Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/Yl0YOAGV8mrtvOF3wdOwtjNTnfE.roa
File: Yl0YOAGV8mrtvOF3wdOwtjNTnfE.roa (raw, json)
Hash identifier: 8kwqjUrNFOT8vxTaTRolzJibIB4UfENQQvbodXUfqC4=
Subject key identifier: 62:5D:18:38:01:95:F2:6A:ED:BC:E1:77:C1:D3:B0:B6:33:53:9D:F1
Certificate issuer: /CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Certificate serial: 0194274727C5E7E438CAD80D2DFA1DE871F1
Authority key identifier: 1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/Yl0YOAGV8mrtvOF3wdOwtjNTnfE.roa
Signing time: Thu 02 Jan 2025 13:49:22 +0000
ROA not before: Thu 02 Jan 2025 13:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216054
IP address blocks: 2a14:4f80::/29 maxlen: 39
Validation: Failed, certificate revoked on Fri 31 Jan 2025 18:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:27:c5:e7:e4:38:ca:d8:0d:2d:fa:1d:e8:71:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Validity
Not Before: Jan 2 13:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=625d18380195f26aedbce177c1d3b0b633539df1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2d:96:06:66:a2:97:41:bb:0e:bc:53:28:e6:
6e:87:73:74:7c:d9:45:01:cb:35:d1:46:c7:88:0e:
04:2b:c3:7b:af:8f:d6:22:37:7e:ca:4d:ee:78:6a:
de:12:3c:5c:7d:66:67:18:23:e4:87:49:1f:60:c3:
79:88:e1:5e:f5:9d:4e:1e:55:5a:5a:10:1e:37:23:
7e:bb:41:51:28:e6:9b:af:85:75:bb:11:0e:68:92:
b0:f1:c3:91:f8:a9:c0:9e:15:ad:33:3d:37:c0:fa:
61:e5:45:b9:38:13:65:38:c8:1c:7e:fc:72:14:6d:
6d:14:e1:45:d1:e4:ad:c9:ae:83:c4:d3:a5:f1:1c:
d8:dc:d2:72:58:b8:24:01:f3:2f:12:a1:c4:14:e2:
31:be:dd:eb:52:af:2c:10:67:94:0b:bc:89:42:fe:
df:61:3e:f4:f4:98:af:7d:80:3e:41:d6:9a:60:f9:
f0:0a:56:b5:00:0e:53:72:9c:ac:a0:45:16:6f:25:
5e:8c:ae:64:bc:07:38:da:c9:00:e2:d7:7f:14:ad:
c8:8e:b8:e0:e0:f5:89:83:d7:43:0d:06:5a:c5:a2:
5d:a0:98:e6:45:91:ba:9f:c2:16:7f:cd:66:e1:29:
85:d1:69:b4:ba:48:4b:2e:0b:89:46:2e:6d:55:d3:
1a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:5D:18:38:01:95:F2:6A:ED:BC:E1:77:C1:D3:B0:B6:33:53:9D:F1
X509v3 Authority Key Identifier:
keyid:1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/Yl0YOAGV8mrtvOF3wdOwtjNTnfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:4f80::/29
Signature Algorithm: sha256WithRSAEncryption
6f:00:d2:57:d6:d9:35:87:56:28:c1:ff:32:b5:c4:06:39:12:
0d:33:7f:c1:75:49:81:22:6a:83:0d:89:ae:14:63:08:12:ba:
04:ea:d2:32:f6:b3:b5:66:95:ba:b7:70:bc:77:b1:dc:39:cc:
93:02:64:20:8e:71:df:fc:a4:2d:b2:11:e2:f7:c5:7c:98:a0:
f1:63:78:bf:6e:49:9a:aa:3d:2a:ec:d7:83:77:2a:9e:57:5f:
99:25:9d:03:51:40:ee:ac:93:a4:8a:52:5a:67:09:96:c1:db:
30:94:1b:5b:70:41:4d:de:83:e6:aa:95:ab:21:fc:0c:5c:c5:
08:19:51:e4:cc:7c:31:21:a7:b1:ab:05:09:e2:b6:05:09:d6:
1c:0d:0d:d3:ce:98:4f:2e:05:c8:96:49:9f:58:cc:9f:7e:c6:
a7:a0:93:5f:d9:cc:37:7b:4b:50:2b:41:43:9c:57:fe:65:a8:
2f:5d:8e:4f:e6:90:f7:7f:9c:fb:4f:9e:31:6f:82:68:e3:85:
b5:27:ea:fb:c6:2e:42:8b:68:2d:62:7a:91:bf:28:b3:e1:62:
44:08:37:af:61:7d:0e:72:71:73:9b:6c:67:55:62:a3:96:bd:
51:50:0b:6d:a2:4c:21:b2:e1:52:f5:86:04:81:fa:e9:c7:81:
85:d0:ca:55
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQnRyfF5+Q4ytgNLfod6HHxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDA4NzVjZDAwNTFkMGMwOTI1YWNhMDQxMDM0ZTc4NDBh
Njc3MGIwHhcNMjUwMTAyMTM0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjVkMTgzODAxOTVmMjZhZWRiY2UxNzdjMWQzYjBiNjMzNTM5ZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAny2WBmail0G7DrxTKOZuh3N0fNlF
Acs10UbHiA4EK8N7r4/WIjd+yk3ueGreEjxcfWZnGCPkh0kfYMN5iOFe9Z1OHlVa
WhAeNyN+u0FRKOabr4V1uxEOaJKw8cOR+KnAnhWtMz03wPph5UW5OBNlOMgcfvxy
FG1tFOFF0eStya6DxNOl8RzY3NJyWLgkAfMvEqHEFOIxvt3rUq8sEGeUC7yJQv7f
YT709JivfYA+QdaaYPnwCla1AA5TcpysoEUWbyVejK5kvAc42skA4td/FK3Ijrjg
4PWJg9dDDQZaxaJdoJjmRZG6n8IWf81m4SmF0Wm0ukhLLguJRi5tVdMaYQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGJdGDgBlfJq7bzhd8HTsLYzU53xMB8GA1UdIwQY
MBaAFB/Qh1zQBR0MCSWsoEEDTnhApncLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMt
ZTA4MDJmNDc0NDQ0LzEvWWwwWU9BR1Y4bXJ0dk9GM3dkT3d0ak5UbmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMtZTA4MDJmNDc0NDQ0
LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhRPgDAN
BgkqhkiG9w0BAQsFAAOCAQEAbwDSV9bZNYdWKMH/MrXEBjkSDTN/wXVJgSJqgw2J
rhRjCBK6BOrSMvaztWaVurdwvHex3DnMkwJkII5x3/ykLbIR4vfFfJig8WN4v25J
mqo9KuzXg3cqnldfmSWdA1FA7qyTpIpSWmcJlsHbMJQbW3BBTd6D5qqVqyH8DFzF
CBlR5Mx8MSGnsasFCeK2BQnWHA0N086YTy4FyJZJn1jMn37Gp6CTX9nMN3tLUCtB
Q5xX/mWoL12OT+aQ93+c+0+eMW+CaOOFtSfq+8YuQotoLWJ6kb8os+FiRAg3r2F9
DnJxc5tsZ1Vio5a9UVALbaJMIbLhUvWGBIH66ceBhdDKVQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:36:47 2025 by rpki-client