Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/YC8wEPYB4gUR24rfoAmakALtS54.roa
File: YC8wEPYB4gUR24rfoAmakALtS54.roa (raw, json)
Hash identifier: Rf3YSbiFLsHycrAxSM/P1oIG3rCEF9RoaHLyWdVW7Uk=
Subject key identifier: 60:2F:30:10:F6:01:E2:05:11:DB:8A:DF:A0:09:9A:90:02:ED:4B:9E
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019643D98324C4BAC9574FC8A8305EF17A64
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/YC8wEPYB4gUR24rfoAmakALtS54.roa
Signing time: Thu 17 Apr 2025 13:04:10 +0000
ROA not before: Thu 17 Apr 2025 13:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:43d9:73d7/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 17 Apr 2025 13:15:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:43:d9:83:24:c4:ba:c9:57:4f:c8:a8:30:5e:f1:7a:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 17 13:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=602f3010f601e20511db8adfa0099a9002ed4b9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cc:0a:dd:70:ff:24:35:c2:7e:28:03:28:10:
d1:5f:2c:34:90:a1:31:85:b0:7d:f7:7e:82:dc:44:
14:9a:d6:9f:f1:7f:9f:cb:1a:36:94:2f:a3:bc:6d:
71:ac:c7:5e:89:8f:fb:56:ad:2a:47:e3:68:ff:f8:
d9:47:fe:46:cd:69:0c:ad:04:a9:69:7d:0a:59:7b:
d2:06:ef:28:89:35:8d:e4:60:c8:c3:af:84:d6:28:
8b:a8:35:b6:88:f7:68:1f:45:d2:48:80:35:42:8f:
2f:db:c0:39:40:d4:72:02:bb:a3:55:5e:37:96:3f:
17:4c:08:a1:93:a0:95:4c:02:27:5b:6c:c4:be:50:
62:7e:28:5d:f7:64:38:71:12:c8:28:d9:b7:93:bf:
12:7d:d8:c8:a6:2d:f8:6f:8c:cd:73:bd:25:0f:63:
ad:7f:f3:dc:a9:6c:24:59:ad:71:54:ae:ad:38:0e:
a2:bf:3a:96:39:90:ab:82:85:08:c1:b5:df:03:90:
2d:e6:d0:9a:5f:2a:2b:80:80:f9:13:26:2c:70:b2:
ba:93:7b:db:78:3a:9a:db:4e:21:19:41:8a:2b:dd:
f6:a8:97:6c:74:df:d0:30:42:a9:e4:2c:f9:e6:98:
40:85:c0:bf:ce:75:4d:12:d6:40:05:5b:2a:3f:b9:
bf:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:2F:30:10:F6:01:E2:05:11:DB:8A:DF:A0:09:9A:90:02:ED:4B:9E
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/YC8wEPYB4gUR24rfoAmakALtS54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:43d9:73d7/128
Signature Algorithm: sha256WithRSAEncryption
b6:11:f3:19:f5:0d:fa:a4:dd:ae:14:6b:24:82:97:1c:c1:9e:
11:a0:06:a5:b1:5d:0b:4a:06:a3:ce:fb:f3:9b:83:7f:14:47:
e7:59:f5:7a:a9:f6:5f:d9:4b:93:e5:e3:72:a4:7d:a4:a8:a7:
1b:89:49:2f:91:c3:73:1b:69:66:b3:88:2a:06:f7:d7:d4:3e:
7c:d1:65:35:90:2e:78:14:cb:b0:c4:b3:33:84:4f:03:9b:80:
6c:1f:7e:a8:d5:47:4f:d3:ea:2e:a2:12:05:56:0f:61:bf:9d:
8f:9f:99:48:77:84:4e:35:43:d8:be:8a:c7:87:dd:45:ba:50:
8d:80:a1:f5:0d:50:24:84:b6:7f:4a:19:af:c7:ae:78:e7:ea:
58:f7:cb:b3:1f:9e:8b:92:90:42:86:40:8a:7b:12:43:62:9b:
f3:7d:43:87:6b:46:cb:d2:71:14:cb:6e:7a:a2:7b:bb:30:b2:
54:96:a6:22:51:18:c8:04:c1:91:a7:b7:16:15:c5:ac:a5:ee:
17:94:d9:9a:35:f5:fb:5d:b7:fe:1c:b2:53:1c:67:eb:56:d7:
fd:88:50:59:7c:c4:a7:c5:83:f3:c3:fe:dd:f1:8f:88:6f:40:
cd:a9:67:22:4a:7b:f8:7a:39:0a:87:a8:43:31:a3:4f:69:23:
1e:6b:97:19
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZZD2YMkxLrJV0/IqDBe8XpkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDE3MTMwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDJmMzAxMGY2MDFlMjA1MTFkYjhhZGZhMDA5OWE5MDAyZWQ0YjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvswK3XD/JDXCfigDKBDRXyw0kKEx
hbB9936C3EQUmtaf8X+fyxo2lC+jvG1xrMdeiY/7Vq0qR+No//jZR/5GzWkMrQSp
aX0KWXvSBu8oiTWN5GDIw6+E1iiLqDW2iPdoH0XSSIA1Qo8v28A5QNRyArujVV43
lj8XTAihk6CVTAInW2zEvlBifihd92Q4cRLIKNm3k78SfdjIpi34b4zNc70lD2Ot
f/PcqWwkWa1xVK6tOA6ivzqWOZCrgoUIwbXfA5At5tCaXyorgID5EyYscLK6k3vb
eDqa204hGUGKK932qJdsdN/QMEKp5Cz55phAhcC/znVNEtZABVsqP7m/BQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGAvMBD2AeIFEduK36AJmpAC7UueMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvWUM4d0VQWUI0Z1VSMjRyZm9BbWFrQUx0UzU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWQ9lz1zANBgkqhkiG9w0BAQsFAAOCAQEAthHzGfUN+qTdrhRrJIKXHMGe
EaAGpbFdC0oGo87785uDfxRH51n1eqn2X9lLk+XjcqR9pKinG4lJL5HDcxtpZrOI
Kgb319Q+fNFlNZAueBTLsMSzM4RPA5uAbB9+qNVHT9PqLqISBVYPYb+dj5+ZSHeE
TjVD2L6Kx4fdRbpQjYCh9Q1QJIS2f0oZr8eueOfqWPfLsx+ei5KQQoZAinsSQ2Kb
831Dh2tGy9JxFMtueqJ7uzCyVJamIlEYyATBkae3FhXFrKXuF5TZmjX1+123/hyy
Uxxn61bX/YhQWXzEp8WD88P+3fGPiG9AzalnIkp7+Ho5CoeoQzGjT2kjHmuXGQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 21:36:00 2025 by rpki-client