Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/yoTRHtnl4W4ksqiXVPBwvvuoASE.roa
File: yoTRHtnl4W4ksqiXVPBwvvuoASE.roa (raw, json)
Hash identifier: aklUbGBezPNz8JJV1nzHpdoiLBJ1+lqsybb2e5eREMU=
Subject key identifier: CA:84:D1:1E:D9:E5:E1:6E:24:B2:A8:97:54:F0:70:BE:FB:A8:01:21
Certificate issuer: /CN=65a665b90069bd71850602e7400c529793269e39
Certificate serial: 018E477B94542DB7DA84295C8920CBBAC830
Authority key identifier: 65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/yoTRHtnl4W4ksqiXVPBwvvuoASE.roa
Signing time: Sat 16 Mar 2024 13:37:44 +0000
ROA not before: Sat 16 Mar 2024 13:37:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57027
IP address blocks: 2a09:2b80:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 16 Mar 2024 13:54:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:47:7b:94:54:2d:b7:da:84:29:5c:89:20:cb:ba:c8:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65a665b90069bd71850602e7400c529793269e39
Validity
Not Before: Mar 16 13:37:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca84d11ed9e5e16e24b2a89754f070befba80121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:30:07:ea:8e:28:1e:b6:75:00:5a:d3:ac:66:
76:c2:79:3b:2d:5b:80:a2:e7:4f:95:ce:a3:8e:39:
5c:90:82:89:eb:a1:64:f8:2c:b0:25:dd:3b:28:92:
c7:69:b7:03:07:23:52:11:0b:19:dc:9d:b2:2e:81:
d9:69:fc:fc:64:b8:97:2e:db:dd:2e:bf:4f:7c:11:
8a:67:d1:fd:ce:c6:0a:2a:8e:b3:c9:c1:b0:18:d1:
07:1f:42:c9:18:cd:c6:d3:a7:e7:9b:89:b9:63:58:
d0:1d:87:01:7e:b7:60:dd:55:00:63:55:09:a3:c9:
2c:fe:a1:29:9e:7a:70:46:2d:e2:57:28:f6:2c:2d:
13:90:d3:88:d0:73:38:aa:b1:d2:0c:c4:d9:82:0a:
b6:8e:1f:07:ff:dc:39:5d:60:c8:ee:2e:99:4b:e8:
d1:75:24:44:7f:73:bd:a6:0b:bb:36:4f:a1:76:31:
18:ca:85:e9:bd:8d:59:ec:ab:81:67:57:8f:89:09:
2a:cf:cd:64:7c:b9:10:2f:db:3e:6b:cd:0a:cd:bd:
3f:6e:2f:d6:2d:e5:cf:48:63:88:0e:1b:94:c7:7e:
4f:b9:d5:f4:3d:be:cc:53:3e:9d:a2:06:79:23:48:
2f:74:ca:6f:38:71:30:0c:8c:b7:52:fc:0c:ef:b4:
3a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:84:D1:1E:D9:E5:E1:6E:24:B2:A8:97:54:F0:70:BE:FB:A8:01:21
X509v3 Authority Key Identifier:
keyid:65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/yoTRHtnl4W4ksqiXVPBwvvuoASE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2b80:2::/48
Signature Algorithm: sha256WithRSAEncryption
26:b4:39:ff:af:74:0a:7e:10:c6:9f:ed:89:a9:b3:b2:00:e3:
03:4a:51:f9:d4:63:64:a8:45:30:d0:7a:0d:b6:ab:04:13:18:
87:66:b7:19:61:36:e6:5d:45:89:0b:b6:15:50:27:0d:07:9d:
94:f3:47:74:d8:7e:52:67:ed:fb:da:d6:9d:5d:c3:88:c1:f5:
e2:c8:f1:1c:94:30:77:ed:28:c9:cf:6e:8a:94:e4:b4:fd:0f:
7e:73:f5:5e:24:62:d3:ad:52:ab:92:2f:3a:92:85:70:fd:1d:
5a:5c:70:90:83:9b:d0:ef:7f:48:0b:2b:4b:86:98:66:97:4e:
2b:94:e1:d5:79:52:3d:c1:f3:b3:b3:7c:8e:08:46:98:1b:f5:
65:60:fb:2d:26:f4:d6:12:9c:02:27:64:81:51:51:af:f9:5c:
60:94:cf:37:4e:a4:0d:9a:34:15:37:f3:79:c9:42:9a:d1:d0:
9d:4f:22:25:aa:ec:be:29:38:fa:73:76:a9:70:a4:8d:a8:f3:
90:b2:ee:49:63:72:08:12:94:33:86:3d:6e:20:1c:05:b3:d7:
3d:22:be:df:da:56:22:2b:0e:67:4b:61:68:b8:44:c9:9c:25:
4c:ab:c1:0a:94:76:3d:0a:8c:a0:15:df:0f:a8:81:7b:ac:93:
1b:e5:b4:71
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY5He5RULbfahClciSDLusgwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YTY2NWI5MDA2OWJkNzE4NTA2MDJlNzQwMGM1Mjk3OTMy
NjllMzkwHhcNMjQwMzE2MTMzNzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTg0ZDExZWQ5ZTVlMTZlMjRiMmE4OTc1NGYwNzBiZWZiYTgwMTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDAH6o4oHrZ1AFrTrGZ2wnk7LVuA
oudPlc6jjjlckIKJ66Fk+CywJd07KJLHabcDByNSEQsZ3J2yLoHZafz8ZLiXLtvd
Lr9PfBGKZ9H9zsYKKo6zycGwGNEHH0LJGM3G06fnm4m5Y1jQHYcBfrdg3VUAY1UJ
o8ks/qEpnnpwRi3iVyj2LC0TkNOI0HM4qrHSDMTZggq2jh8H/9w5XWDI7i6ZS+jR
dSREf3O9pgu7Nk+hdjEYyoXpvY1Z7KuBZ1ePiQkqz81kfLkQL9s+a80Kzb0/bi/W
LeXPSGOIDhuUx35PudX0Pb7MUz6dogZ5I0gvdMpvOHEwDIy3UvwM77Q6LQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMqE0R7Z5eFuJLKol1TwcL77qAEhMB8GA1UdIwQY
MBaAFGWmZbkAab1xhQYC50AMUpeTJp45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjct
Yzk0NTdlYzgxMTUxLzEveW9UUkh0bmw0VzRrc3FpWFZQQnd2dnVvQVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjctYzk0NTdlYzgxMTUx
LzEvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgkrgAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQAmtDn/r3QKfhDGn+2JqbOyAOMDSlH51GNkqEUw
0HoNtqsEExiHZrcZYTbmXUWJC7YVUCcNB52U80d02H5SZ+372tadXcOIwfXiyPEc
lDB37SjJz26KlOS0/Q9+c/VeJGLTrVKrki86koVw/R1aXHCQg5vQ739ICytLhphm
l04rlOHVeVI9wfOzs3yOCEaYG/VlYPstJvTWEpwCJ2SBUVGv+VxglM83TqQNmjQV
N/N5yUKa0dCdTyIlquy+KTj6c3apcKSNqPOQsu5JY3IIEpQzhj1uIBwFs9c9Ir7f
2lYiKw5nS2FouETJnCVMq8EKlHY9CoygFd8PqIF7rJMb5bRx
-----END CERTIFICATE-----
Generated at Thu May 1 06:48:58 2025 by rpki-client