Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/YnNaNaJD1roR8fiBIRCptKdNYSA.roa
File: YnNaNaJD1roR8fiBIRCptKdNYSA.roa (raw, json)
Hash identifier: hWJl5OVQZwXolKLlwsA6dPvpZnoljW3lkqXI0S55fsE=
Subject key identifier: 62:73:5A:35:A2:43:D6:BA:11:F1:F8:81:21:10:A9:B4:A7:4D:61:20
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 01961BE1E7900F2BE461B8B730D4F9E706CD
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/YnNaNaJD1roR8fiBIRCptKdNYSA.roa
Signing time: Wed 09 Apr 2025 18:48:31 +0000
ROA not before: Wed 09 Apr 2025 18:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29182
IP address blocks: 2a0e:13c6::/32 maxlen: 32
2a0e:4346::/32 maxlen: 32
2a0e:67c6::/32 maxlen: 32
2a0f:bb05::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 16 Apr 2025 17:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1b:e1:e7:90:0f:2b:e4:61:b8:b7:30:d4:f9:e7:06:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Apr 9 18:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62735a35a243d6ba11f1f8812110a9b4a74d6120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:68:a2:29:f4:80:e2:5f:e9:c1:21:88:a7:f8:
98:97:d7:30:ad:bb:30:9c:a8:9e:54:ce:85:1f:9b:
ed:e5:1e:0d:10:4a:77:09:db:73:7a:fe:2d:9b:98:
f5:71:28:16:77:29:14:62:da:aa:91:37:7a:bb:57:
37:25:82:5f:c7:68:b9:5e:02:06:09:22:b0:f4:bb:
70:4c:a8:f6:15:2d:52:30:e3:2a:dd:3d:c5:3d:ab:
ea:23:0d:44:45:7b:fa:67:48:11:86:16:80:28:48:
0d:67:f6:cd:a0:48:87:0c:41:17:80:7a:a2:59:0b:
c4:37:48:77:a8:87:d1:ce:7c:2d:a2:82:78:40:72:
6a:2b:88:eb:45:7d:d6:93:17:09:3e:3a:fd:9e:b7:
99:3f:88:5d:03:2c:0b:fc:9a:f4:28:63:ed:a6:8f:
a3:19:00:91:9a:b7:fe:a6:8d:97:5b:41:2c:47:7b:
fe:3d:86:b9:f0:04:e3:9f:1b:03:28:34:a0:36:de:
0a:d1:bf:60:86:54:d7:29:f7:e0:bd:e2:96:ac:52:
5d:02:8c:bc:0d:01:8c:47:d6:7d:00:d4:a5:20:f3:
2d:c5:e4:76:e6:a3:92:fa:78:ea:2e:a3:c0:bf:ab:
26:50:e7:a5:2f:54:65:08:2f:72:74:a8:c4:b4:fc:
91:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:73:5A:35:A2:43:D6:BA:11:F1:F8:81:21:10:A9:B4:A7:4D:61:20
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/YnNaNaJD1roR8fiBIRCptKdNYSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:13c6::/32
2a0e:4346::/32
2a0e:67c6::/32
2a0f:bb05::/32
Signature Algorithm: sha256WithRSAEncryption
6b:58:91:11:ec:bb:b7:2b:cd:39:a0:57:0c:9b:df:e6:51:df:
24:50:12:4d:a1:8f:3a:b2:a2:ed:df:40:53:42:ec:e1:00:40:
45:f2:b2:f8:f9:89:a3:98:25:3e:4d:f7:5a:e6:7f:c9:33:08:
ec:50:9b:ca:9d:c4:de:1e:24:7c:22:fa:79:d7:c7:4b:ae:f9:
08:0e:42:24:20:7d:46:cf:4c:85:fc:11:86:d5:31:87:ea:aa:
c6:5e:12:81:40:f7:63:3c:0f:24:02:95:f4:e8:19:64:07:6e:
26:69:fe:f7:4e:cd:14:6c:0d:4b:df:10:dd:5f:d8:a0:85:fa:
bb:25:8d:b2:5b:91:c1:0b:c2:21:91:25:c7:97:8c:a6:93:82:
08:52:1a:13:ed:bc:9b:d3:7e:30:7e:be:29:1e:39:77:da:84:
c7:55:04:1b:f6:ec:4f:3a:c0:c0:ac:b2:0b:91:28:e0:58:4d:
a9:1b:1b:d2:72:3b:11:8b:6f:5e:e9:06:4f:07:df:10:43:55:
51:cc:b6:ca:a0:66:e5:5a:29:ed:24:b4:62:01:c9:5e:63:7c:
3e:bf:34:5d:18:3c:87:2a:b2:54:65:0c:54:9d:53:54:a2:6c:
a1:e6:b2:33:f8:7e:bb:dc:4e:2a:b9:84:4a:28:4f:42:fd:81:
3d:44:2d:f2
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZYb4eeQDyvkYbi3MNT55wbNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNDA5MTg0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjczNWEzNWEyNDNkNmJhMTFmMWY4ODEyMTEwYTliNGE3NGQ2MTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWiiKfSA4l/pwSGIp/iYl9cwrbsw
nKieVM6FH5vt5R4NEEp3Cdtzev4tm5j1cSgWdykUYtqqkTd6u1c3JYJfx2i5XgIG
CSKw9LtwTKj2FS1SMOMq3T3FPavqIw1ERXv6Z0gRhhaAKEgNZ/bNoEiHDEEXgHqi
WQvEN0h3qIfRznwtooJ4QHJqK4jrRX3WkxcJPjr9nreZP4hdAywL/Jr0KGPtpo+j
GQCRmrf+po2XW0EsR3v+PYa58ATjnxsDKDSgNt4K0b9ghlTXKffgveKWrFJdAoy8
DQGMR9Z9ANSlIPMtxeR25qOS+njqLqPAv6smUOelL1RlCC9ydKjEtPyRwwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGJzWjWiQ9a6EfH4gSEQqbSnTWEgMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvWW5OYU5hSkQxcm9SOGZpQklSQ3B0S2ROWVNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKg4TxgMF
ACoOQ0YDBQAqDmfGAwUAKg+7BTANBgkqhkiG9w0BAQsFAAOCAQEAa1iREey7tyvN
OaBXDJvf5lHfJFASTaGPOrKi7d9AU0Ls4QBARfKy+PmJo5glPk33WuZ/yTMI7FCb
yp3E3h4kfCL6edfHS675CA5CJCB9Rs9MhfwRhtUxh+qqxl4SgUD3YzwPJAKV9OgZ
ZAduJmn+907NFGwNS98Q3V/YoIX6uyWNsluRwQvCIZElx5eMppOCCFIaE+28m9N+
MH6+KR45d9qEx1UEG/bsTzrAwKyyC5Eo4FhNqRsb0nI7EYtvXukGTwffEENVUcy2
yqBm5Vop7SS0YgHJXmN8Pr80XRg8hyqyVGUMVJ1TVKJsoeayM/h+u9xOKrmESihP
Qv2BPUQt8g==
-----END CERTIFICATE-----
Generated at Sat Apr 19 11:29:24 2025 by rpki-client