Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/4yz6X1KcApeB_zU1cposktbg50o.roa
File: 4yz6X1KcApeB_zU1cposktbg50o.roa (raw, json)
Hash identifier: +qU3O88f2qUf2Iq9TAOra7vVjH+KfGZbnuxNvkJKSYs=
Subject key identifier: E3:2C:FA:5F:52:9C:02:97:81:FF:35:35:72:9A:2C:92:D6:E0:E7:4A
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018D1F39B36E92D50D32F75DC9FB52868E7B
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/4yz6X1KcApeB_zU1cposktbg50o.roa
Signing time: Fri 19 Jan 2024 00:58:11 +0000
ROA not before: Fri 19 Jan 2024 00:58:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44812
IP address blocks: 2a11:4b40::/32 maxlen: 32
2a11:4b44::/32 maxlen: 32
2a11:4b45::/32 maxlen: 32
2a12:a346::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 25 Jan 2024 00:24:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1f:39:b3:6e:92:d5:0d:32:f7:5d:c9:fb:52:86:8e:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 19 00:58:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e32cfa5f529c029781ff3535729a2c92d6e0e74a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:01:71:9d:20:b3:1b:5b:1b:8d:e7:47:d3:b0:
2b:31:e6:a0:95:53:82:6c:98:4b:37:23:1f:86:49:
5b:4e:6b:98:ff:b6:79:e9:f0:9e:5c:32:49:9d:bb:
4e:3f:36:38:7b:2a:dd:18:ee:71:43:1a:7d:79:e5:
8a:41:e5:79:df:c3:11:73:33:59:ad:fe:6f:2b:5b:
ac:69:02:e0:01:b4:95:8e:3b:de:80:8a:30:d8:02:
ec:2c:ee:0e:e6:a0:12:d4:57:93:ea:cc:e4:e6:73:
8c:ce:a4:11:1a:50:22:f5:be:ba:6b:45:d8:6f:bd:
ef:0f:cc:3c:a9:c3:ac:20:b4:f7:b6:16:36:f3:5f:
0d:25:81:ce:82:8a:19:a4:7b:66:8e:5f:cf:34:b4:
14:cb:24:b3:45:71:83:54:27:97:7b:e9:eb:bf:ad:
1d:11:0a:0e:03:39:75:88:d3:b2:9e:9a:55:26:1d:
67:53:83:48:e2:ab:ce:77:23:e1:1d:7e:b0:d7:03:
a8:68:d2:83:75:ce:43:06:35:1c:95:57:71:f9:17:
35:0c:da:03:4e:eb:20:25:94:a7:6f:a8:19:e6:5b:
31:97:f1:48:64:9e:04:96:99:94:f2:7a:94:d9:17:
d2:77:a3:96:f1:7d:3e:87:b8:e3:55:41:0d:06:16:
79:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:2C:FA:5F:52:9C:02:97:81:FF:35:35:72:9A:2C:92:D6:E0:E7:4A
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/4yz6X1KcApeB_zU1cposktbg50o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4b40::/32
2a11:4b44::/31
2a12:a346::/32
Signature Algorithm: sha256WithRSAEncryption
27:3a:7f:26:5d:2f:f6:04:d6:93:5d:db:20:e2:ba:df:42:24:
ad:26:1d:dd:6c:ff:87:02:d1:8f:45:f1:45:84:19:ea:04:b2:
08:3b:e8:98:42:97:00:cc:6a:00:ff:b8:a3:30:b4:79:83:aa:
1f:56:a0:ac:7f:c4:02:2f:59:21:64:ea:e5:01:b7:26:b7:03:
72:9f:0b:5c:6c:06:fe:94:a7:9a:0f:df:3d:66:a0:fb:bd:d9:
6b:66:22:26:28:1f:a9:f1:61:5c:10:9b:6e:58:42:3f:60:6d:
83:b4:8a:79:52:99:86:b8:d3:b6:22:65:2d:71:22:79:6c:f1:
07:4a:38:06:d2:dd:eb:53:28:a2:ef:92:69:25:59:9f:7d:58:
7e:2e:54:a5:1d:3f:b3:f0:39:d5:86:bc:dd:6f:f3:e3:d8:8b:
99:f7:cc:82:2c:61:47:4c:d0:a4:cc:19:de:03:48:d9:af:46:
3e:bb:b5:c1:d7:5b:c3:25:79:75:fe:7a:8e:5b:c4:2c:66:4d:
47:89:8f:02:4f:77:07:c9:92:17:47:5a:41:f6:55:bf:98:f1:
1c:f7:9f:3d:39:aa:aa:f9:14:de:79:c7:7e:6f:c6:0b:be:79:
e1:a3:4c:47:37:76:c5:96:ab:0e:25:79:38:63:2a:ce:b0:10:
8a:5b:b2:48
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY0fObNuktUNMvddyftSho57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMTE5MDA1ODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzJjZmE1ZjUyOWMwMjk3ODFmZjM1MzU3MjlhMmM5MmQ2ZTBlNzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwFxnSCzG1sbjedH07ArMeaglVOC
bJhLNyMfhklbTmuY/7Z56fCeXDJJnbtOPzY4eyrdGO5xQxp9eeWKQeV538MRczNZ
rf5vK1usaQLgAbSVjjvegIow2ALsLO4O5qAS1FeT6szk5nOMzqQRGlAi9b66a0XY
b73vD8w8qcOsILT3thY2818NJYHOgooZpHtmjl/PNLQUyySzRXGDVCeXe+nrv60d
EQoOAzl1iNOynppVJh1nU4NI4qvOdyPhHX6w1wOoaNKDdc5DBjUclVdx+Rc1DNoD
TusgJZSnb6gZ5lsxl/FIZJ4ElpmU8nqU2RfSd6OW8X0+h7jjVUENBhZ5AQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOMs+l9SnAKXgf81NXKaLJLW4OdKMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvNHl6NlgxS2NBcGVCX3pVMWNwb3NrdGJnNTBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhFLQAMF
ASoRS0QDBQAqEqNGMA0GCSqGSIb3DQEBCwUAA4IBAQAnOn8mXS/2BNaTXdsg4rrf
QiStJh3dbP+HAtGPRfFFhBnqBLIIO+iYQpcAzGoA/7ijMLR5g6ofVqCsf8QCL1kh
ZOrlAbcmtwNynwtcbAb+lKeaD989ZqD7vdlrZiImKB+p8WFcEJtuWEI/YG2DtIp5
UpmGuNO2ImUtcSJ5bPEHSjgG0t3rUyii75JpJVmffVh+LlSlHT+z8DnVhrzdb/Pj
2IuZ98yCLGFHTNCkzBneA0jZr0Y+u7XB11vDJXl1/nqOW8QsZk1HiY8CT3cHyZIX
R1pB9lW/mPEc9589Oaqq+RTeecd+b8YLvnnho0xHN3bFlqsOJXk4YyrOsBCKW7JI
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:51 2025 by rpki-client