Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/Y-HUWt2K53b5NQIyPkOh4PG_T3k.roa
File: Y-HUWt2K53b5NQIyPkOh4PG_T3k.roa (raw, json)
Hash identifier: tCCJ3QvO5d+Kbcg4lyzNE4xAa1YsUJghSGksJzCEDjM=
Subject key identifier: 63:E1:D4:5A:DD:8A:E7:76:F9:35:02:32:3E:43:A1:E0:F1:BF:4F:79
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 0191BDA304043F6DF7E7A8C946B14A1C9784
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/Y-HUWt2K53b5NQIyPkOh4PG_T3k.roa
Signing time: Wed 04 Sep 2024 15:24:22 +0000
ROA not before: Wed 04 Sep 2024 15:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214610
IP address blocks: 2a0f:7803:f840::/44 maxlen: 48
2a0f:7803:f860::/44 maxlen: 48
2a0f:7803:f8b0::/44 maxlen: 48
2a0f:7803:f970::/44 maxlen: 48
Validation: Failed, certificate revoked on Fri 13 Sep 2024 19:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bd:a3:04:04:3f:6d:f7:e7:a8:c9:46:b1:4a:1c:97:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Sep 4 15:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63e1d45add8ae776f93502323e43a1e0f1bf4f79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:3e:31:e1:7f:84:c7:0b:42:37:9d:5c:49:ab:
66:32:ab:70:d6:2d:1b:c3:05:e7:36:3a:60:14:6b:
32:0f:d7:50:50:b1:27:00:e4:68:bc:07:22:96:49:
9e:86:c2:51:ca:34:bb:2c:c3:fe:25:9f:aa:ac:a8:
2a:eb:e8:56:34:e0:b1:fb:4b:63:a1:7d:ce:b1:05:
00:92:eb:46:95:e1:54:12:c7:36:a2:77:1a:71:7a:
a4:d2:77:60:50:19:e9:b5:13:72:10:d6:d9:c2:3b:
42:cf:cf:cc:ac:38:cb:bc:de:b6:2d:0f:b4:c5:89:
f7:bd:80:77:ab:64:66:d9:6b:1f:e8:2d:b0:25:e8:
58:65:74:87:44:d9:9b:bd:70:dd:9a:c8:e1:ab:32:
1d:3b:2c:03:86:82:21:09:66:85:4f:15:97:c3:2f:
fe:3f:f3:f2:f3:27:96:24:ad:7a:c6:0d:7c:e2:c2:
69:a5:01:88:64:4e:98:4a:3a:8f:32:b9:e8:8e:94:
3b:7a:b0:15:2f:74:18:a5:39:cb:74:8e:94:a2:d6:
a5:d4:1c:ac:e8:99:ba:77:ed:a3:7e:9f:fd:ac:c1:
8a:68:0f:30:ec:9d:d2:16:e9:79:5b:b1:d5:1d:42:
a8:c2:82:98:e8:59:c9:c2:25:16:30:0a:7f:d9:10:
1b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:E1:D4:5A:DD:8A:E7:76:F9:35:02:32:3E:43:A1:E0:F1:BF:4F:79
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/Y-HUWt2K53b5NQIyPkOh4PG_T3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:f840::/44
2a0f:7803:f860::/44
2a0f:7803:f8b0::/44
2a0f:7803:f970::/44
Signature Algorithm: sha256WithRSAEncryption
19:db:dd:71:67:fc:77:ae:b2:f9:8a:34:9b:02:82:e3:42:14:
a5:03:b4:19:ca:4b:8d:5f:8b:c1:a7:46:17:d3:20:6c:86:5b:
76:d5:e8:d2:ca:05:2e:6a:b8:bd:96:bf:85:5d:0d:9b:5c:4d:
e4:ae:d3:ed:c5:cc:a6:47:2c:14:8a:b1:e1:af:e6:3f:a2:f1:
da:4b:a6:ed:c6:33:ef:a4:b8:b3:f8:44:e3:63:13:57:7d:14:
ec:03:66:59:42:66:5b:09:94:49:62:9c:3c:33:fe:17:bb:b8:
60:6c:15:d6:7b:39:95:d2:22:05:81:fa:28:09:1a:26:f3:40:
e9:fc:fb:b4:80:ad:83:d0:81:89:ba:c1:85:89:45:3d:c9:62:
96:1c:aa:6d:33:fc:cc:4d:8a:a6:89:c6:2c:cd:67:99:28:ab:
e0:78:df:17:79:7e:59:42:d7:2e:e3:bd:d2:44:4d:75:33:f2:
68:da:11:99:5b:0a:56:74:1b:b0:57:84:95:b4:19:14:af:1b:
dd:a0:6d:5d:04:94:91:4b:62:26:d0:2b:fe:13:80:31:07:07:
91:24:6f:fa:03:a8:bd:20:73:4b:bc:ac:b6:50:f0:bf:d8:7d:
9f:ae:e6:0a:9f:ee:01:f0:38:7f:7b:4d:d2:89:f2:60:fd:89:
9a:dd:b7:56
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZG9owQEP23356jJRrFKHJeEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjQwOTA0MTUyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2UxZDQ1YWRkOGFlNzc2ZjkzNTAyMzIzZTQzYTFlMGYxYmY0Zjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7z4x4X+ExwtCN51cSatmMqtw1i0b
wwXnNjpgFGsyD9dQULEnAORovAcilkmehsJRyjS7LMP+JZ+qrKgq6+hWNOCx+0tj
oX3OsQUAkutGleFUEsc2oncacXqk0ndgUBnptRNyENbZwjtCz8/MrDjLvN62LQ+0
xYn3vYB3q2Rm2Wsf6C2wJehYZXSHRNmbvXDdmsjhqzIdOywDhoIhCWaFTxWXwy/+
P/Py8yeWJK16xg184sJppQGIZE6YSjqPMrnojpQ7erAVL3QYpTnLdI6Uotal1Bys
6Jm6d+2jfp/9rMGKaA8w7J3SFul5W7HVHUKowoKY6FnJwiUWMAp/2RAbgQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGPh1Frdiud2+TUCMj5DoeDxv095MB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvWS1IVVd0Mks1M2I1TlFJeVBrT2g0UEdfVDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKg94A/hA
AwcEKg94A/hgAwcEKg94A/iwAwcEKg94A/lwMA0GCSqGSIb3DQEBCwUAA4IBAQAZ
291xZ/x3rrL5ijSbAoLjQhSlA7QZykuNX4vBp0YX0yBshlt21ejSygUuari9lr+F
XQ2bXE3krtPtxcymRywUirHhr+Y/ovHaS6btxjPvpLiz+ETjYxNXfRTsA2ZZQmZb
CZRJYpw8M/4Xu7hgbBXWezmV0iIFgfooCRom80Dp/Pu0gK2D0IGJusGFiUU9yWKW
HKptM/zMTYqmicYszWeZKKvgeN8XeX5ZQtcu473SRE11M/Jo2hGZWwpWdBuwV4SV
tBkUrxvdoG1dBJSRS2Im0Cv+E4AxBweRJG/6A6i9IHNLvKy2UPC/2H2fruYKn+4B
8Dh/e03SifJg/Yma3bdW
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:08 2025 by rpki-client