Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Yjm8CXEkc41eOmJX5LUhjynKYLY.roa
File: Yjm8CXEkc41eOmJX5LUhjynKYLY.roa (raw, json)
Hash identifier: M5cEy+EhEa0GYB84RIoOAhEdH4VpvpS2fv1wZo/xLp8=
Subject key identifier: 62:39:BC:09:71:24:73:8D:5E:3A:62:57:E4:B5:21:8F:29:CA:60:B6
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01948279FC57579378AE9DA97EBE815D50AF
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Yjm8CXEkc41eOmJX5LUhjynKYLY.roa
Signing time: Mon 20 Jan 2025 06:50:20 +0000
ROA not before: Mon 20 Jan 2025 06:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 2a06:35c1::/32 maxlen: 32
2a0d:8f80::/29 maxlen: 29
2a0e:1a86::/32 maxlen: 32
2a0e:f500::/29 maxlen: 29
2a0f:dac0::/29 maxlen: 29
2a0f:e0c0::/29 maxlen: 29
2a10:37c0::/29 maxlen: 29
2a13:3380::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 20 Jan 2025 07:29:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:82:79:fc:57:57:93:78:ae:9d:a9:7e:be:81:5d:50:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 20 06:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6239bc097124738d5e3a6257e4b5218f29ca60b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6c:27:98:de:12:9a:80:ee:48:2f:22:91:8d:
51:2f:8c:bf:97:68:0f:cf:59:6b:d4:79:b1:1d:fe:
56:e0:6f:f1:87:64:38:e4:4a:71:d2:1c:d4:37:2a:
01:ec:60:af:80:95:39:b5:bf:af:59:ab:a2:d1:2b:
bd:5c:75:6c:48:92:51:d4:2e:5d:a9:72:df:80:c9:
b7:a7:c5:dc:7c:5a:64:e5:e6:7b:4a:9e:07:ef:e3:
d5:b2:2f:98:a1:04:a5:57:22:3b:90:7d:99:c0:21:
0a:7f:4a:20:cb:a4:35:24:03:23:83:79:8e:2c:a8:
f4:36:57:31:6a:e3:ff:65:35:ae:84:37:21:fc:11:
02:02:0c:90:21:cb:cd:b8:e8:70:86:67:21:84:ee:
8e:ed:a4:89:0b:d1:3f:2f:c2:42:8c:ea:8f:9b:78:
d7:57:e2:6a:73:3c:0d:e4:0c:da:54:13:ec:b9:c0:
bf:f4:cc:1b:96:25:e3:09:e9:6d:a1:3c:85:d7:54:
0d:ba:95:e4:21:aa:52:83:bb:5a:8e:a1:4b:a8:09:
8b:fd:52:d2:52:8b:ac:6d:27:86:59:69:e0:1a:88:
72:68:37:62:dc:b4:10:a2:3b:f5:df:f3:29:49:84:
d9:d6:7c:39:1f:ff:23:21:09:d4:a4:5c:8b:2c:9f:
70:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:39:BC:09:71:24:73:8D:5E:3A:62:57:E4:B5:21:8F:29:CA:60:B6
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Yjm8CXEkc41eOmJX5LUhjynKYLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:35c1::/32
2a0d:8f80::/29
2a0e:1a86::/32
2a0e:f500::/29
2a0f:dac0::/29
2a0f:e0c0::/29
2a10:37c0::/29
2a13:3380::/29
Signature Algorithm: sha256WithRSAEncryption
c9:53:06:22:06:63:53:1e:16:03:0f:08:53:e8:1c:cc:08:6d:
4c:0e:dc:b8:51:4e:b4:bc:30:89:ca:e8:d0:b4:60:cc:89:1e:
0e:86:90:17:57:72:64:c2:6d:16:cd:ab:0b:c4:a3:94:c0:63:
61:b9:53:f2:d0:66:94:4e:f0:05:a8:d3:a3:dd:ea:4d:fe:39:
82:15:d3:aa:fa:69:5c:c7:45:2c:4c:df:e0:51:2e:b5:33:5c:
84:90:4f:71:65:a9:b9:1b:25:91:ad:03:60:cc:2b:4a:98:b6:
b4:bf:4e:ef:48:d3:d3:0a:c2:12:c8:a1:e1:34:f8:92:e4:08:
4a:f0:9d:a1:8b:d8:fa:74:ed:fa:6f:ee:f4:85:77:ed:e4:dc:
a5:85:9e:87:c2:4f:fe:1f:0d:e5:94:fd:25:4e:bf:30:34:80:
b2:63:a2:6a:b7:59:83:5b:36:b4:99:70:f3:38:66:ac:5c:f3:
41:29:65:ec:c3:99:d6:21:9a:8a:ba:cb:e1:ad:01:0f:40:89:
f4:e3:46:51:b3:e4:2b:27:df:c5:03:3e:98:ab:df:2c:05:79:
9d:ed:d3:6e:28:49:3f:05:a6:df:f5:c8:80:c7:5c:5f:cd:6b:
ad:0a:ca:69:a6:37:75:74:78:c2:51:2e:92:99:d4:49:2c:17:
8f:71:18:af
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZSCefxXV5N4rp2pfr6BXVCvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTIwMDY1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjM5YmMwOTcxMjQ3MzhkNWUzYTYyNTdlNGI1MjE4ZjI5Y2E2MGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGwnmN4SmoDuSC8ikY1RL4y/l2gP
z1lr1HmxHf5W4G/xh2Q45Epx0hzUNyoB7GCvgJU5tb+vWaui0Su9XHVsSJJR1C5d
qXLfgMm3p8XcfFpk5eZ7Sp4H7+PVsi+YoQSlVyI7kH2ZwCEKf0ogy6Q1JAMjg3mO
LKj0NlcxauP/ZTWuhDch/BECAgyQIcvNuOhwhmchhO6O7aSJC9E/L8JCjOqPm3jX
V+JqczwN5AzaVBPsucC/9MwbliXjCeltoTyF11QNupXkIapSg7tajqFLqAmL/VLS
UousbSeGWWngGohyaDdi3LQQojv13/MpSYTZ1nw5H/8jIQnUpFyLLJ9wswIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFGI5vAlxJHONXjpiV+S1IY8pymC2MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWWptOENYRWtjNDFlT21KWDVMVWhqeW5LWUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUAKgY1wQMF
AyoNj4ADBQAqDhqGAwUDKg71AAMFAyoP2sADBQMqD+DAAwUDKhA3wAMFAyoTM4Aw
DQYJKoZIhvcNAQELBQADggEBAMlTBiIGY1MeFgMPCFPoHMwIbUwO3LhRTrS8MInK
6NC0YMyJHg6GkBdXcmTCbRbNqwvEo5TAY2G5U/LQZpRO8AWo06Pd6k3+OYIV06r6
aVzHRSxM3+BRLrUzXISQT3FlqbkbJZGtA2DMK0qYtrS/Tu9I09MKwhLIoeE0+JLk
CErwnaGL2Pp07fpv7vSFd+3k3KWFnofCT/4fDeWU/SVOvzA0gLJjomq3WYNbNrSZ
cPM4Zqxc80EpZezDmdYhmoq6y+GtAQ9AifTjRlGz5Csn38UDPpir3ywFeZ3t024o
ST8Fpt/1yIDHXF/Na60KymmmN3V0eMJRLpKZ1EksF49xGK8=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:09:47 2025 by rpki-client