Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/yb4f1ma5JjFtxav5g1kqEI68dsI.roa
File: yb4f1ma5JjFtxav5g1kqEI68dsI.roa (raw, json)
Hash identifier: C908jUt7/2FuRwciQIJPOnACxwjfFgHmeUAXEX+Xs6Y=
Subject key identifier: C9:BE:1F:D6:66:B9:26:31:6D:C5:AB:F9:83:59:2A:10:8E:BC:76:C2
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018572BA7B5FA03DC5926466C3E946E333F6
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/yb4f1ma5JjFtxav5g1kqEI68dsI.roa
Signing time: Mon 02 Jan 2023 13:45:01 +0000
ROA not before: Mon 02 Jan 2023 13:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207622
IP address blocks: 2a0f:5707:aa20::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:7b:5f:a0:3d:c5:92:64:66:c3:e9:46:e3:33:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 13:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9be1fd666b926316dc5abf983592a108ebc76c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a6:08:a9:cd:4a:f2:84:d2:e5:f8:d9:97:b8:
74:8a:54:91:fa:07:56:cf:6c:5c:80:09:91:c6:e6:
67:9d:93:79:52:12:7c:e2:d8:0a:29:c2:8f:49:aa:
37:4d:3f:26:f6:c3:5a:b2:ed:20:02:cf:45:3a:85:
1e:81:eb:a4:e4:0c:63:49:60:07:02:b9:43:87:4e:
26:52:45:b2:90:2f:4b:22:60:4c:cc:17:4d:09:61:
68:5b:b8:e1:19:12:74:63:2a:fa:0a:e5:9d:5b:e4:
f3:4b:04:06:16:5b:ce:94:24:4f:f3:e3:a3:c1:e3:
2f:4f:ff:60:ae:e3:1a:c4:84:3c:f8:5b:c3:9f:c6:
59:fd:1e:66:94:8e:21:6b:59:19:56:0e:e9:cb:ac:
b7:f5:d3:2d:d5:d5:4c:fd:1f:ed:e3:74:e4:4c:24:
a8:fb:da:fa:ce:6f:2a:2b:f3:5f:4b:7b:89:64:3a:
e6:46:b3:18:f3:28:27:8b:fe:f8:5b:a1:8a:b1:19:
6f:60:d1:a0:be:75:1d:73:2f:45:5b:a6:a7:66:d3:
10:75:e0:ac:35:b2:d0:f8:7a:c2:24:1b:15:37:85:
44:03:d5:c0:a9:ad:33:0f:cc:1f:7b:f1:a1:8f:8d:
e3:e8:c7:b2:3f:a5:a0:b0:b9:69:6d:89:25:a9:f1:
be:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:BE:1F:D6:66:B9:26:31:6D:C5:AB:F9:83:59:2A:10:8E:BC:76:C2
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/yb4f1ma5JjFtxav5g1kqEI68dsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:aa20::/44
Signature Algorithm: sha256WithRSAEncryption
8a:20:cd:bb:09:69:74:8f:18:be:ff:e9:11:51:e9:5e:6d:ac:
6c:a0:f6:b6:fe:17:f2:2f:23:df:7f:96:b1:af:67:d0:c9:f7:
46:b4:24:74:42:67:a8:88:38:8e:48:a7:b9:8e:30:20:45:ea:
91:12:f5:6b:61:ca:cd:e3:92:53:6b:23:c2:04:89:b1:2e:9b:
30:f4:ed:b2:8a:46:5e:08:27:1e:5a:7a:1e:b9:e5:7b:aa:ec:
9a:48:73:48:94:37:4b:27:fd:01:1c:63:70:24:96:73:4a:39:
67:d8:71:4b:48:f0:94:46:94:ad:e8:24:d8:e0:dc:42:39:92:
64:3e:89:7d:4f:79:28:ae:31:6c:79:20:79:d6:2e:89:5b:28:
51:4b:4b:15:1c:38:48:ab:80:14:e0:2f:77:8b:9f:d2:13:30:
1d:66:01:16:47:59:a9:2e:60:e6:75:cf:97:52:a6:50:9e:db:
2a:29:78:d7:62:9d:87:a3:f0:fc:ba:53:67:48:ed:d1:c1:38:
d3:40:20:57:f7:37:a8:0d:f7:8a:c0:7a:f5:0e:aa:b9:92:6e:
7d:7d:db:af:2d:1e:22:5f:fd:47:21:b9:3c:87:91:b4:7f:c3:
c0:76:38:0f:78:45:66:b8:ae:f0:c0:d6:54:08:cb:b4:3a:ae:
f1:85:72:42
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyuntfoD3FkmRmw+lG4zP2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMTAyMTM0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWJlMWZkNjY2YjkyNjMxNmRjNWFiZjk4MzU5MmExMDhlYmM3NmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6YIqc1K8oTS5fjZl7h0ilSR+gdW
z2xcgAmRxuZnnZN5UhJ84tgKKcKPSao3TT8m9sNasu0gAs9FOoUegeuk5AxjSWAH
ArlDh04mUkWykC9LImBMzBdNCWFoW7jhGRJ0Yyr6CuWdW+TzSwQGFlvOlCRP8+Oj
weMvT/9gruMaxIQ8+FvDn8ZZ/R5mlI4ha1kZVg7py6y39dMt1dVM/R/t43TkTCSo
+9r6zm8qK/NfS3uJZDrmRrMY8ygni/74W6GKsRlvYNGgvnUdcy9FW6anZtMQdeCs
NbLQ+HrCJBsVN4VEA9XAqa0zD8wfe/Ghj43j6MeyP6WgsLlpbYklqfG+qQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMm+H9ZmuSYxbcWr+YNZKhCOvHbCMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEveWI0ZjFtYTVKakZ0eGF2NWcxa3FFSTY4ZHNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg9XB6og
MA0GCSqGSIb3DQEBCwUAA4IBAQCKIM27CWl0jxi+/+kRUelebaxsoPa2/hfyLyPf
f5axr2fQyfdGtCR0QmeoiDiOSKe5jjAgReqREvVrYcrN45JTayPCBImxLpsw9O2y
ikZeCCceWnoeueV7quyaSHNIlDdLJ/0BHGNwJJZzSjln2HFLSPCURpSt6CTY4NxC
OZJkPol9T3korjFseSB51i6JWyhRS0sVHDhIq4AU4C93i5/SEzAdZgEWR1mpLmDm
dc+XUqZQntsqKXjXYp2Ho/D8ulNnSO3RwTjTQCBX9zeoDfeKwHr1Dqq5km59fduv
LR4iX/1HIbk8h5G0f8PAdjgPeEVmuK7wwNZUCMu0Oq7xhXJC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org