Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/16339a-2603-4e8f-901c-cfe2c7ff018b/1/YPLf3rCiQnDaAkcZERgbMpulT2A.roa
File: YPLf3rCiQnDaAkcZERgbMpulT2A.roa (raw, json)
Hash identifier: uh1xLRQtY/LdgXJho2hVNcqIj+pRVwrviplXzTBbHZo=
Subject key identifier: 60:F2:DF:DE:B0:A2:42:70:DA:02:47:19:11:18:1B:32:9B:A5:4F:60
Certificate issuer: /CN=be7c79e9a21db26bd6ae0750276db1b0afa7ecdb
Certificate serial: 019302C985F67C6F43335E0FE49995E9B5C6
Authority key identifier: BE:7C:79:E9:A2:1D:B2:6B:D6:AE:07:50:27:6D:B1:B0:AF:A7:EC:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vnx56aIdsmvWrgdQJ22xsK-n7Ns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/16339a-2603-4e8f-901c-cfe2c7ff018b/1/YPLf3rCiQnDaAkcZERgbMpulT2A.roa
Signing time: Wed 06 Nov 2024 18:43:01 +0000
ROA not before: Wed 06 Nov 2024 18:43:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2001:67c:f70::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 09 Dec 2024 12:12:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:02:c9:85:f6:7c:6f:43:33:5e:0f:e4:99:95:e9:b5:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be7c79e9a21db26bd6ae0750276db1b0afa7ecdb
Validity
Not Before: Nov 6 18:43:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60f2dfdeb0a24270da02471911181b329ba54f60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:00:fb:ac:ad:84:2d:24:bc:02:93:ad:04:3e:
47:f0:63:b2:52:57:f4:40:d4:22:95:49:40:7d:05:
0d:1d:7b:c0:46:4d:5f:b6:74:31:86:11:6b:43:5f:
75:f5:af:f7:54:ba:47:b7:ce:54:12:c4:03:05:15:
a0:e4:29:1a:e8:39:48:0d:fd:fe:fc:d1:fb:98:9b:
12:ed:a6:d7:11:88:28:e2:11:b8:5e:79:fe:51:a1:
f3:14:aa:e2:3e:4a:70:a3:2b:0b:8f:c2:27:9a:99:
fc:f5:8a:55:a2:1b:1c:63:6a:69:48:96:ac:82:e8:
98:48:31:c5:81:25:2b:be:02:32:15:53:5e:af:7e:
a6:e4:4c:dc:40:c9:6b:d1:73:66:f9:ba:43:c7:d4:
b0:26:7e:de:7c:77:db:42:33:e9:b6:d5:01:13:8e:
79:46:18:6f:36:3b:1a:a8:45:7a:a3:a7:53:cb:17:
a3:5c:d6:22:03:4c:4c:db:49:59:a4:43:88:69:c0:
11:2c:86:64:40:66:4a:60:0f:6f:a1:7e:2d:45:25:
64:dd:f2:80:af:80:48:43:00:82:1a:fb:34:e3:80:
4e:3a:e2:72:a6:e9:22:8c:23:83:e8:5f:f6:d3:e4:
68:3f:cb:0a:11:20:58:8d:76:40:c3:6d:b2:15:5a:
4b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F2:DF:DE:B0:A2:42:70:DA:02:47:19:11:18:1B:32:9B:A5:4F:60
X509v3 Authority Key Identifier:
keyid:BE:7C:79:E9:A2:1D:B2:6B:D6:AE:07:50:27:6D:B1:B0:AF:A7:EC:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vnx56aIdsmvWrgdQJ22xsK-n7Ns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/16339a-2603-4e8f-901c-cfe2c7ff018b/1/YPLf3rCiQnDaAkcZERgbMpulT2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/16339a-2603-4e8f-901c-cfe2c7ff018b/1/vnx56aIdsmvWrgdQJ22xsK-n7Ns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:f70::/48
Signature Algorithm: sha256WithRSAEncryption
bf:dd:99:88:d3:30:ff:79:9a:9d:31:37:0b:f0:65:34:51:4a:
15:d5:e2:14:49:fd:6b:cb:fe:66:a0:5e:d7:2a:b6:be:b3:21:
07:73:c5:03:91:6b:dd:25:fe:c0:40:0d:ca:23:4d:48:b6:41:
42:33:42:b8:96:b1:a6:d7:12:e4:77:6f:a9:b7:5c:79:ce:e4:
ed:a0:43:fd:ca:08:c3:15:0f:50:f8:e2:0f:cc:13:2d:c1:42:
7c:88:8c:ad:88:ea:df:cc:bf:80:96:ed:06:ce:a0:94:5a:c9:
06:86:52:09:2a:c7:72:a8:75:cc:9c:23:2a:77:40:11:37:40:
31:b2:4d:79:d3:36:ad:5d:e7:1f:16:3b:c7:0a:9c:4e:b6:44:
66:7c:95:3b:16:41:85:70:2d:64:c2:3e:e1:33:51:3b:15:b9:
5f:9d:e2:e6:4e:39:0f:c0:cd:d4:8a:95:14:79:55:b3:b1:3b:
31:41:38:69:d4:89:bb:7d:21:f2:92:e8:2e:dd:b7:4c:11:4b:
e5:70:73:17:7f:e2:66:fb:39:a7:a0:fd:2c:b7:13:61:15:ae:
73:48:07:e3:9f:74:b7:26:72:63:4f:9d:3b:e3:13:5b:78:db:
63:c0:fe:eb:0c:52:bd:ef:37:19:de:d7:3e:fe:d5:fb:8e:d4:
14:a7:23:52
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZMCyYX2fG9DM14P5JmV6bXGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlN2M3OWU5YTIxZGIyNmJkNmFlMDc1MDI3NmRiMWIwYWZh
N2VjZGIwHhcNMjQxMTA2MTg0MzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGYyZGZkZWIwYTI0MjcwZGEwMjQ3MTkxMTE4MWIzMjliYTU0ZjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgD7rK2ELSS8ApOtBD5H8GOyUlf0
QNQilUlAfQUNHXvARk1ftnQxhhFrQ1919a/3VLpHt85UEsQDBRWg5Cka6DlIDf3+
/NH7mJsS7abXEYgo4hG4Xnn+UaHzFKriPkpwoysLj8Inmpn89YpVohscY2ppSJas
guiYSDHFgSUrvgIyFVNer36m5EzcQMlr0XNm+bpDx9SwJn7efHfbQjPpttUBE455
RhhvNjsaqEV6o6dTyxejXNYiA0xM20lZpEOIacARLIZkQGZKYA9voX4tRSVk3fKA
r4BIQwCCGvs044BOOuJypukijCOD6F/20+RoP8sKESBYjXZAw22yFVpLxQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGDy396wokJw2gJHGREYGzKbpU9gMB8GA1UdIwQY
MBaAFL58eemiHbJr1q4HUCdtsbCvp+zbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm54NTZhSWRzbXZXcmdkUUoyMnhzSy1uN05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8xNjMzOWEtMjYwMy00ZThmLTkwMWMt
Y2ZlMmM3ZmYwMThiLzEvWVBMZjNyQ2lRbkRhQWtjWkVSZ2JNcHVsVDJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8xNjMzOWEtMjYwMy00ZThmLTkwMWMtY2ZlMmM3ZmYwMThi
LzEvdm54NTZhSWRzbXZXcmdkUUoyMnhzSy1uN05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA9w
MA0GCSqGSIb3DQEBCwUAA4IBAQC/3ZmI0zD/eZqdMTcL8GU0UUoV1eIUSf1ry/5m
oF7XKra+syEHc8UDkWvdJf7AQA3KI01ItkFCM0K4lrGm1xLkd2+pt1x5zuTtoEP9
ygjDFQ9Q+OIPzBMtwUJ8iIytiOrfzL+Alu0GzqCUWskGhlIJKsdyqHXMnCMqd0AR
N0Axsk150zatXecfFjvHCpxOtkRmfJU7FkGFcC1kwj7hM1E7FblfneLmTjkPwM3U
ipUUeVWzsTsxQThp1Im7fSHykugu3bdMEUvlcHMXf+Jm+zmnoP0stxNhFa5zSAfj
n3S3JnJjT5074xNbeNtjwP7rDFK97zcZ3tc+/tX7jtQUpyNS
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:55:51 2025 by rpki-client