Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/YmMXyGEXsXOb4vyZ-DDl-yotdms.roa
File: YmMXyGEXsXOb4vyZ-DDl-yotdms.roa (raw, json)
Hash identifier: NOaJ4huPVsGIx3X3+tKtnsaGBD+Umq2v4DF3PRoqaOk=
Subject key identifier: 62:63:17:C8:61:17:B1:73:9B:E2:FC:99:F8:30:E5:FB:2A:2D:76:6B
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 0195CF1C3CAEAE7FF227DD3B1D5DBA87E1F7
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/YmMXyGEXsXOb4vyZ-DDl-yotdms.roa
Signing time: Tue 25 Mar 2025 21:01:29 +0000
ROA not before: Tue 25 Mar 2025 21:01:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:3380::/29 maxlen: 29
2a0b:3e00::/29 maxlen: 29
2a0c:8340::/29 maxlen: 29
2a13:b840::/29 maxlen: 29
2a13:ddc0::/29 maxlen: 29
2a14:35c0::/29 maxlen: 29
2a14:5840::/29 maxlen: 29
2a14:72c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 01 Apr 2025 10:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cf:1c:3c:ae:ae:7f:f2:27:dd:3b:1d:5d:ba:87:e1:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Mar 25 21:01:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=626317c86117b1739be2fc99f830e5fb2a2d766b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d3:04:72:a3:9e:f3:a6:85:41:1c:6d:dd:d4:
5a:b0:0b:4d:33:d0:e4:f9:35:55:f9:69:1f:27:72:
db:c1:c6:ff:21:2a:e3:3c:5b:52:42:3a:50:0a:d3:
ea:b2:ca:20:8c:de:f0:93:d8:aa:30:59:d4:11:a6:
1d:d6:7e:d2:3e:6c:57:ab:d8:53:18:df:9b:d8:40:
6c:fc:ed:b2:39:75:cb:2e:e8:ce:30:35:2c:fb:4e:
98:24:50:f9:c2:37:c9:c0:43:cf:21:1f:a4:bd:6d:
c5:f3:45:15:2b:cd:19:d4:ca:d8:4f:c2:45:50:b2:
de:65:f2:c9:f7:2b:b9:12:98:10:5a:2e:f1:b6:af:
96:9c:0d:5c:02:fa:26:d6:f9:98:67:3a:ce:e3:f0:
8a:1f:a1:a9:17:fe:25:e5:cf:67:2a:c1:d4:4c:5c:
05:86:8f:d5:3b:cd:d7:c6:ce:99:7b:4f:86:cc:ba:
7e:2b:88:b5:0d:ff:8c:70:76:16:c5:0b:ed:b5:69:
ae:75:c7:2d:90:ac:8a:f3:37:16:e2:d7:80:5d:f6:
a1:78:54:06:e8:74:6a:a9:e6:3c:0c:99:b5:bf:9f:
44:14:fb:3e:fa:4e:8a:bf:38:fc:55:6c:c4:5d:38:
60:84:7f:1f:5c:72:98:9c:17:24:f9:b3:33:c2:77:
d3:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:63:17:C8:61:17:B1:73:9B:E2:FC:99:F8:30:E5:FB:2A:2D:76:6B
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/YmMXyGEXsXOb4vyZ-DDl-yotdms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3380::/29
2a0b:3e00::/29
2a0c:8340::/29
2a13:b840::/29
2a13:ddc0::/29
2a14:35c0::/29
2a14:5840::/29
2a14:72c0::/29
Signature Algorithm: sha256WithRSAEncryption
a4:cc:6a:e7:4a:a3:e5:04:88:1e:62:92:fb:35:57:7d:2e:f5:
8d:ed:91:a1:97:dd:0b:14:b3:d4:8d:9a:9a:15:1e:57:7b:76:
d9:e8:31:c7:53:71:53:13:49:bd:38:59:c7:8d:7e:37:0d:d4:
83:ba:1d:81:4e:4c:f1:17:ce:b8:9c:7c:71:08:99:a7:70:d4:
1a:a8:ca:62:0b:f8:55:dd:2d:65:7d:cb:13:d5:3d:77:92:40:
ed:71:49:a9:f2:73:04:00:85:81:b7:3f:82:0e:bb:79:9b:bb:
0e:16:9c:30:86:e6:29:38:8f:a3:a6:f6:25:92:42:79:bb:31:
fd:32:f5:fd:ae:af:11:37:3a:cc:28:4a:e1:c1:74:98:1e:80:
ea:20:a2:54:9e:25:f5:60:7a:83:4c:90:f5:48:62:61:78:0e:
36:2c:3a:45:99:a3:fd:8c:b4:43:50:d7:77:7f:31:61:4b:ec:
cc:a5:1c:a6:d1:39:85:2e:f7:34:93:59:12:e8:6b:00:5a:c1:
58:10:4c:b5:66:0b:2a:35:ce:b0:12:59:eb:c4:59:f6:77:8f:
59:1f:af:a4:57:60:cd:8c:6b:a4:c7:a3:44:1c:af:00:b1:03:
d1:87:79:09:9a:02:e2:e6:38:7f:f9:96:50:29:c4:e4:ed:d3:
72:5b:de:c4
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZXPHDyurn/yJ907HV26h+H3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwMzI1MjEwMTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjYzMTdjODYxMTdiMTczOWJlMmZjOTlmODMwZTVmYjJhMmQ3NjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudMEcqOe86aFQRxt3dRasAtNM9Dk
+TVV+WkfJ3Lbwcb/ISrjPFtSQjpQCtPqssogjN7wk9iqMFnUEaYd1n7SPmxXq9hT
GN+b2EBs/O2yOXXLLujOMDUs+06YJFD5wjfJwEPPIR+kvW3F80UVK80Z1MrYT8JF
ULLeZfLJ9yu5EpgQWi7xtq+WnA1cAvom1vmYZzrO4/CKH6GpF/4l5c9nKsHUTFwF
ho/VO83Xxs6Ze0+GzLp+K4i1Df+McHYWxQvttWmudcctkKyK8zcW4teAXfaheFQG
6HRqqeY8DJm1v59EFPs++k6Kvzj8VWzEXThghH8fXHKYnBck+bMzwnfTXQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFGJjF8hhF7Fzm+L8mfgw5fsqLXZrMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvWW1NWHlHRVhzWE9iNHZ5Wi1ERGwteW90ZG1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDIAEzgAMF
AyoLPgADBQMqDINAAwUDKhO4QAMFAyoT3cADBQMqFDXAAwUDKhRYQAMFAyoUcsAw
DQYJKoZIhvcNAQELBQADggEBAKTMaudKo+UEiB5ikvs1V30u9Y3tkaGX3QsUs9SN
mpoVHld7dtnoMcdTcVMTSb04WceNfjcN1IO6HYFOTPEXzricfHEImadw1BqoymIL
+FXdLWV9yxPVPXeSQO1xSanycwQAhYG3P4IOu3mbuw4WnDCG5ik4j6Om9iWSQnm7
Mf0y9f2urxE3OswoSuHBdJgegOogolSeJfVgeoNMkPVIYmF4DjYsOkWZo/2MtENQ
13d/MWFL7MylHKbROYUu9zSTWRLoawBawVgQTLVmCyo1zrASWevEWfZ3j1kfr6RX
YM2Ma6THo0QcrwCxA9GHeQmaAuLmOH/5llApxOTt03Jb3sQ=
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:57:50 2025 by rpki-client