Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b3298b-9c5a-4e38-8131-4a68f235c388/1/YrXbXIIDkWFW9FFd-skE7BT9oTQ.roa
File: YrXbXIIDkWFW9FFd-skE7BT9oTQ.roa (raw, json)
Hash identifier: RPFSLPmL1XDxpZjHW3NEiIqNNdtuVzeUtW4f0ZQCUq0=
Subject key identifier: 62:B5:DB:5C:82:03:91:61:56:F4:51:5D:FA:C9:04:EC:14:FD:A1:34
Certificate issuer: /CN=ecc8a1aad0205943a4572389bb74334e1ca28485
Certificate serial: 018CC348A234ADCE876F6FB50477FDE334AE
Authority key identifier: EC:C8:A1:AA:D0:20:59:43:A4:57:23:89:BB:74:33:4E:1C:A2:84:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7MihqtAgWUOkVyOJu3QzThyihIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b3298b-9c5a-4e38-8131-4a68f235c388/1/YrXbXIIDkWFW9FFd-skE7BT9oTQ.roa
Signing time: Mon 01 Jan 2024 04:29:26 +0000
ROA not before: Mon 01 Jan 2024 04:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29442
IP address blocks: 2a02:cac0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 07 Feb 2024 16:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a2:34:ad:ce:87:6f:6f:b5:04:77:fd:e3:34:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecc8a1aad0205943a4572389bb74334e1ca28485
Validity
Not Before: Jan 1 04:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62b5db5c8203916156f4515dfac904ec14fda134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:cd:fc:59:95:b8:12:ff:65:21:73:f4:5b:00:
70:b0:e8:eb:b1:4b:28:68:2d:c2:26:9b:65:17:21:
61:9b:2f:e2:64:ed:71:f5:d8:bc:1a:4f:e9:ca:91:
da:71:56:38:23:0a:21:65:79:1e:d3:88:38:77:30:
b2:75:c1:d6:1a:10:dc:2c:4b:e2:0c:dd:de:b1:c7:
f6:24:a6:bb:ed:f7:74:52:b2:b1:9a:b3:b5:be:9c:
d1:45:e0:35:70:e6:16:87:6c:cd:39:47:ca:85:db:
27:a6:96:a8:4d:b9:f2:98:6e:06:95:57:6e:38:3d:
5e:d1:67:4c:46:ed:e3:c2:98:98:69:8d:97:9a:df:
7c:25:47:03:c9:96:7f:54:f3:aa:aa:da:1a:48:1f:
a7:30:22:ed:6c:47:ed:5a:91:56:15:d2:2d:ca:ec:
a3:8f:66:fe:03:5b:9c:c2:34:a7:70:ab:74:ef:f9:
82:be:fc:f8:92:47:49:f9:b4:1d:fd:6a:61:49:79:
71:6f:5b:a9:f3:52:4f:ac:25:40:cc:6e:c2:94:56:
bb:97:e3:9a:00:7f:4b:a5:66:f8:ce:f9:a0:b2:ae:
a9:f2:99:2a:11:09:38:b6:71:7e:73:6b:14:b1:c2:
12:49:a7:1d:58:5d:15:96:fa:ed:d3:a8:87:73:8a:
bc:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B5:DB:5C:82:03:91:61:56:F4:51:5D:FA:C9:04:EC:14:FD:A1:34
X509v3 Authority Key Identifier:
keyid:EC:C8:A1:AA:D0:20:59:43:A4:57:23:89:BB:74:33:4E:1C:A2:84:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7MihqtAgWUOkVyOJu3QzThyihIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b3298b-9c5a-4e38-8131-4a68f235c388/1/YrXbXIIDkWFW9FFd-skE7BT9oTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b3298b-9c5a-4e38-8131-4a68f235c388/1/7MihqtAgWUOkVyOJu3QzThyihIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:cac0::/29
Signature Algorithm: sha256WithRSAEncryption
07:ef:79:6c:19:2a:fb:53:c6:cd:08:5e:07:b9:fe:02:e0:37:
4e:9f:c8:83:62:76:b0:9a:ab:2f:c6:94:e1:d3:cf:55:6f:75:
8b:18:17:d8:81:9f:bf:82:ff:c3:53:43:58:6a:68:44:45:92:
9f:3b:d4:d1:ac:90:d0:1b:3d:0a:a0:bb:1f:3a:b4:b6:fe:03:
18:bf:6d:24:4d:19:b5:16:c5:c9:57:65:7b:a1:47:d9:92:2d:
29:8f:78:e7:8a:c5:b7:9c:d6:dc:a6:75:ea:aa:b1:d2:2c:04:
c0:47:6d:e7:a5:c5:44:0e:39:e3:64:f3:77:2a:27:17:47:4c:
b3:c5:26:19:0a:3c:3d:5f:11:c3:c6:f8:c3:95:1a:5c:ce:e5:
d5:0e:50:a3:a4:2e:1d:0a:0c:ed:5f:b8:8a:7f:c6:a0:da:f1:
0e:b3:79:84:ad:2e:24:2d:ae:f2:85:88:6c:cc:9d:1b:6e:46:
a4:f4:03:1a:d2:5e:ee:4b:a9:94:a4:66:75:46:56:57:0a:6c:
2d:4c:25:70:0e:4a:18:25:4d:38:f1:90:9b:d3:26:5f:52:6e:
b9:1f:96:0b:4e:cf:76:95:9c:75:27:64:ae:44:a6:b6:ee:ed:
c1:e7:9b:6a:a9:c0:46:e1:50:54:84:88:62:41:6d:8e:32:c1:
38:de:29:fa
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzDSKI0rc6Hb2+1BHf94zSuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjYzhhMWFhZDAyMDU5NDNhNDU3MjM4OWJiNzQzMzRlMWNh
Mjg0ODUwHhcNMjQwMTAxMDQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmI1ZGI1YzgyMDM5MTYxNTZmNDUxNWRmYWM5MDRlYzE0ZmRhMTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAys38WZW4Ev9lIXP0WwBwsOjrsUso
aC3CJptlFyFhmy/iZO1x9di8Gk/pypHacVY4IwohZXke04g4dzCydcHWGhDcLEvi
DN3escf2JKa77fd0UrKxmrO1vpzRReA1cOYWh2zNOUfKhdsnppaoTbnymG4GlVdu
OD1e0WdMRu3jwpiYaY2Xmt98JUcDyZZ/VPOqqtoaSB+nMCLtbEftWpFWFdItyuyj
j2b+A1ucwjSncKt07/mCvvz4kkdJ+bQd/WphSXlxb1up81JPrCVAzG7ClFa7l+Oa
AH9LpWb4zvmgsq6p8pkqEQk4tnF+c2sUscISSacdWF0Vlvrt06iHc4q8uwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGK121yCA5FhVvRRXfrJBOwU/aE0MB8GA1UdIwQY
MBaAFOzIoarQIFlDpFcjibt0M04cooSFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN01paHF0QWdXVU9rVnlPSnUzUXpUaHlpaElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iMzI5OGItOWM1YS00ZTM4LTgxMzEt
NGE2OGYyMzVjMzg4LzEvWXJYYlhJSURrV0ZXOUZGZC1za0U3QlQ5b1RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iMzI5OGItOWM1YS00ZTM4LTgxMzEtNGE2OGYyMzVjMzg4
LzEvN01paHF0QWdXVU9rVnlPSnUzUXpUaHlpaElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgLKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAB+95bBkq+1PGzQheB7n+AuA3Tp/Ig2J2sJqrL8aU
4dPPVW91ixgX2IGfv4L/w1NDWGpoREWSnzvU0ayQ0Bs9CqC7Hzq0tv4DGL9tJE0Z
tRbFyVdle6FH2ZItKY9454rFt5zW3KZ16qqx0iwEwEdt56XFRA4542TzdyonF0dM
s8UmGQo8PV8Rw8b4w5UaXM7l1Q5Qo6QuHQoM7V+4in/GoNrxDrN5hK0uJC2u8oWI
bMydG25GpPQDGtJe7kuplKRmdUZWVwpsLUwlcA5KGCVNOPGQm9MmX1JuuR+WC07P
dpWcdSdkrkSmtu7tweebaqnARuFQVISIYkFtjjLBON4p+g==
-----END CERTIFICATE-----
Generated at Wed Feb 7 20:26:37 2024 by rpki-client on console-fra.rpki-client.org