Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Y3vifB2i9cDcxnnF4dpRKnUNLPg.roa
File: Y3vifB2i9cDcxnnF4dpRKnUNLPg.roa (raw, json)
Hash identifier: m2/G6Ju3iosICWkfcoUhauNd+7rEzfUubbVxyYFNGsc=
Subject key identifier: 63:7B:E2:7C:1D:A2:F5:C0:DC:C6:79:C5:E1:DA:51:2A:75:0D:2C:F8
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01948EFC4CE81B98D542C173EAC43299655C
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Y3vifB2i9cDcxnnF4dpRKnUNLPg.roa
Signing time: Wed 22 Jan 2025 17:08:06 +0000
ROA not before: Wed 22 Jan 2025 17:08:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214146
IP address blocks: 2a12:bec4:1710::/44 maxlen: 44
Validation: Failed, certificate revoked on Wed 22 Jan 2025 17:22:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8e:fc:4c:e8:1b:98:d5:42:c1:73:ea:c4:32:99:65:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 22 17:08:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=637be27c1da2f5c0dcc679c5e1da512a750d2cf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:75:b8:84:3e:8d:3d:eb:fc:bc:0d:ba:69:97:
d5:b9:ee:96:5e:77:d4:02:44:07:1a:e2:dd:3e:50:
e2:a7:91:13:5b:60:ad:87:36:df:1e:c1:32:01:2b:
90:85:fc:ea:36:4d:7a:7e:bf:cc:43:bc:24:11:21:
40:77:04:72:88:1d:43:8e:eb:5b:21:de:45:24:45:
6c:bb:4a:21:7a:29:54:0b:90:4b:c7:45:2c:36:66:
b8:d9:9d:13:28:07:fa:96:ba:39:3d:ea:9f:60:73:
8e:39:75:99:00:68:48:4a:28:a2:a3:d8:c3:b1:b7:
12:41:8c:94:80:e0:c2:4b:01:f3:37:17:a7:a1:44:
33:6e:0b:1b:1a:e1:1f:15:98:41:63:94:21:6c:4c:
b3:f4:1f:0c:d0:1a:95:ec:a0:a0:cf:9e:72:35:94:
2b:30:1e:58:3b:01:ac:a3:15:35:ea:ed:18:dd:08:
26:21:b3:d3:0f:71:61:07:d8:62:06:52:eb:73:31:
b9:25:2b:ab:62:b6:78:c2:7f:0a:18:49:b4:9a:37:
55:16:e1:d1:78:54:d5:14:de:44:61:b2:fa:30:d0:
3d:5b:7c:62:f7:3f:9f:79:19:0f:b6:3c:49:a4:b5:
cd:96:c6:18:d8:22:fb:9b:a9:27:9b:67:22:21:fb:
d0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:7B:E2:7C:1D:A2:F5:C0:DC:C6:79:C5:E1:DA:51:2A:75:0D:2C:F8
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Y3vifB2i9cDcxnnF4dpRKnUNLPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1710::/44
Signature Algorithm: sha256WithRSAEncryption
b9:87:c2:eb:3b:00:54:99:26:2a:17:41:bd:11:bb:d9:a2:ca:
6b:a3:c8:15:74:0a:37:51:03:78:a0:dc:5f:53:e4:84:bd:ff:
6a:b0:23:be:30:01:c4:db:ac:f9:59:b9:69:18:69:57:6d:a6:
35:a6:46:d9:63:81:a5:18:be:0a:9c:a9:51:94:fd:28:e7:18:
f4:55:f2:13:12:e5:b9:86:fb:56:59:16:f3:ff:a1:5c:e7:eb:
5b:b9:06:27:62:ff:76:39:21:83:b8:bb:99:5a:22:c7:5d:dc:
5c:e6:bc:fa:c6:95:b8:99:79:2e:69:ce:37:5d:cc:6b:43:6d:
1a:55:ed:39:8c:91:da:6a:92:9a:c8:bb:2d:ea:fb:09:61:39:
ac:83:97:30:1d:47:1b:cf:1d:8b:50:ef:a4:d8:e7:3b:36:71:
d2:b7:7d:d3:88:4a:27:c8:2e:4b:ec:1d:ef:ef:b9:80:0a:ab:
9d:5c:d7:d0:bf:41:27:b9:f0:55:7c:3c:13:4e:d5:95:e3:24:
44:d3:d5:51:ef:90:34:ea:13:9b:ed:65:1b:c5:a3:eb:af:19:
03:f2:b5:0c:c0:3d:a2:c6:be:15:85:c4:da:44:45:61:80:e1:
a3:f3:34:8b:b7:4a:8e:27:76:64:b2:97:5a:65:a4:02:fb:62:
e6:64:3d:e7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZSO/EzoG5jVQsFz6sQymWVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMTIyMTcwODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzdiZTI3YzFkYTJmNWMwZGNjNjc5YzVlMWRhNTEyYTc1MGQyY2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHW4hD6NPev8vA26aZfVue6WXnfU
AkQHGuLdPlDip5ETW2CthzbfHsEyASuQhfzqNk16fr/MQ7wkESFAdwRyiB1Djutb
Id5FJEVsu0oheilUC5BLx0UsNma42Z0TKAf6lro5PeqfYHOOOXWZAGhISiiio9jD
sbcSQYyUgODCSwHzNxenoUQzbgsbGuEfFZhBY5QhbEyz9B8M0BqV7KCgz55yNZQr
MB5YOwGsoxU16u0Y3QgmIbPTD3FhB9hiBlLrczG5JSurYrZ4wn8KGEm0mjdVFuHR
eFTVFN5EYbL6MNA9W3xi9z+feRkPtjxJpLXNlsYY2CL7m6knm2ciIfvQEQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGN74nwdovXA3MZ5xeHaUSp1DSz4MB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvWTN2aWZCMmk5Y0RjeG5uRjRkcFJLblVOTFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+xBcQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC5h8LrOwBUmSYqF0G9EbvZospro8gVdAo3UQN4
oNxfU+SEvf9qsCO+MAHE26z5WblpGGlXbaY1pkbZY4GlGL4KnKlRlP0o5xj0VfIT
EuW5hvtWWRbz/6Fc5+tbuQYnYv92OSGDuLuZWiLHXdxc5rz6xpW4mXkuac43Xcxr
Q20aVe05jJHaapKayLst6vsJYTmsg5cwHUcbzx2LUO+k2Oc7NnHSt33TiEonyC5L
7B3v77mACqudXNfQv0EnufBVfDwTTtWV4yRE09VR75A06hOb7WUbxaPrrxkD8rUM
wD2ixr4VhcTaREVhgOGj8zSLt0qOJ3ZkspdaZaQC+2LmZD3n
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:51:18 2025 by rpki-client