Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/yqNZBbIk8WTjdmi1hBh7RvfZnwI.roa
File: yqNZBbIk8WTjdmi1hBh7RvfZnwI.roa (raw, json)
Hash identifier: 1F4nJx/yzQ1WeNkvXgwe2qSHvAo5kqwig0+13edT2qE=
Subject key identifier: CA:A3:59:05:B2:24:F1:64:E3:76:68:B5:84:18:7B:46:F7:D9:9F:02
Certificate issuer: /CN=7021d7528be713a4ba2cb4db5e58d64d882eb555
Certificate serial: 019097C64EF010B4248B9ED9D756146BE227
Authority key identifier: 70:21:D7:52:8B:E7:13:A4:BA:2C:B4:DB:5E:58:D6:4D:88:2E:B5:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cCHXUovnE6S6LLTbXljWTYgutVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/yqNZBbIk8WTjdmi1hBh7RvfZnwI.roa
Signing time: Tue 09 Jul 2024 13:54:34 +0000
ROA not before: Tue 09 Jul 2024 13:54:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50225
IP address blocks: 2a0f:bf02::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 01 Aug 2024 07:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:97:c6:4e:f0:10:b4:24:8b:9e:d9:d7:56:14:6b:e2:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7021d7528be713a4ba2cb4db5e58d64d882eb555
Validity
Not Before: Jul 9 13:54:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caa35905b224f164e37668b584187b46f7d99f02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:46:68:43:56:52:db:a3:fe:ba:a1:9f:d1:c3:
27:d0:9f:5a:f1:74:fd:eb:60:06:f5:7f:f6:80:26:
d9:88:b9:59:79:fa:d6:8a:06:b0:67:56:0a:d3:be:
5c:a8:9c:07:af:b6:29:b3:1e:2b:9b:6a:21:f6:ac:
48:8e:ad:34:82:15:a0:08:a2:88:a2:00:e5:c2:ee:
f0:17:3b:21:a7:46:71:97:3f:66:bf:c2:f9:06:3f:
24:d8:cc:12:a2:fd:3f:53:50:c2:17:2c:71:41:3b:
d7:9a:2d:55:c0:a8:af:c7:38:8b:8c:28:90:3f:ca:
69:4f:3b:01:11:87:f4:71:80:b6:47:d1:42:7e:9f:
14:75:f6:61:7a:79:d6:27:78:da:7c:0a:57:57:40:
e7:c7:19:e9:1a:5b:74:8d:e7:28:28:61:0f:a1:01:
bd:34:76:1d:b5:90:dd:43:1c:86:c1:1a:77:7a:1b:
29:b6:f7:f0:d9:ad:ad:77:3e:2d:95:39:71:c0:3c:
9f:d9:57:15:d7:ba:55:81:81:0a:e7:24:75:1e:b9:
38:ef:a3:42:83:16:f5:c3:4a:62:75:da:f4:68:d9:
2a:0a:ba:b7:75:31:37:85:05:18:00:a1:da:38:5d:
a0:96:e8:64:34:0a:07:fa:8c:bd:fe:7e:0a:d4:ef:
93:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:A3:59:05:B2:24:F1:64:E3:76:68:B5:84:18:7B:46:F7:D9:9F:02
X509v3 Authority Key Identifier:
keyid:70:21:D7:52:8B:E7:13:A4:BA:2C:B4:DB:5E:58:D6:4D:88:2E:B5:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cCHXUovnE6S6LLTbXljWTYgutVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/yqNZBbIk8WTjdmi1hBh7RvfZnwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/cCHXUovnE6S6LLTbXljWTYgutVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:bf02::/32
Signature Algorithm: sha256WithRSAEncryption
96:72:c5:3d:88:15:2a:9f:9b:ea:1a:01:95:7e:1a:cf:f5:af:
f0:e5:24:3b:93:9b:5f:62:26:bb:28:f9:bb:23:4b:2a:df:ac:
cd:e1:0a:31:0a:8a:de:54:b6:f9:a0:70:c5:fb:50:61:7c:20:
42:36:76:45:d8:32:e9:db:2e:f0:7d:66:0d:f2:04:c6:ac:8b:
18:49:86:b9:25:70:ef:a5:22:27:a9:c4:ec:75:7f:64:6a:ef:
e3:b5:be:72:b3:9c:ad:21:84:31:18:96:1c:0c:ca:c8:1b:90:
ef:a2:a6:03:89:76:d9:88:bb:c3:33:eb:9d:6e:cc:bb:1c:68:
12:ef:3f:9b:c3:74:04:80:f3:ac:42:18:c0:4d:27:c6:d6:a8:
52:b2:18:8e:62:94:ef:97:4d:6b:2d:06:1f:b1:42:db:e4:43:
4b:63:79:42:b9:d6:c5:19:e5:e3:21:3e:ec:05:4f:49:f3:a6:
3e:99:cd:9b:b6:15:e5:94:1d:b0:e0:5f:f7:9e:be:6a:5f:89:
78:e1:a5:f8:fd:cc:0c:82:0a:5c:05:09:c6:70:35:5f:c8:5e:
26:03:38:51:ce:20:7f:f7:b0:5f:dc:ff:e7:d7:5c:52:42:75:
a7:69:49:dc:b4:b8:06:f3:5a:28:c3:91:3c:3c:ad:d5:3b:15:
14:bb:cf:99
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZCXxk7wELQki57Z11YUa+InMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMjFkNzUyOGJlNzEzYTRiYTJjYjRkYjVlNThkNjRkODgy
ZWI1NTUwHhcNMjQwNzA5MTM1NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWEzNTkwNWIyMjRmMTY0ZTM3NjY4YjU4NDE4N2I0NmY3ZDk5ZjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEZoQ1ZS26P+uqGf0cMn0J9a8XT9
62AG9X/2gCbZiLlZefrWigawZ1YK075cqJwHr7Ypsx4rm2oh9qxIjq00ghWgCKKI
ogDlwu7wFzshp0Zxlz9mv8L5Bj8k2MwSov0/U1DCFyxxQTvXmi1VwKivxziLjCiQ
P8ppTzsBEYf0cYC2R9FCfp8UdfZhennWJ3jafApXV0DnxxnpGlt0jecoKGEPoQG9
NHYdtZDdQxyGwRp3ehsptvfw2a2tdz4tlTlxwDyf2VcV17pVgYEK5yR1Hrk476NC
gxb1w0piddr0aNkqCrq3dTE3hQUYAKHaOF2gluhkNAoH+oy9/n4K1O+TqQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMqjWQWyJPFk43ZotYQYe0b32Z8CMB8GA1UdIwQY
MBaAFHAh11KL5xOkuiy0215Y1k2ILrVVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0NIWFVvdm5FNlM2TExUYlhsaldUWWd1dFZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8wMWIwYzAtMWI4Ny00ZDZmLTllOTAt
OTI4MWYwZDIzZGJmLzEveXFOWkJiSWs4V1RqZG1pMWhCaDdSdmZabndJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8wMWIwYzAtMWI4Ny00ZDZmLTllOTAtOTI4MWYwZDIzZGJm
LzEvY0NIWFVvdm5FNlM2TExUYlhsaldUWWd1dFZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg+/AjAN
BgkqhkiG9w0BAQsFAAOCAQEAlnLFPYgVKp+b6hoBlX4az/Wv8OUkO5ObX2Imuyj5
uyNLKt+szeEKMQqK3lS2+aBwxftQYXwgQjZ2Rdgy6dsu8H1mDfIExqyLGEmGuSVw
76UiJ6nE7HV/ZGrv47W+crOcrSGEMRiWHAzKyBuQ76KmA4l22Yi7wzPrnW7Muxxo
Eu8/m8N0BIDzrEIYwE0nxtaoUrIYjmKU75dNay0GH7FC2+RDS2N5QrnWxRnl4yE+
7AVPSfOmPpnNm7YV5ZQdsOBf956+al+JeOGl+P3MDIIKXAUJxnA1X8heJgM4Uc4g
f/ewX9z/59dcUkJ1p2lJ3LS4BvNaKMORPDyt1TsVFLvPmQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:57 2025 by rpki-client