Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/YnUGcnUxjOmZ-L54CvoSO4PiOuo.roa
File: YnUGcnUxjOmZ-L54CvoSO4PiOuo.roa (raw, json)
Hash identifier: eF3vSIQfHCe6Ru8Uel/173sENxj30qBSvojYV7WSoTA=
Subject key identifier: 62:75:06:72:75:31:8C:E9:99:F8:BE:78:0A:FA:12:3B:83:E2:3A:EA
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018E641C607C6061FAE2EEE2854C3DB3F72E
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/YnUGcnUxjOmZ-L54CvoSO4PiOuo.roa
Signing time: Fri 22 Mar 2024 03:02:45 +0000
ROA not before: Fri 22 Mar 2024 03:02:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50340
IP address blocks: 2a0e:b900::/29 maxlen: 29
2a10:4900::/29 maxlen: 29
2a10:4900::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 25 Mar 2024 04:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:64:1c:60:7c:60:61:fa:e2:ee:e2:85:4c:3d:b3:f7:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Mar 22 03:02:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6275067275318ce999f8be780afa123b83e23aea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d6:f1:3e:7c:75:5f:61:6a:ea:bc:eb:39:3c:
8f:ee:1c:d2:2f:11:90:bc:ff:1c:8a:24:02:cc:c2:
fd:d4:0a:93:a6:05:77:c7:58:c7:00:f3:23:05:5b:
88:af:dd:39:96:3a:82:b1:7e:68:93:99:03:eb:f3:
3e:60:22:3c:f2:92:0a:16:fc:ed:09:3e:81:04:42:
1e:61:2d:f1:41:a1:d1:b9:e6:94:10:e3:e0:ae:43:
52:4c:47:3e:e7:6a:35:d8:84:5a:31:26:2a:e6:5c:
9e:04:d5:e6:da:0d:52:61:35:cb:0c:59:2e:af:2a:
88:cf:ec:1a:ae:cf:57:38:eb:56:b1:91:2e:8d:26:
c2:71:3a:20:c8:e1:f4:eb:f8:11:0c:e1:90:5f:56:
65:78:06:90:00:b7:3f:a6:38:8c:df:43:0d:3a:85:
a9:ae:0a:35:c0:f6:1e:f2:8e:ba:f2:e3:a8:9b:45:
87:fa:97:98:2a:ee:56:25:87:ee:ae:75:51:70:e2:
d2:b5:99:ff:bd:c2:c2:ce:11:36:49:26:82:bc:51:
9e:9f:93:ae:c0:6a:4b:c7:22:30:d5:f2:01:3c:d7:
28:83:ea:a9:f7:c2:a7:b0:c1:53:33:86:b3:ed:8a:
a6:1d:27:c1:26:45:fa:77:70:c3:06:6f:6e:89:7e:
29:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:75:06:72:75:31:8C:E9:99:F8:BE:78:0A:FA:12:3B:83:E2:3A:EA
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/YnUGcnUxjOmZ-L54CvoSO4PiOuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b900::/29
2a10:4900::/29
Signature Algorithm: sha256WithRSAEncryption
b3:a5:e0:d5:55:dc:4c:93:96:ca:45:bb:62:b5:64:08:5d:dc:
bb:cf:03:b3:1a:f3:58:f9:d1:33:ac:ba:34:98:b0:6e:9a:5e:
c3:0c:84:06:b6:f4:2b:ce:16:4c:8a:32:b4:63:ca:32:5b:5e:
dd:82:f2:33:77:eb:ca:75:94:e6:a9:ef:88:33:7b:d3:3f:fb:
c2:d3:45:19:7b:d6:86:17:39:32:7a:3a:da:87:be:f5:9d:e2:
64:01:b8:b3:df:64:7f:b1:fb:91:b6:0a:e8:73:c4:6a:a6:64:
ca:04:1e:3b:e9:c3:34:af:17:6c:f7:e7:29:3e:5a:70:69:32:
5d:c4:62:73:fd:7c:e1:d5:e8:f3:f5:1b:e8:11:f8:77:76:59:
69:91:4d:ca:1c:2d:5e:c3:2a:62:3f:7d:9d:4b:61:08:af:27:
9b:33:c2:02:09:89:bf:92:fb:25:7c:9a:b3:9e:dc:8a:e4:a5:
4b:1c:9e:c6:d7:18:95:52:aa:7a:0d:4a:86:6d:82:b6:5d:e9:
20:93:92:d3:89:a4:ae:13:db:79:c0:14:b6:6f:55:d8:9c:7b:
80:f1:a9:51:ba:e7:59:f0:40:ab:88:fa:7b:78:14:9b:eb:77:
fe:0f:17:15:e2:3a:b3:a3:4f:fb:c5:c8:e3:b4:05:5d:07:8f:
01:4f:44:5d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY5kHGB8YGH64u7ihUw9s/cuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMzIyMDMwMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mjc1MDY3Mjc1MzE4Y2U5OTlmOGJlNzgwYWZhMTIzYjgzZTIzYWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtbxPnx1X2Fq6rzrOTyP7hzSLxGQ
vP8ciiQCzML91AqTpgV3x1jHAPMjBVuIr905ljqCsX5ok5kD6/M+YCI88pIKFvzt
CT6BBEIeYS3xQaHRueaUEOPgrkNSTEc+52o12IRaMSYq5lyeBNXm2g1SYTXLDFku
ryqIz+wars9XOOtWsZEujSbCcTogyOH06/gRDOGQX1ZleAaQALc/pjiM30MNOoWp
rgo1wPYe8o668uOom0WH+peYKu5WJYfurnVRcOLStZn/vcLCzhE2SSaCvFGen5Ou
wGpLxyIw1fIBPNcog+qp98KnsMFTM4az7YqmHSfBJkX6d3DDBm9uiX4pVwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGJ1BnJ1MYzpmfi+eAr6EjuD4jrqMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvWW5VR2NuVXhqT21aLUw1NEN2b1NPNFBpT3VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg65AAMF
AyoQSQAwDQYJKoZIhvcNAQELBQADggEBALOl4NVV3EyTlspFu2K1ZAhd3LvPA7Ma
81j50TOsujSYsG6aXsMMhAa29CvOFkyKMrRjyjJbXt2C8jN368p1lOap74gze9M/
+8LTRRl71oYXOTJ6OtqHvvWd4mQBuLPfZH+x+5G2CuhzxGqmZMoEHjvpwzSvF2z3
5yk+WnBpMl3EYnP9fOHV6PP1G+gR+Hd2WWmRTcocLV7DKmI/fZ1LYQivJ5szwgIJ
ib+S+yV8mrOe3IrkpUscnsbXGJVSqnoNSoZtgrZd6SCTktOJpK4T23nAFLZvVdic
e4DxqVG651nwQKuI+nt4FJvrd/4PFxXiOrOjT/vFyOO0BV0HjwFPRF0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:33 2024 by rpki-client on console-ams.rpki-client.org