Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HyrdsuO8clIXcnBfhXNaEK1Hvsc.roa
File: HyrdsuO8clIXcnBfhXNaEK1Hvsc.roa (raw, json)
Hash identifier: 3MNz8cOGNOmn67/lFVXXY5EQKOaX/5N4xD38iwirWiA=
Subject key identifier: 1F:2A:DD:B2:E3:BC:72:52:17:72:70:5F:85:73:5A:10:AD:47:BE:C7
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01909E43FDC588964D91969E62BB43FC645E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HyrdsuO8clIXcnBfhXNaEK1Hvsc.roa
Signing time: Wed 10 Jul 2024 20:09:34 +0000
ROA not before: Wed 10 Jul 2024 20:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60647
IP address blocks: 2a0f:1201::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 11 Jul 2024 11:43:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9e:43:fd:c5:88:96:4d:91:96:9e:62:bb:43:fc:64:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 10 20:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f2addb2e3bc72521772705f85735a10ad47bec7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6c:e1:c8:d0:43:3c:0b:5f:8c:28:b0:52:67:
43:43:8d:a3:5f:40:33:86:40:68:f0:a4:9d:69:7b:
e2:10:63:dd:8f:2f:9e:c4:2f:31:ec:ac:49:61:d2:
d4:d0:91:d8:c2:ca:47:73:03:1d:43:48:9c:40:88:
b2:92:d2:cf:41:6a:80:2e:d8:02:f7:09:40:63:1c:
dd:3d:1f:18:c8:c9:81:be:d9:b5:b3:67:a2:1c:2d:
36:05:eb:93:15:44:70:42:69:e4:f4:13:d9:9e:35:
a0:89:63:20:5b:6f:85:a4:c2:66:ac:69:0f:28:f6:
a1:d7:fd:35:b5:93:23:b3:bb:7d:d4:55:11:9a:81:
46:f9:e3:ff:c8:bf:60:f0:4b:3b:a1:6b:5d:e1:ba:
64:e1:3e:56:be:2f:6b:9a:4b:d2:43:2a:50:7a:ea:
b6:29:3e:c2:1b:9e:ab:78:73:d7:17:d7:71:70:8e:
35:3a:3c:71:d8:07:bc:53:01:5c:d6:e0:14:01:5a:
6f:d5:7e:14:c0:11:2f:0f:78:cc:10:86:5c:cb:56:
8d:a1:61:65:58:24:14:48:1a:c3:b9:d9:e3:77:a1:
07:f9:01:08:bf:2e:70:f1:c1:a3:31:e6:4a:81:d8:
8c:04:f3:fb:ad:85:d0:5e:ba:ed:ba:d8:15:f7:0f:
99:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:2A:DD:B2:E3:BC:72:52:17:72:70:5F:85:73:5A:10:AD:47:BE:C7
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HyrdsuO8clIXcnBfhXNaEK1Hvsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1201::/32
Signature Algorithm: sha256WithRSAEncryption
42:75:3a:00:17:1c:ca:03:9c:2b:a5:29:9a:d5:94:1f:93:8c:
a5:cf:49:0d:50:fd:c6:0b:37:4b:60:60:f4:ad:a5:bd:7d:01:
77:94:d4:7d:4e:1e:bc:fa:6f:97:92:7f:5e:ce:2b:b6:2b:e6:
4f:97:56:76:de:cc:89:fe:83:00:7f:41:44:58:c3:48:4a:f5:
47:08:38:c5:7c:52:6d:9a:43:3e:e2:19:72:e2:6d:57:f1:dc:
11:b3:58:ca:31:bd:e7:fa:d4:0c:6f:bc:68:84:48:1a:27:35:
92:bd:79:4a:65:97:b4:1d:2f:eb:1c:32:28:aa:93:6e:41:17:
9e:0f:13:92:95:36:16:b5:52:f2:8d:43:b3:02:67:86:c5:d8:
72:f4:bd:13:5b:b0:40:4e:f6:17:32:b8:a7:a1:cf:ad:47:7d:
13:35:a7:51:92:80:1d:0e:64:ec:1b:11:ea:fe:51:c8:48:be:
c5:4f:1e:1d:79:a5:48:f1:74:32:60:4b:f9:ca:e8:85:2d:0c:
2c:7d:78:64:e9:fd:c9:45:24:44:31:c1:2d:34:ac:11:34:1c:
5f:ba:3c:57:fb:a8:27:46:3f:c9:6f:5f:b9:0f:13:27:90:c8:
a1:22:0b:00:45:ff:3f:2a:ed:49:39:87:50:36:3c:89:c9:04:
88:b9:be:35
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZCeQ/3FiJZNkZaeYrtD/GReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNzEwMjAwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjJhZGRiMmUzYmM3MjUyMTc3MjcwNWY4NTczNWExMGFkNDdiZWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGzhyNBDPAtfjCiwUmdDQ42jX0Az
hkBo8KSdaXviEGPdjy+exC8x7KxJYdLU0JHYwspHcwMdQ0icQIiyktLPQWqALtgC
9wlAYxzdPR8YyMmBvtm1s2eiHC02BeuTFURwQmnk9BPZnjWgiWMgW2+FpMJmrGkP
KPah1/01tZMjs7t91FURmoFG+eP/yL9g8Es7oWtd4bpk4T5Wvi9rmkvSQypQeuq2
KT7CG56reHPXF9dxcI41Ojxx2Ae8UwFc1uAUAVpv1X4UwBEvD3jMEIZcy1aNoWFl
WCQUSBrDudnjd6EH+QEIvy5w8cGjMeZKgdiMBPP7rYXQXrrtutgV9w+ZMwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFB8q3bLjvHJSF3JwX4VzWhCtR77HMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSHlyZHN1TzhjbElYY25CZmhYTmFFSzFIdnNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg8SATAN
BgkqhkiG9w0BAQsFAAOCAQEAQnU6ABccygOcK6UpmtWUH5OMpc9JDVD9xgs3S2Bg
9K2lvX0Bd5TUfU4evPpvl5J/Xs4rtivmT5dWdt7Mif6DAH9BRFjDSEr1Rwg4xXxS
bZpDPuIZcuJtV/HcEbNYyjG95/rUDG+8aIRIGic1kr15SmWXtB0v6xwyKKqTbkEX
ng8TkpU2FrVS8o1DswJnhsXYcvS9E1uwQE72FzK4p6HPrUd9EzWnUZKAHQ5k7BsR
6v5RyEi+xU8eHXmlSPF0MmBL+crohS0MLH14ZOn9yUUkRDHBLTSsETQcX7o8V/uo
J0Y/yW9fuQ8TJ5DIoSILAEX/PyrtSTmHUDY8ickEiLm+NQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:10:11 2025 by rpki-client