:15:cd:e2:38:
0d:33:23:fd:2e:18:fa:ff:7a:83:c2:52:db:03:c8:b0:89:d7:
8c:80:58:3b
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYVuFBvWRSMctCVUb1UeF1xJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjAzNDYzZWI5NDRiMjVjNjUxMzVjYTQ3YmRiZGFiNjQ2
ZjM5ODQwHhcNMjMwMTAxMTYwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGViMjg0ZTM0ODZkZjU0MGEyZDM5ODVmMGJjZDI0YTNmZTI2NjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufsvAbN4sjY89t8FZhmYOhxRDU4n
M7QOdFj3Om7aZHCSQsjewyofoH7AP5oJvoEdLMCJYz/TvxTH5XZFw+PzZzvd/BbH
ahx2lzo8VjprCAOHy9PAbIBqephthsDZeL/tk345+w1dtXXeTYhOiGk4ijFEQJc/
opAkrwVqH/iLb2Jm1hBJNOl014pe8qiG0j32JCMujVqEoW8UevYKiszoMp10cqKZ
adTjJyDcHT06Hdj/RkrtblNVMJKjzPNJfxFHZ+uXJLPSjuY6+V/rLXK6bc4HT3a8
aNKXsM6W0nzuwgPy4S8BGFP6TFm7b0O8m4H+lGUR7QT/k+FRMFQz2F2GmQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFGDrKE40ht9UCi05hfC80ko/4mY1MB8GA1UdIwQY
MBaAFDggNGPrlEslxlE1yke9vatkbzmEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1Nzgt
NTg5MzUxNzliOTg1LzEvWU9zb1RqU0czMVFLTFRtRjhMelNTal9pWmpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1NzgtNTg5MzUxNzliOTg1
LzEvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKgCIYAMD
BgAqAIhhAzANBgkqhkiG9w0BAQsFAAOCAQEAVPZL2rI8TLwNZWYIuRd3ucC4ikCj
+B3VeSU0rE0+OGjOKD1W0hZoPQzev9JIyAjS6lXjaugm6DPAuSdKLUyAK2laeVxR
XO19EC3g8pfEOgaMEEa14JvLK8H3MoYA2CEvNSdg5I9o8j+IovT6JwXqcQEXmu1H
UxeTIyKXBqfnyHHG4uawCXDorimMRxmBSnsRgTvdeDgfDagMgL3ZiJ5DBqu1Jkjn
5yMZX+eYJD/+n2v7U6s3IqtbqDj2hvhy9MoOSuAdy8GBhUbDb+sRmzK1pR71YAd7
7Cp5mtFnXnOTgGXqHs3cHuwVzeI4DTMj/S4Y+v96g8JS2wPIsInXjIBYOw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:26 2024 by rpki-client on console-ams.rpki-client.org