Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YZkMTm8YiiNj7pTayHOtq2DPkdI.roa
File: YZkMTm8YiiNj7pTayHOtq2DPkdI.roa (raw, json)
Hash identifier: 5t+5XCrUVoj0YYLylFbUGy+R1lTJc8TIahurs4sJli4=
Subject key identifier: 61:99:0C:4E:6F:18:8A:23:63:EE:94:DA:C8:73:AD:AB:60:CF:91:D2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01905E89F7CED46F14ECBBDC8B95BA99B1B0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YZkMTm8YiiNj7pTayHOtq2DPkdI.roa
Signing time: Fri 28 Jun 2024 11:10:18 +0000
ROA not before: Fri 28 Jun 2024 11:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 28 Jun 2024 12:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5e:89:f7:ce:d4:6f:14:ec:bb:dc:8b:95:ba:99:b1:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 28 11:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61990c4e6f188a2363ee94dac873adab60cf91d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5a:c1:14:95:73:d5:bc:2d:7d:7e:0b:34:c4:
93:d0:2d:81:0b:d1:29:46:08:21:42:98:ab:27:68:
31:5c:5c:ab:8c:f0:34:3f:ce:f4:fd:c0:14:e0:92:
3c:c8:eb:7a:79:9f:d7:05:7e:7a:61:53:53:e2:c9:
30:84:a8:63:cd:a8:a6:b5:08:aa:0a:02:7e:46:93:
33:d7:24:c4:83:3f:65:60:f0:b4:1a:2c:bc:28:63:
7b:a3:35:b3:2c:bc:33:77:e2:57:e5:dd:bd:dc:29:
fd:b6:8e:49:13:e3:c8:1d:5d:6b:7f:91:bf:2c:2f:
4a:25:0c:7f:2c:44:64:27:a1:29:71:6a:86:f1:e6:
25:35:cc:2a:e1:82:f9:e8:52:1b:6c:27:1b:44:e0:
1b:c3:e8:0f:ad:65:37:12:75:78:51:03:33:56:b4:
d3:65:aa:d9:9a:36:71:cf:07:f0:c5:0e:4c:bd:bd:
c8:0e:c9:f9:48:b0:08:e6:3d:7e:43:52:03:0f:51:
31:3a:f2:15:0e:16:c3:8e:79:78:be:32:6c:e2:44:
0f:0d:a4:c4:bb:61:c5:fd:48:e7:b2:66:72:12:6f:
5c:44:cc:25:e6:e1:ba:47:cf:1b:d3:aa:f1:a0:62:
70:18:98:47:0c:87:10:4a:9e:36:1b:ed:fe:5d:bd:
45:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:99:0C:4E:6F:18:8A:23:63:EE:94:DA:C8:73:AD:AB:60:CF:91:D2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YZkMTm8YiiNj7pTayHOtq2DPkdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2d:bc:4c:54:6c:70:a9:51:ac:7d:f5:a4:ea:e3:9c:b0:ef:49:
e3:1e:8e:65:4f:0e:81:ca:d8:35:3d:0e:2b:5c:b5:59:cf:5e:
60:06:6a:e4:80:54:90:bf:f5:ff:28:21:d7:86:1e:96:6f:40:
ae:22:03:92:ba:94:c7:65:8f:fa:cd:58:52:c5:10:23:b0:a4:
b0:a6:a1:6d:e6:e2:58:9c:d1:6f:c1:3b:df:3d:a2:8f:8a:c6:
26:54:95:c2:24:fc:23:29:14:0e:ed:f5:55:59:ac:23:78:bd:
b2:b5:66:aa:ce:c1:57:81:dc:f1:5c:01:cd:51:9c:27:db:96:
0d:fc:50:2f:8b:80:b8:0c:25:8a:66:f5:1e:db:88:53:d0:ac:
3c:bf:8a:3e:74:2f:cf:cf:e1:4a:7a:bf:f9:95:a1:85:68:87:
b6:80:98:aa:63:00:e3:a3:64:88:4d:1f:ab:b6:20:62:c1:95:
03:d5:fc:5f:f6:51:47:ad:79:a7:86:6a:27:4c:be:e7:55:9b:
86:36:04:e1:b8:f0:07:ac:c1:0f:31:53:fc:b1:d1:f8:71:11:
de:07:e3:4f:8c:af:68:a5:22:ff:c1:d5:2e:c3:7a:01:0f:95:
37:2e:cf:8b:8c:2b:92:78:9f:b7:b9:3b:01:94:de:bf:63:54:
df:96:ec:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBeiffO1G8U7Lvci5W6mbGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjI4MTExMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTk5MGM0ZTZmMTg4YTIzNjNlZTk0ZGFjODczYWRhYjYwY2Y5MWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlrBFJVz1bwtfX4LNMST0C2BC9Ep
RgghQpirJ2gxXFyrjPA0P870/cAU4JI8yOt6eZ/XBX56YVNT4skwhKhjzaimtQiq
CgJ+RpMz1yTEgz9lYPC0Giy8KGN7ozWzLLwzd+JX5d293Cn9to5JE+PIHV1rf5G/
LC9KJQx/LERkJ6EpcWqG8eYlNcwq4YL56FIbbCcbROAbw+gPrWU3EnV4UQMzVrTT
ZarZmjZxzwfwxQ5Mvb3IDsn5SLAI5j1+Q1IDD1ExOvIVDhbDjnl4vjJs4kQPDaTE
u2HF/UjnsmZyEm9cRMwl5uG6R88b06rxoGJwGJhHDIcQSp42G+3+Xb1FuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGGZDE5vGIojY+6U2shzratgz5HSMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWVprTVRtOFlpaU5qN3BUYXlIT3RxMkRQa2RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC28TFRscKlRrH31pOrj
nLDvSeMejmVPDoHK2DU9DitctVnPXmAGauSAVJC/9f8oIdeGHpZvQK4iA5K6lMdl
j/rNWFLFECOwpLCmoW3m4lic0W/BO989oo+KxiZUlcIk/CMpFA7t9VVZrCN4vbK1
ZqrOwVeB3PFcAc1RnCfblg38UC+LgLgMJYpm9R7biFPQrDy/ij50L8/P4Up6v/mV
oYVoh7aAmKpjAOOjZIhNH6u2IGLBlQPV/F/2UUeteaeGaidMvudVm4Y2BOG48Aes
wQ8xU/yx0fhxEd4H40+Mr2ilIv/B1S7DegEPlTcuz4uMK5J4n7e5OwGU3r9jVN+W
7IM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:53 2025 by rpki-client