Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/_adYGWl7KTP0YlElzDOJXkw-dXM.roa
File: _adYGWl7KTP0YlElzDOJXkw-dXM.roa (raw, json)
Hash identifier: Vh2sp8e+eAaJnNrCcgejbgZH+9y5S3Sv8xkIzPiG7yQ=
Subject key identifier: FD:A7:58:19:69:7B:29:33:F4:62:51:25:CC:33:89:5E:4C:3E:75:73
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01946E098AE2083F7133731D865FD18D1652
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/_adYGWl7KTP0YlElzDOJXkw-dXM.roa
Signing time: Thu 16 Jan 2025 07:35:06 +0000
ROA not before: Thu 16 Jan 2025 07:35:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 2a06:35c1::/32 maxlen: 32
2a0d:8f80::/29 maxlen: 29
2a0e:1a86::/32 maxlen: 32
2a0e:f500::/29 maxlen: 29
2a0f:dac0::/29 maxlen: 29
2a10:37c0::/29 maxlen: 29
2a13:3380::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 20 Jan 2025 06:50:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:09:8a:e2:08:3f:71:33:73:1d:86:5f:d1:8d:16:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 16 07:35:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fda75819697b2933f4625125cc33895e4c3e7573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:99:78:0f:fa:2b:15:d4:b9:36:41:14:2c:5d:
7c:f4:50:cf:bc:d3:db:96:68:6f:55:92:95:e8:39:
89:55:1c:a4:f1:81:d9:de:30:d1:16:95:8b:ba:a3:
c7:20:91:24:2a:89:3f:1e:d1:6c:4a:4a:15:4c:ad:
c3:d4:35:a3:be:c5:f0:79:4c:83:22:6f:7d:6d:38:
33:bc:3b:6d:4b:25:3c:b6:c6:f0:0f:12:f1:8f:2a:
b3:08:0a:d4:61:01:bc:e1:83:aa:ae:5e:f1:c9:4d:
52:67:e6:1a:c8:61:92:da:6a:1b:fd:af:1a:52:28:
94:b0:99:43:9e:65:c2:7c:41:57:a4:54:c4:bf:96:
4c:e0:e6:5d:bb:70:50:ee:17:3e:e2:d5:4c:d2:a5:
d6:df:99:5d:07:6b:4f:75:b3:4d:e8:eb:8c:08:3e:
34:33:b3:fc:de:4c:9c:25:9e:f8:13:cb:cd:91:f5:
d9:72:bd:ed:5d:c8:57:6b:b0:3e:72:37:6a:e0:7f:
10:4a:1e:54:45:89:8d:ce:09:64:79:fd:91:52:61:
8b:42:32:42:99:38:07:b5:ec:20:f6:f7:c2:b3:25:
24:fa:73:1f:c4:35:3d:e9:27:04:f2:42:36:3a:80:
9e:2b:19:b1:8e:53:fc:06:55:a9:c8:1c:d8:54:f5:
4f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A7:58:19:69:7B:29:33:F4:62:51:25:CC:33:89:5E:4C:3E:75:73
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/_adYGWl7KTP0YlElzDOJXkw-dXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:35c1::/32
2a0d:8f80::/29
2a0e:1a86::/32
2a0e:f500::/29
2a0f:dac0::/29
2a10:37c0::/29
2a13:3380::/29
Signature Algorithm: sha256WithRSAEncryption
20:f2:37:16:be:ad:44:2c:48:ab:ab:59:58:5b:0f:11:b5:cf:
9b:96:63:a2:34:c2:78:3c:7e:3c:34:1a:0b:cc:41:97:a0:3e:
07:90:5d:4f:46:ca:c9:97:3a:b4:14:1d:9d:95:fb:ef:1a:60:
04:00:60:b3:49:b5:b8:95:1f:dd:5d:aa:fc:44:08:aa:b9:a8:
8b:34:88:98:f5:b1:2a:33:5b:28:e1:c9:86:7d:89:72:2b:75:
80:96:c2:88:1c:5d:0a:c0:bf:f2:fa:3d:ee:cc:7c:a3:f1:9d:
74:ab:65:35:a6:9f:74:1e:b4:aa:da:3a:da:7b:be:93:00:6f:
78:65:e0:06:5e:b3:08:95:66:ab:c5:ef:76:cb:48:e5:11:52:
ae:26:c1:39:e6:44:ec:97:2b:28:64:d3:df:57:2b:58:b6:6e:
b8:a6:7d:92:74:df:cf:49:1b:ac:72:72:b7:88:24:b0:59:97:
8d:5d:52:e2:a4:25:2e:2c:46:df:3e:9a:3b:a1:82:75:7c:66:
2c:25:f8:17:d9:af:53:01:d9:fb:5a:75:b9:ac:e5:8d:bb:32:
14:9d:b0:15:c8:e8:60:23:05:b0:1d:0b:2d:ed:46:f9:5d:64:
72:0a:77:3e:e2:30:4c:32:75:90:ba:bc:69:a0:49:a2:8d:79:
2e:8e:0c:16
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZRuCYriCD9xM3Mdhl/RjRZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTE2MDczNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGE3NTgxOTY5N2IyOTMzZjQ2MjUxMjVjYzMzODk1ZTRjM2U3NTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA65l4D/orFdS5NkEULF189FDPvNPb
lmhvVZKV6DmJVRyk8YHZ3jDRFpWLuqPHIJEkKok/HtFsSkoVTK3D1DWjvsXweUyD
Im99bTgzvDttSyU8tsbwDxLxjyqzCArUYQG84YOqrl7xyU1SZ+YayGGS2mob/a8a
UiiUsJlDnmXCfEFXpFTEv5ZM4OZdu3BQ7hc+4tVM0qXW35ldB2tPdbNN6OuMCD40
M7P83kycJZ74E8vNkfXZcr3tXchXa7A+cjdq4H8QSh5URYmNzglkef2RUmGLQjJC
mTgHtewg9vfCsyUk+nMfxDU96ScE8kI2OoCeKxmxjlP8BlWpyBzYVPVPMwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFP2nWBlpeykz9GJRJcwziV5MPnVzMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvX2FkWUdXbDdLVFAwWWxFbHpET0pYa3ctZFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUAKgY1wQMF
AyoNj4ADBQAqDhqGAwUDKg71AAMFAyoP2sADBQMqEDfAAwUDKhMzgDANBgkqhkiG
9w0BAQsFAAOCAQEAIPI3Fr6tRCxIq6tZWFsPEbXPm5ZjojTCeDx+PDQaC8xBl6A+
B5BdT0bKyZc6tBQdnZX77xpgBABgs0m1uJUf3V2q/EQIqrmoizSImPWxKjNbKOHJ
hn2Jcit1gJbCiBxdCsC/8vo97sx8o/GddKtlNaafdB60qto62nu+kwBveGXgBl6z
CJVmq8XvdstI5RFSribBOeZE7JcrKGTT31crWLZuuKZ9knTfz0kbrHJyt4gksFmX
jV1S4qQlLixG3z6aO6GCdXxmLCX4F9mvUwHZ+1p1uazljbsyFJ2wFcjoYCMFsB0L
Le1G+V1kcgp3PuIwTDJ1kLq8aaBJoo15Lo4MFg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:07:21 2025 by rpki-client