Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/39fa43-9794-421a-ba89-b9356e61f73a/1/yGj1k1JW7BfZODYX-eCN9kUEmN4.roa
File: yGj1k1JW7BfZODYX-eCN9kUEmN4.roa (raw, json)
Hash identifier: ZBdHvjbNqLdVkOa5DErEGsFHmlo6KpVQab7S+P+iVFk=
Subject key identifier: C8:68:F5:93:52:56:EC:17:D9:38:36:17:F9:E0:8D:F6:45:04:98:DE
Certificate issuer: /CN=0a8e93f1961bebc10009cb265c0baf34702a3dab
Certificate serial: 01927C18626F896DC0B5E902674F8EE48A2D
Authority key identifier: 0A:8E:93:F1:96:1B:EB:C1:00:09:CB:26:5C:0B:AF:34:70:2A:3D:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Co6T8ZYb68EACcsmXAuvNHAqPas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/39fa43-9794-421a-ba89-b9356e61f73a/1/yGj1k1JW7BfZODYX-eCN9kUEmN4.roa
Signing time: Fri 11 Oct 2024 15:00:25 +0000
ROA not before: Fri 11 Oct 2024 15:00:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48925
IP address blocks: 2001:67c:be8::/48 maxlen: 48
2a01:ec40::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 17 Oct 2024 14:21:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7c:18:62:6f:89:6d:c0:b5:e9:02:67:4f:8e:e4:8a:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a8e93f1961bebc10009cb265c0baf34702a3dab
Validity
Not Before: Oct 11 15:00:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c868f5935256ec17d9383617f9e08df6450498de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d0:81:74:2e:96:95:51:46:8a:2d:21:5d:ee:
52:18:b1:1b:92:f0:f5:c3:6d:d2:30:37:f6:70:7c:
10:73:03:4e:d7:06:11:91:3a:ac:43:26:84:48:3f:
54:2d:9c:48:c2:81:99:55:f3:30:cb:72:86:38:26:
19:93:6a:19:38:3e:71:fa:01:c6:73:fe:9d:47:66:
22:cc:5d:c6:9d:31:c7:e3:12:d1:9a:2e:a7:7b:9e:
5b:c2:57:be:95:81:37:24:a5:73:8a:74:a6:fa:ec:
c7:67:18:b1:29:6b:ab:3b:e6:f9:64:46:34:a6:6a:
96:2d:7f:c1:1c:f8:c2:e8:e5:bb:7e:50:0b:fd:02:
00:eb:f2:4f:9c:81:d0:e0:71:58:23:0c:6e:02:66:
88:1d:68:87:58:48:7f:b1:7e:ca:a5:df:cf:37:36:
69:b3:59:c4:29:98:92:eb:12:d2:14:96:1e:aa:12:
6f:10:92:c9:11:88:7c:84:71:74:7d:5e:33:66:8b:
b9:59:bf:a0:14:66:21:01:10:cb:8d:fd:c3:44:65:
0d:5c:a1:cd:88:5d:32:40:14:36:dd:db:a1:c1:8d:
b8:50:0b:7c:01:9d:f6:6f:17:90:f9:1c:35:62:c5:
b2:f1:20:c2:c7:05:ad:af:76:71:0d:fd:02:8b:12:
87:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:68:F5:93:52:56:EC:17:D9:38:36:17:F9:E0:8D:F6:45:04:98:DE
X509v3 Authority Key Identifier:
keyid:0A:8E:93:F1:96:1B:EB:C1:00:09:CB:26:5C:0B:AF:34:70:2A:3D:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Co6T8ZYb68EACcsmXAuvNHAqPas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/39fa43-9794-421a-ba89-b9356e61f73a/1/yGj1k1JW7BfZODYX-eCN9kUEmN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/39fa43-9794-421a-ba89-b9356e61f73a/1/Co6T8ZYb68EACcsmXAuvNHAqPas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:be8::/48
2a01:ec40::/48
Signature Algorithm: sha256WithRSAEncryption
59:14:93:68:57:64:d3:35:f3:f2:46:04:f1:90:05:fc:69:27:
36:b2:9d:71:81:bd:3a:42:db:a2:c1:43:87:fd:82:78:2c:21:
35:a7:4e:e7:3b:58:22:c4:63:52:92:98:e9:d4:2f:b0:1e:89:
d6:26:ec:e0:0d:39:24:71:58:90:6a:62:24:f2:53:55:92:da:
32:d8:5e:16:73:fd:46:16:ad:18:fd:3a:7d:20:31:92:86:36:
08:43:90:14:16:ba:9e:65:3f:9e:26:82:cc:c8:79:67:69:aa:
20:81:c8:a2:29:01:4e:12:cc:a5:83:aa:42:02:9a:62:b7:9e:
ce:09:22:e4:94:6c:1f:7d:6b:16:2d:f7:60:f8:d0:e1:90:f8:
74:dc:12:b0:f8:4f:6d:e6:a3:38:f8:5c:6e:62:13:c0:67:09:
b3:70:63:99:00:3d:7c:5c:6a:54:f2:b1:04:13:2b:5f:a5:b8:
03:ac:a2:9b:3b:7b:c7:7b:78:07:f0:b0:b9:77:b8:a5:e3:9f:
76:ee:d1:e6:0c:6e:a8:f0:7f:eb:05:41:19:54:71:7e:68:1f:
11:16:c8:84:ec:33:d7:ff:0e:35:5e:b1:b3:58:6e:ad:c3:e2:
7c:1b:09:27:91:99:6d:07:45:a4:62:9a:84:66:2a:13:6d:dc:
7e:da:8b:e8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZJ8GGJviW3AtekCZ0+O5IotMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhOGU5M2YxOTYxYmViYzEwMDA5Y2IyNjVjMGJhZjM0NzAy
YTNkYWIwHhcNMjQxMDExMTUwMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODY4ZjU5MzUyNTZlYzE3ZDkzODM2MTdmOWUwOGRmNjQ1MDQ5OGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNCBdC6WlVFGii0hXe5SGLEbkvD1
w23SMDf2cHwQcwNO1wYRkTqsQyaESD9ULZxIwoGZVfMwy3KGOCYZk2oZOD5x+gHG
c/6dR2YizF3GnTHH4xLRmi6ne55bwle+lYE3JKVzinSm+uzHZxixKWurO+b5ZEY0
pmqWLX/BHPjC6OW7flAL/QIA6/JPnIHQ4HFYIwxuAmaIHWiHWEh/sX7Kpd/PNzZp
s1nEKZiS6xLSFJYeqhJvEJLJEYh8hHF0fV4zZou5Wb+gFGYhARDLjf3DRGUNXKHN
iF0yQBQ23duhwY24UAt8AZ32bxeQ+Rw1YsWy8SDCxwWtr3ZxDf0CixKH5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMho9ZNSVuwX2Tg2F/ngjfZFBJjeMB8GA1UdIwQY
MBaAFAqOk/GWG+vBAAnLJlwLrzRwKj2rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ282VDhaWWI2OEVBQ2NzbVhBdXZOSEFxUGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zOWZhNDMtOTc5NC00MjFhLWJhODkt
YjkzNTZlNjFmNzNhLzEveUdqMWsxSlc3QmZaT0RZWC1lQ045a1VFbU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zOWZhNDMtOTc5NC00MjFhLWJhODktYjkzNTZlNjFmNzNh
LzEvQ282VDhaWWI2OEVBQ2NzbVhBdXZOSEFxUGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGfAvo
AwcAKgHsQAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBZFJNoV2TTNfPyRgTxkAX8aSc2
sp1xgb06QtuiwUOH/YJ4LCE1p07nO1gixGNSkpjp1C+wHonWJuzgDTkkcViQamIk
8lNVktoy2F4Wc/1GFq0Y/Tp9IDGShjYIQ5AUFrqeZT+eJoLMyHlnaaoggciiKQFO
Esylg6pCAppit57OCSLklGwffWsWLfdg+NDhkPh03BKw+E9t5qM4+FxuYhPAZwmz
cGOZAD18XGpU8rEEEytfpbgDrKKbO3vHe3gH8LC5d7il45927tHmDG6o8H/rBUEZ
VHF+aB8RFsiE7DPX/w41XrGzWG6tw+J8GwknkZltB0WkYpqEZioTbdx+2ovo
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:13:23 2025 by rpki-client