Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/YT04YU1UJSAS4XE29OrJ2tLR0pI.roa
File: YT04YU1UJSAS4XE29OrJ2tLR0pI.roa (raw, json)
Hash identifier: WEw8pQFw0u42jNe0+RhmIh5qx++K7csFqFQo9yRkUkY=
Subject key identifier: 61:3D:38:61:4D:54:25:20:12:E1:71:36:F4:EA:C9:DA:D2:D1:D2:92
Certificate issuer: /CN=67aba9afa37d9bce407fe23c7919892d9d9c0939
Certificate serial: 018CC79339634B072892561D1411C6770D5A
Authority key identifier: 67:AB:A9:AF:A3:7D:9B:CE:40:7F:E2:3C:79:19:89:2D:9D:9C:09:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z6upr6N9m85Af-I8eRmJLZ2cCTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/YT04YU1UJSAS4XE29OrJ2tLR0pI.roa
Signing time: Tue 02 Jan 2024 00:29:23 +0000
ROA not before: Tue 02 Jan 2024 00:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2001:67c:a0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Apr 2024 07:11:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:39:63:4b:07:28:92:56:1d:14:11:c6:77:0d:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67aba9afa37d9bce407fe23c7919892d9d9c0939
Validity
Not Before: Jan 2 00:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=613d38614d54252012e17136f4eac9dad2d1d292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:2b:df:3e:39:0a:55:34:53:05:2b:f3:94:b3:
8b:c3:5b:a7:8b:7e:2c:a5:e8:e1:4a:7e:a5:72:30:
c2:be:d9:81:98:0a:57:4c:4d:8f:a1:c2:ee:b6:fa:
de:cc:91:14:c3:5b:30:64:1d:43:6d:f7:71:2e:50:
ac:7d:ef:48:39:cd:45:74:be:66:ca:ef:c7:3e:9f:
a4:6a:ae:00:62:ae:6f:d7:6d:1f:ef:76:eb:d1:67:
2e:08:c5:f4:89:da:ba:ee:fb:39:12:79:45:93:a0:
8b:54:68:52:37:40:16:b9:e7:f0:78:a8:fa:c1:78:
e5:15:5d:58:ae:ba:86:93:39:29:05:87:b5:99:16:
2c:4d:39:d3:75:17:96:ea:d7:fb:fc:49:07:74:b2:
d2:62:ad:dd:e8:e6:91:50:fc:55:94:33:3f:31:00:
82:65:ee:9a:a6:f4:6f:bb:eb:ab:8d:37:98:06:cb:
dd:00:4d:9b:ef:0e:50:39:97:6e:66:81:3a:4d:f5:
17:f7:09:70:6c:14:d0:4d:f1:08:32:29:ec:91:b4:
17:e3:17:53:fb:e5:1c:f3:2a:e9:69:0e:0d:bf:33:
8d:82:c5:12:65:77:dd:1b:43:6e:3b:7e:c7:d1:6d:
3a:c3:65:22:5e:de:67:c7:89:05:06:2c:58:9e:1e:
cb:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:3D:38:61:4D:54:25:20:12:E1:71:36:F4:EA:C9:DA:D2:D1:D2:92
X509v3 Authority Key Identifier:
keyid:67:AB:A9:AF:A3:7D:9B:CE:40:7F:E2:3C:79:19:89:2D:9D:9C:09:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z6upr6N9m85Af-I8eRmJLZ2cCTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/YT04YU1UJSAS4XE29OrJ2tLR0pI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/Z6upr6N9m85Af-I8eRmJLZ2cCTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:a0::/48
Signature Algorithm: sha256WithRSAEncryption
2f:04:b7:53:5d:a1:f6:de:6e:66:4c:24:b7:50:96:e5:3e:e0:
ad:4c:fb:26:b6:86:cb:1a:e8:62:16:66:24:77:e3:70:e4:a3:
4f:ae:ce:95:49:e7:33:4d:ee:65:84:c3:dd:82:1d:fb:3f:ff:
bb:75:20:24:52:62:e2:e9:e9:46:b0:c8:69:07:fb:b0:b9:9e:
a9:88:ae:ca:98:fe:a4:1d:89:e6:a1:e7:fd:14:8b:3d:b0:ef:
5b:44:37:73:9c:b1:4b:7a:52:d8:89:2e:f7:1e:4d:f3:0e:7a:
5b:6a:61:c6:0e:4e:5f:e5:71:55:a3:4c:fe:92:8d:78:81:a5:
2a:44:b8:c0:a5:72:dd:3a:1e:f2:e1:f6:1b:fc:41:5f:0b:ad:
5c:71:0e:6d:cb:f1:40:53:3c:3b:b8:3b:f9:0c:d0:b8:2f:54:
4e:c3:ca:61:30:d5:88:0a:76:c6:29:38:d3:8b:4a:c0:ef:e9:
16:c9:45:6a:28:c5:cc:f6:75:bf:c1:f7:5f:a6:f0:87:6c:3c:
ee:1d:e9:b6:72:ee:21:99:06:35:32:40:01:63:c6:a8:09:aa:
6b:f0:f5:8e:0b:ee:ff:2d:bb:f2:a8:f5:bb:55:e6:1d:aa:b5:
17:16:e6:53:df:3b:af:12:96:cb:cf:4e:37:5d:33:20:9a:18:
28:0f:01:dd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHkzljSwcoklYdFBHGdw1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YWJhOWFmYTM3ZDliY2U0MDdmZTIzYzc5MTk4OTJkOWQ5
YzA5MzkwHhcNMjQwMTAyMDAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTNkMzg2MTRkNTQyNTIwMTJlMTcxMzZmNGVhYzlkYWQyZDFkMjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+ivfPjkKVTRTBSvzlLOLw1uni34s
pejhSn6lcjDCvtmBmApXTE2PocLutvrezJEUw1swZB1DbfdxLlCsfe9IOc1FdL5m
yu/HPp+kaq4AYq5v120f73br0WcuCMX0idq67vs5EnlFk6CLVGhSN0AWuefweKj6
wXjlFV1YrrqGkzkpBYe1mRYsTTnTdReW6tf7/EkHdLLSYq3d6OaRUPxVlDM/MQCC
Ze6apvRvu+urjTeYBsvdAE2b7w5QOZduZoE6TfUX9wlwbBTQTfEIMinskbQX4xdT
++Uc8yrpaQ4NvzONgsUSZXfdG0NuO37H0W06w2UiXt5nx4kFBixYnh7LEQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGE9OGFNVCUgEuFxNvTqydrS0dKSMB8GA1UdIwQY
MBaAFGerqa+jfZvOQH/iPHkZiS2dnAk5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjZ1cHI2TjltODVBZi1JOGVSbUpMWjJjQ1RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi84ZjUwYWEtNTQ1Ni00MTU5LTg4NDAt
YjAxZDhmMjk1YzE5LzEvWVQwNFlVMVVKU0FTNFhFMjlPckoydExSMHBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi84ZjUwYWEtNTQ1Ni00MTU5LTg4NDAtYjAxZDhmMjk1YzE5
LzEvWjZ1cHI2TjltODVBZi1JOGVSbUpMWjJjQ1RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfACg
MA0GCSqGSIb3DQEBCwUAA4IBAQAvBLdTXaH23m5mTCS3UJblPuCtTPsmtobLGuhi
FmYkd+Nw5KNPrs6VSeczTe5lhMPdgh37P/+7dSAkUmLi6elGsMhpB/uwuZ6piK7K
mP6kHYnmoef9FIs9sO9bRDdznLFLelLYiS73Hk3zDnpbamHGDk5f5XFVo0z+ko14
gaUqRLjApXLdOh7y4fYb/EFfC61ccQ5ty/FAUzw7uDv5DNC4L1ROw8phMNWICnbG
KTjTi0rA7+kWyUVqKMXM9nW/wfdfpvCHbDzuHem2cu4hmQY1MkABY8aoCapr8PWO
C+7/LbvyqPW7VeYdqrUXFuZT3zuvEpbLz043XTMgmhgoDwHd
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:30:25 2025 by rpki-client