Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Yg-wq6sFpR6roRCkJ72x6OEZqSc.roa
File: Yg-wq6sFpR6roRCkJ72x6OEZqSc.roa (raw, json)
Hash identifier: MVUbOm2MiZkJ1XcNIP5CLxoQ0DLZGG+C2W+DLkTV66E=
Subject key identifier: 62:0F:B0:AB:AB:05:A5:1E:AB:A1:10:A4:27:BD:B1:E8:E1:19:A9:27
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018EA7CF4F62DB57E754C6B4A8CB3ED61BA1
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Yg-wq6sFpR6roRCkJ72x6OEZqSc.roa
Signing time: Thu 04 Apr 2024 06:32:45 +0000
ROA not before: Thu 04 Apr 2024 06:32:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 2a0f:dfc4::/32 maxlen: 32
2a11:89c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 05 Apr 2024 19:53:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a7:cf:4f:62:db:57:e7:54:c6:b4:a8:cb:3e:d6:1b:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 4 06:32:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=620fb0abab05a51eaba110a427bdb1e8e119a927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b8:8c:39:54:91:1d:e0:ec:7c:f9:1d:e7:be:
e6:fd:63:d3:01:59:d5:72:db:07:98:b4:90:e8:b1:
34:52:e0:ca:7c:16:c4:54:6a:b5:05:d0:1c:d0:5c:
ac:ff:94:c2:73:1d:bd:69:cd:09:d2:45:88:53:e0:
e0:fb:a0:e4:7a:71:c0:55:02:32:73:b2:a3:eb:44:
30:14:4d:6f:1d:13:0f:8d:77:b8:85:5b:87:6b:5c:
97:b9:56:08:0a:87:84:6f:75:0a:c7:9f:64:fc:1a:
71:d1:a2:d1:cb:e2:07:f1:e4:36:40:1b:c6:74:57:
98:63:b2:8a:fe:92:a5:3c:10:76:23:8f:48:16:dc:
37:69:0f:65:fe:1b:cf:7b:27:53:ea:73:5f:a1:8c:
83:21:f6:8e:d2:32:15:b8:aa:5e:84:f3:f6:bb:6f:
30:72:f7:cb:82:44:f5:52:53:42:f2:fe:9c:a9:01:
59:91:ab:f8:c8:70:09:cb:2a:42:5a:12:84:70:f2:
33:10:36:0d:92:bb:df:dd:7b:17:66:38:29:ab:b9:
72:f2:34:50:bb:2e:40:fa:3b:de:1a:62:80:75:97:
6e:61:61:f1:98:29:2e:95:26:21:ac:0f:dd:86:af:
18:30:e5:81:c9:03:98:b7:f3:9b:37:ba:ca:11:06:
db:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:0F:B0:AB:AB:05:A5:1E:AB:A1:10:A4:27:BD:B1:E8:E1:19:A9:27
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Yg-wq6sFpR6roRCkJ72x6OEZqSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:dfc4::/32
2a11:89c0::/29
Signature Algorithm: sha256WithRSAEncryption
7e:6e:50:97:58:98:7f:7e:3d:d5:35:95:06:b4:01:9f:6c:00:
83:5b:ed:e4:ec:a7:d4:0b:bb:e7:bf:17:1e:d7:39:c7:cb:65:
cd:bf:48:34:f4:33:78:be:08:fb:d2:f5:58:45:a4:c8:6b:3f:
ee:e7:77:f9:59:b7:fe:cc:3b:33:fa:89:e7:e8:35:21:bf:e9:
79:ee:6c:35:63:59:c0:9f:d0:f1:5e:7b:ef:a8:fd:22:55:46:
25:5b:8c:0e:7a:69:40:11:cc:ff:e1:c2:1c:67:a1:70:72:c7:
40:f2:e6:77:f0:ac:e1:4e:81:f7:41:be:76:f1:37:77:18:b9:
48:aa:62:13:48:51:78:1d:9f:44:dd:c8:bc:ef:72:42:1f:c0:
28:56:1b:5b:b8:e1:ca:58:a5:fc:74:9d:0f:a3:18:d1:9a:92:
8c:64:6e:cf:e3:a2:6c:74:cb:20:7d:ca:9a:e3:7d:48:35:ef:
3c:fc:2e:df:a4:a1:27:9c:a2:bc:c7:7e:11:af:cf:1d:4c:5b:
eb:bf:bd:35:97:ce:58:a2:c8:99:75:41:84:25:4e:90:41:c9:
5f:e9:65:c0:2a:46:23:80:07:ec:5c:c1:76:92:34:5d:e4:56:
80:be:7b:32:92:b5:7d:95:31:65:9e:62:db:b8:9f:e6:d1:71:
1a:e3:50:87
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY6nz09i21fnVMa0qMs+1huhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNDA0MDYzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjBmYjBhYmFiMDVhNTFlYWJhMTEwYTQyN2JkYjFlOGUxMTlhOTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7iMOVSRHeDsfPkd577m/WPTAVnV
ctsHmLSQ6LE0UuDKfBbEVGq1BdAc0Fys/5TCcx29ac0J0kWIU+Dg+6DkenHAVQIy
c7Kj60QwFE1vHRMPjXe4hVuHa1yXuVYICoeEb3UKx59k/Bpx0aLRy+IH8eQ2QBvG
dFeYY7KK/pKlPBB2I49IFtw3aQ9l/hvPeydT6nNfoYyDIfaO0jIVuKpehPP2u28w
cvfLgkT1UlNC8v6cqQFZkav4yHAJyypCWhKEcPIzEDYNkrvf3XsXZjgpq7ly8jRQ
uy5A+jveGmKAdZduYWHxmCkulSYhrA/dhq8YMOWByQOYt/ObN7rKEQbbQwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGIPsKurBaUeq6EQpCe9sejhGaknMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWWctd3E2c0ZwUjZyb1JDa0o3Mng2T0VacVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg/fxAMF
AyoRicAwDQYJKoZIhvcNAQELBQADggEBAH5uUJdYmH9+PdU1lQa0AZ9sAINb7eTs
p9QLu+e/Fx7XOcfLZc2/SDT0M3i+CPvS9VhFpMhrP+7nd/lZt/7MOzP6iefoNSG/
6XnubDVjWcCf0PFee++o/SJVRiVbjA56aUARzP/hwhxnoXByx0Dy5nfwrOFOgfdB
vnbxN3cYuUiqYhNIUXgdn0TdyLzvckIfwChWG1u44cpYpfx0nQ+jGNGakoxkbs/j
omx0yyB9yprjfUg17zz8Lt+koSecorzHfhGvzx1MW+u/vTWXzliiyJl1QYQlTpBB
yV/pZcAqRiOAB+xcwXaSNF3kVoC+ezKStX2VMWWeYtu4n+bRcRrjUIc=
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:18:59 2025 by rpki-client