Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/YzOSpRXAdx2U1oODVVAF6umAyUc.roa
File: YzOSpRXAdx2U1oODVVAF6umAyUc.roa (raw, json)
Hash identifier: LRAH+A9wEAwTyOivW3181XXDhlluJLS9xqhsGRzFVI4=
Subject key identifier: 63:33:92:A5:15:C0:77:1D:94:D6:83:83:55:50:05:EA:E9:80:C9:47
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 01942369F17372F078FC7850758B6D5E34F1
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/YzOSpRXAdx2U1oODVVAF6umAyUc.roa
Signing time: Wed 01 Jan 2025 19:48:53 +0000
ROA not before: Wed 01 Jan 2025 19:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214579
IP address blocks: 2a0f:7802:d000::/40 maxlen: 48
Validation: Failed, certificate revoked on Sat 11 Jan 2025 14:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:f1:73:72:f0:78:fc:78:50:75:8b:6d:5e:34:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jan 1 19:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=633392a515c0771d94d68383555005eae980c947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a9:5d:b3:a2:a1:c2:c8:5f:64:c0:5f:14:29:
75:8c:7f:9d:08:41:7b:a7:e1:e0:b3:f9:00:11:6a:
71:19:e0:63:bd:ee:62:a3:7b:b5:c3:4c:75:4e:b4:
3f:2c:90:a3:fb:8d:e7:78:ee:50:84:7f:36:4f:2f:
69:08:3f:cc:85:98:3c:ae:4c:e8:90:dc:fd:75:f4:
28:56:52:3a:2a:e1:b3:c2:a7:03:77:53:bf:a6:f1:
d8:d3:55:66:98:6f:9f:7c:14:bc:69:73:0c:b1:15:
81:3c:68:e2:7a:ba:a3:a2:a0:7f:cd:62:13:52:38:
78:0a:99:14:50:88:74:d8:d8:a0:b5:b3:b3:13:6c:
64:15:65:5f:91:dc:c8:fa:ac:12:0b:81:e5:ef:f1:
4e:b1:09:52:e2:f3:dc:b4:fc:7e:ab:49:43:ae:90:
70:c4:26:da:f5:4a:e7:89:d0:97:51:13:e8:b3:da:
49:45:c7:24:46:ba:1b:60:5f:aa:25:fe:4e:18:7a:
f2:6c:f8:5b:45:11:28:f5:d3:23:13:9d:ec:eb:fe:
8e:9a:22:8a:f6:ed:da:d7:56:49:25:1e:77:aa:b3:
e2:c9:77:45:3b:4f:0f:8d:2b:16:af:f1:7d:4f:8c:
04:47:59:09:7d:ac:83:07:b4:e2:3a:24:21:60:88:
07:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:33:92:A5:15:C0:77:1D:94:D6:83:83:55:50:05:EA:E9:80:C9:47
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/YzOSpRXAdx2U1oODVVAF6umAyUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7802:d000::/40
Signature Algorithm: sha256WithRSAEncryption
39:d5:00:52:7c:6e:6a:8e:c4:09:43:3b:a9:2c:b0:8b:43:b2:
ca:b8:fe:ae:1f:b7:bd:fa:03:06:68:91:14:fc:d6:68:9a:3b:
5c:db:ed:75:90:cb:76:84:00:69:65:19:29:50:1e:b5:b7:7e:
cd:da:fa:bd:28:82:57:3a:5d:ee:c4:9f:24:cc:d3:2f:24:40:
53:4f:ae:5e:76:9c:32:21:6e:81:5a:ce:3f:27:cc:5c:94:6a:
c7:c3:fe:f0:b8:27:b1:b4:3e:cf:f1:3c:f1:5a:56:2b:5f:65:
dd:ec:9a:bc:58:06:d8:78:fd:37:ba:97:d8:1f:e8:99:9b:4d:
25:81:fa:ef:a3:43:07:29:95:0b:69:8f:fa:ca:53:d0:db:17:
83:88:03:62:fe:7c:ca:12:2c:6c:60:f0:0c:0f:1d:84:b6:ed:
2e:6d:6f:55:a3:60:79:29:6b:06:59:1c:dd:12:b4:fb:1d:a0:
5a:45:95:d4:0c:69:ba:4e:49:a0:77:18:a1:55:e4:ba:4c:7d:
22:31:15:ff:fc:06:68:98:72:f8:83:61:bb:0d:37:3d:64:21:
3f:e9:ed:52:d8:f7:e4:4f:be:70:f5:13:72:01:d8:2f:20:b6:
b2:f0:be:e1:b7:a8:63:81:35:ad:10:3a:4e:0d:d7:bc:44:d5:
46:0d:4b:c7
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQjafFzcvB4/HhQdYttXjTxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjUwMTAxMTk0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzMzOTJhNTE1YzA3NzFkOTRkNjgzODM1NTUwMDVlYWU5ODBjOTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqlds6KhwshfZMBfFCl1jH+dCEF7
p+Hgs/kAEWpxGeBjve5io3u1w0x1TrQ/LJCj+43neO5QhH82Ty9pCD/MhZg8rkzo
kNz9dfQoVlI6KuGzwqcDd1O/pvHY01VmmG+ffBS8aXMMsRWBPGjierqjoqB/zWIT
Ujh4CpkUUIh02NigtbOzE2xkFWVfkdzI+qwSC4Hl7/FOsQlS4vPctPx+q0lDrpBw
xCba9UrnidCXURPos9pJRcckRrobYF+qJf5OGHrybPhbRREo9dMjE53s6/6OmiKK
9u3a11ZJJR53qrPiyXdFO08PjSsWr/F9T4wER1kJfayDB7TiOiQhYIgHxwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGMzkqUVwHcdlNaDg1VQBerpgMlHMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvWXpPU3BSWEFkeDJVMW9PRFZWQUY2dW1BeVVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg94AtAw
DQYJKoZIhvcNAQELBQADggEBADnVAFJ8bmqOxAlDO6kssItDssq4/q4ft736AwZo
kRT81miaO1zb7XWQy3aEAGllGSlQHrW3fs3a+r0oglc6Xe7EnyTM0y8kQFNPrl52
nDIhboFazj8nzFyUasfD/vC4J7G0Ps/xPPFaVitfZd3smrxYBth4/Te6l9gf6Jmb
TSWB+u+jQwcplQtpj/rKU9DbF4OIA2L+fMoSLGxg8AwPHYS27S5tb1WjYHkpawZZ
HN0StPsdoFpFldQMabpOSaB3GKFV5LpMfSIxFf/8BmiYcviDYbsNNz1kIT/p7VLY
9+RPvnD1E3IB2C8gtrLwvuG3qGOBNa0QOk4N17xE1UYNS8c=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:25 2025 by rpki-client