Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/YYqaCk512oRDH5gpgM5I2CmeAwI.roa
File: YYqaCk512oRDH5gpgM5I2CmeAwI.roa (raw, json)
Hash identifier: Zp8/oPA/kFBI7JzG3YOk/YG/mjSo3wVT1l5hPXGwsy8=
Subject key identifier: 61:8A:9A:0A:4E:75:DA:84:43:1F:98:29:80:CE:48:D8:29:9E:03:02
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 0195F0F6EFB2816499303B659625B4F83CCC
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/YYqaCk512oRDH5gpgM5I2CmeAwI.roa
Signing time: Tue 01 Apr 2025 10:47:49 +0000
ROA not before: Tue 01 Apr 2025 10:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a0b:3e00::/29 maxlen: 29
2a0c:8340::/29 maxlen: 29
2a13:b840::/29 maxlen: 29
2a13:ddc0::/29 maxlen: 29
2a14:35c0::/29 maxlen: 29
2a14:5840::/29 maxlen: 29
2a14:72c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 01 Apr 2025 17:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f0:f6:ef:b2:81:64:99:30:3b:65:96:25:b4:f8:3c:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Apr 1 10:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=618a9a0a4e75da84431f982980ce48d8299e0302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1e:17:79:08:7d:90:8c:c8:6c:1c:48:d3:e1:
52:52:87:e8:b0:a9:3c:cb:8a:6b:6f:27:14:ed:de:
5b:94:f4:bc:c2:ab:d2:59:a4:b7:ec:8e:fb:7d:f7:
32:05:50:41:62:cd:54:fa:10:70:91:37:2a:3c:55:
ae:25:a5:93:87:c2:df:83:78:69:5c:55:e8:87:d9:
d6:33:fb:4f:86:3c:69:4e:43:73:c5:11:c1:6a:a0:
d8:e2:23:61:0b:24:aa:3b:b1:99:0b:e9:a2:7c:ba:
71:b5:61:c9:97:6a:52:50:82:33:17:3a:32:90:a3:
26:48:9f:66:27:25:d4:1a:e3:88:4d:4a:78:63:93:
56:60:63:3e:fe:e3:31:52:95:64:1f:98:81:aa:f2:
a8:3f:7b:04:58:88:19:f5:37:23:0e:95:97:7d:c7:
83:b1:a6:d1:06:90:9d:82:1f:8f:e8:c0:a7:16:15:
00:44:d1:6a:1a:7c:6c:95:8d:eb:21:0c:ef:fb:5d:
56:6a:79:9c:da:78:73:42:ff:98:2e:fb:fe:14:6d:
24:2d:c3:a0:13:c9:28:0e:2b:23:ae:02:b0:73:cc:
e9:23:08:55:ed:5a:0d:a5:25:ec:f9:9b:91:87:33:
0e:da:b7:de:fc:e9:ca:5f:fe:dd:36:99:bd:3c:5b:
0e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:8A:9A:0A:4E:75:DA:84:43:1F:98:29:80:CE:48:D8:29:9E:03:02
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/YYqaCk512oRDH5gpgM5I2CmeAwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:3e00::/29
2a0c:8340::/29
2a13:b840::/29
2a13:ddc0::/29
2a14:35c0::/29
2a14:5840::/29
2a14:72c0::/29
Signature Algorithm: sha256WithRSAEncryption
9a:fe:22:c5:fc:3d:14:5c:a7:56:22:e2:18:06:a6:da:bd:ff:
b4:06:14:9d:54:1e:d7:04:83:a6:e1:11:4c:c5:74:a2:24:2a:
a8:0b:29:02:f9:66:50:8e:29:b2:ce:cc:17:13:b8:60:93:d4:
36:57:e7:29:79:4d:8d:26:8b:95:28:dd:2d:50:e4:a8:5b:a8:
65:49:bb:c4:ac:51:e1:c1:c4:73:b0:8b:5c:4b:d1:98:9e:ec:
cc:6a:eb:fd:14:d7:73:19:14:dc:fa:97:72:ef:40:6d:ac:b2:
91:ea:92:92:09:90:ca:e5:4e:e5:68:33:9b:41:0a:c5:3e:13:
b1:f8:c2:62:7f:77:62:d5:52:f0:a9:a5:b0:43:22:f4:c2:dc:
f3:f3:69:37:02:9d:b3:1f:52:dc:16:a3:a9:d6:ba:67:ca:c5:
60:3b:e1:d7:51:53:d4:b1:d0:05:06:4f:e2:41:09:32:1f:bb:
ea:17:b1:9a:4c:52:8f:75:5a:ef:3e:ee:6f:36:bd:57:59:6b:
e8:16:2b:0a:b9:22:8d:fd:88:f9:cc:95:20:18:df:0a:df:60:
73:b7:6a:e3:d5:68:84:4c:13:bd:59:8d:29:16:24:bf:90:0c:
0c:85:b7:39:ff:82:e5:b4:3b:78:8c:48:16:83:1c:21:97:ce:
d0:58:9f:73
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZXw9u+ygWSZMDtlliW0+DzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwNDAxMTA0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MThhOWEwYTRlNzVkYTg0NDMxZjk4Mjk4MGNlNDhkODI5OWUwMzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh4XeQh9kIzIbBxI0+FSUofosKk8
y4prbycU7d5blPS8wqvSWaS37I77ffcyBVBBYs1U+hBwkTcqPFWuJaWTh8Lfg3hp
XFXoh9nWM/tPhjxpTkNzxRHBaqDY4iNhCySqO7GZC+mifLpxtWHJl2pSUIIzFzoy
kKMmSJ9mJyXUGuOITUp4Y5NWYGM+/uMxUpVkH5iBqvKoP3sEWIgZ9TcjDpWXfceD
sabRBpCdgh+P6MCnFhUARNFqGnxslY3rIQzv+11Wanmc2nhzQv+YLvv+FG0kLcOg
E8koDisjrgKwc8zpIwhV7VoNpSXs+ZuRhzMO2rfe/OnKX/7dNpm9PFsOnwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFGGKmgpOddqEQx+YKYDOSNgpngMCMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvWVlxYUNrNTEyb1JESDVncGdNNUkyQ21lQXdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKgs+AAMF
AyoMg0ADBQMqE7hAAwUDKhPdwAMFAyoUNcADBQMqFFhAAwUDKhRywDANBgkqhkiG
9w0BAQsFAAOCAQEAmv4ixfw9FFynViLiGAam2r3/tAYUnVQe1wSDpuERTMV0oiQq
qAspAvlmUI4pss7MFxO4YJPUNlfnKXlNjSaLlSjdLVDkqFuoZUm7xKxR4cHEc7CL
XEvRmJ7szGrr/RTXcxkU3PqXcu9AbayykeqSkgmQyuVO5Wgzm0EKxT4TsfjCYn93
YtVS8KmlsEMi9MLc8/NpNwKdsx9S3Bajqda6Z8rFYDvh11FT1LHQBQZP4kEJMh+7
6hexmkxSj3Va7z7ubza9V1lr6BYrCrkijf2I+cyVIBjfCt9gc7dq49VohEwTvVmN
KRYkv5AMDIW3Of+C5bQ7eIxIFoMcIZfO0Fifcw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:57:51 2025 by rpki-client