Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/1774bd-6f7d-4d4f-96dc-e7b860332cb7/1/TLYcGtPR48Q3q0NhwjLqDqsfVBA.roa
File: TLYcGtPR48Q3q0NhwjLqDqsfVBA.roa (raw, json)
Hash identifier: s+w02JX2SqLPsAPC3qmA20NFQYyP1ZH0HDhjrlXUIzc=
Subject key identifier: 4C:B6:1C:1A:D3:D1:E3:C4:37:AB:43:61:C2:32:EA:0E:AB:1F:54:10
Certificate issuer: /CN=beb7d84fe15a3243c1000347b0990ba46bb3ae42
Certificate serial: 018CC727095F748C88C10B24DF6D078B4D11
Authority key identifier: BE:B7:D8:4F:E1:5A:32:43:C1:00:03:47:B0:99:0B:A4:6B:B3:AE:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vrfYT-FaMkPBAANHsJkLpGuzrkI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/1774bd-6f7d-4d4f-96dc-e7b860332cb7/1/TLYcGtPR48Q3q0NhwjLqDqsfVBA.roa
Signing time: Mon 01 Jan 2024 22:31:13 +0000
ROA not before: Mon 01 Jan 2024 22:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215872
IP address blocks: 2001:678:a80::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:47:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:09:5f:74:8c:88:c1:0b:24:df:6d:07:8b:4d:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beb7d84fe15a3243c1000347b0990ba46bb3ae42
Validity
Not Before: Jan 1 22:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cb61c1ad3d1e3c437ab4361c232ea0eab1f5410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:63:93:b7:df:50:ca:46:7c:3e:6a:52:f6:a3:
dc:18:9a:6d:14:c0:c0:ea:24:9a:55:11:11:1e:b8:
85:c0:5d:06:7e:80:83:da:04:e6:b9:f4:fd:f4:8b:
75:33:85:21:0c:e3:1c:e3:4b:6f:0b:80:ec:9c:60:
4a:52:ec:48:9b:9f:91:c7:35:72:9d:34:3f:24:8b:
70:3c:3c:2f:77:92:b6:57:32:be:03:40:14:b8:15:
5b:d9:bb:ae:ca:a7:23:8e:56:bb:25:7a:79:67:d7:
e1:1e:6c:a6:61:06:c0:06:42:0f:e2:87:c5:75:4c:
b2:7c:ba:69:99:14:b5:c1:16:ee:3a:29:96:ca:03:
6c:99:d3:10:ae:44:d1:0b:b1:c1:46:76:8d:e5:27:
83:e0:8d:28:0b:c2:42:a1:74:b9:5c:f2:ed:12:c5:
c9:f0:1a:01:78:4e:ef:e7:0c:d2:4a:84:ce:d5:f0:
a4:12:34:be:85:96:8f:54:a8:a6:1e:a4:be:86:d2:
bf:af:f6:e8:7d:f4:10:73:6e:9a:c7:b1:0c:98:b3:
5c:41:07:a1:79:6e:d1:ff:d7:4d:9b:d2:1a:7a:63:
46:d7:66:70:87:a8:a4:0a:85:58:40:ff:ee:66:36:
3e:a9:1d:43:33:b6:7d:90:8a:18:27:e1:62:f1:16:
6a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B6:1C:1A:D3:D1:E3:C4:37:AB:43:61:C2:32:EA:0E:AB:1F:54:10
X509v3 Authority Key Identifier:
keyid:BE:B7:D8:4F:E1:5A:32:43:C1:00:03:47:B0:99:0B:A4:6B:B3:AE:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vrfYT-FaMkPBAANHsJkLpGuzrkI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/1774bd-6f7d-4d4f-96dc-e7b860332cb7/1/TLYcGtPR48Q3q0NhwjLqDqsfVBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/1774bd-6f7d-4d4f-96dc-e7b860332cb7/1/vrfYT-FaMkPBAANHsJkLpGuzrkI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:a80::/48
Signature Algorithm: sha256WithRSAEncryption
3f:ca:9a:f9:45:a4:1a:8a:79:30:82:c9:5c:48:70:86:ee:95:
4e:2d:bf:11:76:4f:45:22:60:05:23:81:f1:82:23:ca:4c:59:
78:05:e1:7b:9c:36:28:f3:90:35:75:bf:d0:4a:9a:71:f9:fe:
32:e2:70:48:77:4b:d3:d5:59:ff:46:c1:77:6e:1e:ad:3c:17:
e5:3b:13:00:29:35:58:72:b5:65:30:0e:b1:f8:47:72:1d:31:
74:c6:3c:3a:c1:01:6d:f3:64:f3:85:2e:e1:0d:36:77:8e:31:
75:56:a7:d5:5d:bd:3c:30:05:4d:c1:c4:cb:ca:c1:de:fc:3e:
69:ec:44:56:09:71:3e:c9:cb:71:b2:6c:f2:e4:e2:a0:0e:92:
1f:be:84:3a:df:38:55:fe:4b:8b:d8:14:06:4b:2d:34:7d:4a:
d4:9c:94:81:ba:e6:8a:b6:3d:52:fa:7d:30:31:cd:f5:c0:00:
96:14:02:a6:bc:4d:2a:b6:6f:86:c3:a4:03:c7:1d:d4:4b:2d:
c0:7f:b3:2f:7a:64:a7:5c:cf:2f:f4:4f:8e:f3:84:93:74:1e:
30:78:76:4e:cc:4f:36:42:3f:5e:92:df:4c:c1:d8:57:6a:90:
16:0e:a7:6f:8a:78:c3:37:b1:31:bf:6f:47:c4:ec:4f:5f:39:
72:02:5c:29
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHJwlfdIyIwQsk320Hi00RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYjdkODRmZTE1YTMyNDNjMTAwMDM0N2IwOTkwYmE0NmJi
M2FlNDIwHhcNMjQwMTAxMjIzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2I2MWMxYWQzZDFlM2M0MzdhYjQzNjFjMjMyZWEwZWFiMWY1NDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWOTt99QykZ8PmpS9qPcGJptFMDA
6iSaVRERHriFwF0GfoCD2gTmufT99It1M4UhDOMc40tvC4DsnGBKUuxIm5+RxzVy
nTQ/JItwPDwvd5K2VzK+A0AUuBVb2buuyqcjjla7JXp5Z9fhHmymYQbABkIP4ofF
dUyyfLppmRS1wRbuOimWygNsmdMQrkTRC7HBRnaN5SeD4I0oC8JCoXS5XPLtEsXJ
8BoBeE7v5wzSSoTO1fCkEjS+hZaPVKimHqS+htK/r/boffQQc26ax7EMmLNcQQeh
eW7R/9dNm9IaemNG12Zwh6ikCoVYQP/uZjY+qR1DM7Z9kIoYJ+Fi8RZqwwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEy2HBrT0ePEN6tDYcIy6g6rH1QQMB8GA1UdIwQY
MBaAFL632E/hWjJDwQADR7CZC6Rrs65CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnJmWVQtRmFNa1BCQUFOSHNKa0xwR3V6cmtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8xNzc0YmQtNmY3ZC00ZDRmLTk2ZGMt
ZTdiODYwMzMyY2I3LzEvVExZY0d0UFI0OFEzcTBOaHdqTHFEcXNmVkJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8xNzc0YmQtNmY3ZC00ZDRmLTk2ZGMtZTdiODYwMzMyY2I3
LzEvdnJmWVQtRmFNa1BCQUFOSHNKa0xwR3V6cmtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAqA
MA0GCSqGSIb3DQEBCwUAA4IBAQA/ypr5RaQainkwgslcSHCG7pVOLb8Rdk9FImAF
I4HxgiPKTFl4BeF7nDYo85A1db/QSppx+f4y4nBId0vT1Vn/RsF3bh6tPBflOxMA
KTVYcrVlMA6x+EdyHTF0xjw6wQFt82TzhS7hDTZ3jjF1VqfVXb08MAVNwcTLysHe
/D5p7ERWCXE+yctxsmzy5OKgDpIfvoQ63zhV/kuL2BQGSy00fUrUnJSBuuaKtj1S
+n0wMc31wACWFAKmvE0qtm+Gw6QDxx3USy3Af7MvemSnXM8v9E+O84STdB4weHZO
zE82Qj9ekt9MwdhXapAWDqdvinjDN7Exv29HxOxPXzlyAlwp
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:31 2025 by rpki-client