Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/YMhNn4_IYptH38cqZC-snAc36sY.roa
File: YMhNn4_IYptH38cqZC-snAc36sY.roa (raw, json)
Hash identifier: lZZ0wjh7fiY+dT4RaOtfvVy22ywmq4ck8UXi7skRlEE=
Subject key identifier: 60:C8:4D:9F:8F:C8:62:9B:47:DF:C7:2A:64:2F:AC:9C:07:37:EA:C6
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 018E9918D492C8A3468D13EBE44C252FA735
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/YMhNn4_IYptH38cqZC-snAc36sY.roa
Signing time: Mon 01 Apr 2024 09:58:45 +0000
ROA not before: Mon 01 Apr 2024 09:58:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215256
IP address blocks: 2a12:3fc5::/36 maxlen: 36
2a12:3fc5:1000::/36 maxlen: 36
2a12:3fc5:2000::/36 maxlen: 36
2a12:3fc5:3000::/36 maxlen: 36
2a12:3fc5:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 13 Apr 2024 13:53:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:99:18:d4:92:c8:a3:46:8d:13:eb:e4:4c:25:2f:a7:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Apr 1 09:58:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60c84d9f8fc8629b47dfc72a642fac9c0737eac6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:dd:b2:e1:1f:3d:1e:76:f8:92:1c:5b:46:b1:
d3:15:a8:6e:9f:5a:bd:ae:06:61:91:d1:f7:6a:c5:
6e:09:2a:7a:54:f6:9f:a0:34:41:cf:c4:98:27:98:
d1:55:18:6c:e2:ad:6f:98:c6:6c:77:5d:da:8f:12:
cd:aa:bc:aa:b3:09:4d:72:40:27:df:f7:5d:87:64:
e1:15:00:6a:b1:75:06:38:88:fa:71:8b:c8:27:b3:
94:c6:42:d2:6e:8d:72:75:59:5a:27:eb:45:d2:4b:
6d:6f:fa:7f:65:bb:78:22:4b:38:df:19:53:27:09:
00:4c:03:5c:90:05:c7:0c:7c:6e:f5:8e:d0:38:2d:
60:a4:f2:be:1a:8c:38:f7:6f:2a:7c:c4:59:08:31:
e4:d0:71:ec:5b:fd:e0:45:e8:bb:63:c6:b7:43:64:
06:1d:df:bf:41:9d:3e:8c:5a:98:02:fa:8e:7c:93:
14:f1:0b:5a:c1:48:87:b5:ad:3d:9a:ff:64:b3:ef:
ca:c3:af:2b:58:e7:b7:6c:bb:97:03:68:c9:0a:01:
de:51:a1:4f:c1:83:2b:b0:85:e0:5e:2a:78:6d:22:
19:f2:5e:a9:bb:61:04:a2:cd:0e:ae:ef:0a:ef:54:
a3:ff:6e:29:91:5a:f4:e0:84:17:f6:21:f7:5e:10:
bd:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:C8:4D:9F:8F:C8:62:9B:47:DF:C7:2A:64:2F:AC:9C:07:37:EA:C6
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/YMhNn4_IYptH38cqZC-snAc36sY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc5::/34
2a12:3fc5:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
63:ed:69:fd:eb:db:b3:be:ad:00:8f:a2:f0:09:cb:ab:88:14:
36:7e:6c:7e:e1:e8:07:e1:f9:2d:58:44:52:77:34:8a:73:fa:
09:17:3c:6e:72:c0:92:5b:74:07:ef:6f:a2:bc:d2:5d:eb:b0:
0d:02:fb:3f:ae:35:1d:e0:c1:30:aa:93:4d:1b:d8:d9:a1:19:
60:7b:c4:4e:ef:01:19:25:3d:93:01:c9:2b:03:09:50:fd:a7:
b4:eb:fa:79:00:8e:48:04:22:2e:2e:5c:b6:79:58:ab:9f:ac:
f6:4d:9f:a4:e1:1f:a0:0c:92:49:63:35:6b:6d:1a:a7:15:51:
ad:5e:70:ba:63:b9:d9:d4:f3:35:25:06:a5:90:69:95:2a:1e:
1c:98:ab:b8:8e:c4:b7:61:f6:3a:12:5f:8f:d9:4a:57:ee:3e:
2a:80:e3:82:75:79:dc:0c:09:fc:8d:a2:19:ff:86:a1:88:de:
b0:25:90:5f:30:a3:20:5e:7c:1e:5a:28:53:5d:92:58:6f:a0:
30:b0:8a:c2:fe:dc:0c:67:cf:01:1d:43:a5:7d:f1:5e:9e:5f:
d3:d7:59:97:17:80:34:c6:3f:2f:6d:36:ec:68:79:e9:0c:a7:
9c:81:f1:9f:26:12:2c:1a:72:ec:14:77:d9:26:60:5e:a4:6f:
ba:36:ac:59
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAY6ZGNSSyKNGjRPr5EwlL6c1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjQwNDAxMDk1ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGM4NGQ5ZjhmYzg2MjliNDdkZmM3MmE2NDJmYWM5YzA3MzdlYWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhN2y4R89Hnb4khxbRrHTFahun1q9
rgZhkdH3asVuCSp6VPafoDRBz8SYJ5jRVRhs4q1vmMZsd13ajxLNqryqswlNckAn
3/ddh2ThFQBqsXUGOIj6cYvIJ7OUxkLSbo1ydVlaJ+tF0kttb/p/Zbt4Iks43xlT
JwkATANckAXHDHxu9Y7QOC1gpPK+Gow4928qfMRZCDHk0HHsW/3gRei7Y8a3Q2QG
Hd+/QZ0+jFqYAvqOfJMU8QtawUiHta09mv9ks+/Kw68rWOe3bLuXA2jJCgHeUaFP
wYMrsIXgXip4bSIZ8l6pu2EEos0Oru8K71Sj/24pkVr04IQX9iH3XhC9RwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFGDITZ+PyGKbR9/HKmQvrJwHN+rGMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvWU1oTm40X0lZcHRIMzhjcVpDLXNuQWMzNnNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYGKhI/xQAD
BwAqEj/F//8wDQYJKoZIhvcNAQELBQADggEBAGPtaf3r27O+rQCPovAJy6uIFDZ+
bH7h6Afh+S1YRFJ3NIpz+gkXPG5ywJJbdAfvb6K80l3rsA0C+z+uNR3gwTCqk00b
2NmhGWB7xE7vARklPZMBySsDCVD9p7Tr+nkAjkgEIi4uXLZ5WKufrPZNn6ThH6AM
kkljNWttGqcVUa1ecLpjudnU8zUlBqWQaZUqHhyYq7iOxLdh9joSX4/ZSlfuPiqA
44J1edwMCfyNohn/hqGI3rAlkF8woyBefB5aKFNdklhvoDCwisL+3AxnzwEdQ6V9
8V6eX9PXWZcXgDTGPy9tNuxoeekMp5yB8Z8mEiwacuwUd9kmYF6kb7o2rFk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:41 2025 by rpki-client