Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/ycfz_HiANs2smIpzP_kOnl2h32k.roa
File: ycfz_HiANs2smIpzP_kOnl2h32k.roa (raw, json)
Hash identifier: VcpwhqN4AAmmaGkmnS0brT+SGM7+8mmCakrDVBIBCw8=
Subject key identifier: C9:C7:F3:FC:78:80:36:CD:AC:98:8A:73:3F:F9:0E:9E:5D:A1:DF:69
Certificate issuer: /CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Certificate serial: 01856D540CA5C2297CB6064EED03B55C7980
Authority key identifier: 60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/ycfz_HiANs2smIpzP_kOnl2h32k.roa
Signing time: Sun 01 Jan 2023 12:35:02 +0000
ROA not before: Sun 01 Jan 2023 12:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132316
IP address blocks: 31.25.11.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:54:0c:a5:c2:29:7c:b6:06:4e:ed:03:b5:5c:79:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Validity
Not Before: Jan 1 12:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9c7f3fc788036cdac988a733ff90e9e5da1df69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b2:70:90:62:63:c6:1b:1a:0c:eb:ea:2a:1d:
fa:d1:eb:48:90:1c:62:a6:65:87:88:61:90:6e:44:
b2:2f:e8:1b:f1:bd:fc:67:43:ca:6f:3f:d9:72:04:
33:96:84:50:4b:a6:b3:36:89:b1:91:e7:69:f1:a3:
5b:de:75:b5:ba:57:6d:79:60:b4:d2:84:64:44:0c:
2f:22:bd:8c:ce:69:57:21:b8:eb:13:37:eb:9a:20:
0f:0c:b9:a4:92:9d:6c:31:9d:28:a8:27:d8:8b:3c:
47:ca:e2:c6:2b:a3:56:5d:7b:fd:6e:45:9a:ba:cc:
88:3d:4b:83:dd:2c:5a:0e:1b:1d:cc:c5:2c:fe:28:
cc:1d:5f:40:78:eb:0d:67:08:1b:40:57:da:c1:aa:
d3:6d:2f:40:00:0a:7e:d1:de:d0:33:75:7d:8f:e4:
c7:17:3c:53:28:b0:a9:7f:7b:35:be:8e:62:29:85:
23:2f:45:e1:36:e0:9e:43:01:c2:be:22:3d:12:3c:
30:d1:26:bf:25:6b:1a:fa:c9:34:da:f3:52:1e:55:
a5:0f:39:24:0d:ff:cc:76:5e:b6:3f:55:2c:06:39:
8e:ce:ce:fe:5f:36:3f:c7:cd:b4:5a:1c:b6:ec:45:
42:77:32:b2:e7:da:f2:f4:9e:4f:59:dd:02:38:8f:
91:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:C7:F3:FC:78:80:36:CD:AC:98:8A:73:3F:F9:0E:9E:5D:A1:DF:69
X509v3 Authority Key Identifier:
keyid:60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/ycfz_HiANs2smIpzP_kOnl2h32k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.11.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:9f:bd:af:54:41:ec:b6:cc:e9:e5:de:be:f3:b3:a7:3c:fe:
56:20:15:92:1b:2b:be:e0:76:5a:8a:df:bf:70:75:bd:e1:b2:
9b:a0:34:b6:59:03:4c:2a:5a:8b:0c:e7:22:62:f4:f8:eb:5b:
be:74:62:9f:4c:bf:43:dc:9e:1e:45:37:60:be:1f:a1:eb:03:
df:14:7c:25:6e:01:4c:22:78:95:17:a5:cb:7c:b1:70:2c:f0:
71:a3:cc:78:36:59:79:1b:1f:1a:8b:ee:f7:c0:4d:73:60:f6:
74:b4:2b:be:22:8a:37:cd:96:5e:02:83:ad:bc:a1:d7:18:20:
6c:fb:34:41:73:2d:54:4a:57:15:57:a4:17:0c:91:a7:9a:b1:
22:9c:ec:d9:88:cf:82:4a:fd:42:59:1e:19:a2:6f:30:59:fc:
e3:58:14:e1:fc:38:5f:12:42:d7:f8:d6:50:d9:2e:97:3e:86:
41:fa:21:12:2e:8c:83:86:60:ff:48:ea:c4:52:9a:f0:dd:69:
6e:03:95:74:f6:19:fd:6d:a4:b5:b6:de:39:17:01:a4:ec:2d:
ae:43:0e:75:b9:0c:36:23:18:a5:50:60:cc:a7:08:03:35:03:
e6:35:0d:42:df:82:d0:49:00:a2:5d:40:cd:15:51:76:f9:67:
64:31:0b:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtVAylwil8tgZO7QO1XHmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTk4ZDNjOWQ4YmRjOWMxZGZmOGUzMTk0MjQ0MTJiNmNk
YzFkZDMwHhcNMjMwMTAxMTIzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWM3ZjNmYzc4ODAzNmNkYWM5ODhhNzMzZmY5MGU5ZTVkYTFkZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7JwkGJjxhsaDOvqKh360etIkBxi
pmWHiGGQbkSyL+gb8b38Z0PKbz/ZcgQzloRQS6azNomxkedp8aNb3nW1uldteWC0
0oRkRAwvIr2MzmlXIbjrEzfrmiAPDLmkkp1sMZ0oqCfYizxHyuLGK6NWXXv9bkWa
usyIPUuD3SxaDhsdzMUs/ijMHV9AeOsNZwgbQFfawarTbS9AAAp+0d7QM3V9j+TH
FzxTKLCpf3s1vo5iKYUjL0XhNuCeQwHCviI9Ejww0Sa/JWsa+sk02vNSHlWlDzkk
Df/Mdl62P1UsBjmOzs7+XzY/x820Why27EVCdzKy59ry9J5PWd0COI+RvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMnH8/x4gDbNrJiKcz/5Dp5dod9pMB8GA1UdIwQY
MBaAFGCZjTydi9ycHf+OMZQkQSts3B3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWIt
MGVhNGQ1MzFiNzkzLzEveWNmel9IaUFOczJzbUlwelBfa09ubDJoMzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWItMGVhNGQ1MzFiNzkz
LzEvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHxkLMA0G
CSqGSIb3DQEBCwUAA4IBAQA+n72vVEHstszp5d6+87OnPP5WIBWSGyu+4HZait+/
cHW94bKboDS2WQNMKlqLDOciYvT461u+dGKfTL9D3J4eRTdgvh+h6wPfFHwlbgFM
IniVF6XLfLFwLPBxo8x4Nll5Gx8ai+73wE1zYPZ0tCu+Ioo3zZZeAoOtvKHXGCBs
+zRBcy1USlcVV6QXDJGnmrEinOzZiM+CSv1CWR4Zom8wWfzjWBTh/DhfEkLX+NZQ
2S6XPoZB+iESLoyDhmD/SOrEUprw3WluA5V09hn9baS1tt45FwGk7C2uQw51uQw2
IxilUGDMpwgDNQPmNQ1C34LQSQCiXUDNFVF2+WdkMQsI
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:47 2024 by rpki-client on console-ams.rpki-client.org