Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/yCYg1K7SxFIubaE9bSiguIZJaC8.roa
File: yCYg1K7SxFIubaE9bSiguIZJaC8.roa (raw, json)
Hash identifier: BIKvMTt+lUHU7xjlcsIzhXQ9lcn+M7K9ndJBu+GIeGA=
Subject key identifier: C8:26:20:D4:AE:D2:C4:52:2E:6D:A1:3D:6D:28:A0:B8:86:49:68:2F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018DC0498C1427105E5D7778990BAF13EFF1
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/yCYg1K7SxFIubaE9bSiguIZJaC8.roa
Signing time: Mon 19 Feb 2024 07:34:21 +0000
ROA not before: Mon 19 Feb 2024 07:34:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198231
IP address blocks: 2a06:35c0::/30 maxlen: 30
2a06:35c4::/30 maxlen: 30
2a13:2d40::/32 maxlen: 32
2a13:2d41::/32 maxlen: 32
2a13:2d42::/32 maxlen: 32
2a13:2d43::/32 maxlen: 32
2a13:2d44::/32 maxlen: 32
2a13:2d45::/32 maxlen: 32
2a13:2d46::/32 maxlen: 32
2a13:2d47::/32 maxlen: 32
2a13:2dc0::/32 maxlen: 32
2a13:2dc1::/32 maxlen: 32
2a13:2dc2::/32 maxlen: 32
2a13:2dc3::/32 maxlen: 32
2a13:2dc4::/32 maxlen: 32
2a13:2dc5::/32 maxlen: 32
2a13:2dc6::/32 maxlen: 32
2a13:2dc7::/32 maxlen: 32
2a13:c900::/32 maxlen: 32
2a13:c901::/32 maxlen: 32
2a13:c902::/32 maxlen: 32
2a13:c903::/32 maxlen: 32
2a13:c904::/32 maxlen: 32
2a13:c905::/32 maxlen: 32
2a13:c906::/32 maxlen: 32
2a13:c907::/32 maxlen: 32
2a13:d700::/32 maxlen: 32
2a13:d701::/32 maxlen: 32
2a13:d702::/32 maxlen: 32
2a13:d703::/32 maxlen: 32
2a13:d704::/32 maxlen: 32
2a13:d705::/32 maxlen: 32
2a13:d706::/32 maxlen: 32
2a13:d707::/32 maxlen: 32
2a13:d900::/32 maxlen: 32
2a13:d901::/32 maxlen: 32
2a13:d902::/32 maxlen: 32
2a13:d903::/32 maxlen: 32
2a13:d904::/32 maxlen: 32
2a13:d905::/32 maxlen: 32
2a13:d906::/32 maxlen: 32
2a13:d907::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 23 Mar 2024 11:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c0:49:8c:14:27:10:5e:5d:77:78:99:0b:af:13:ef:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 19 07:34:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c82620d4aed2c4522e6da13d6d28a0b88649682f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:18:cc:b5:51:11:b4:96:d3:15:de:c2:07:c8:
a3:84:d3:c3:9d:ee:f9:07:dc:20:fd:49:ef:e3:bb:
d9:65:95:47:17:4d:1e:97:63:c5:36:8b:6b:75:72:
0b:f1:f2:66:43:3b:03:23:14:cd:ec:3c:39:ce:58:
79:e5:07:d3:6c:49:ff:34:6b:f6:e1:1e:4b:2a:d2:
d8:b8:95:1e:5a:8f:bb:d0:26:3f:64:31:d6:bb:ba:
e1:92:a8:f9:17:88:04:08:0a:15:e5:cb:f0:4a:81:
46:90:4b:88:26:0a:86:d7:1a:f0:77:ac:6d:47:dd:
8c:c9:6f:ec:79:c5:5a:53:bf:c7:9c:03:0e:7b:eb:
30:2e:d5:d5:bd:2c:12:25:f4:df:e6:35:7a:3c:6b:
ff:68:e9:68:b7:f6:98:35:23:61:54:8a:42:6d:c9:
f9:01:7e:29:66:2c:8d:66:a5:ac:96:1a:00:02:b1:
5a:c8:fb:50:42:8e:c3:0f:f4:02:5c:f9:46:2e:f2:
c0:60:28:a3:aa:8e:45:ea:43:ae:d2:95:fc:b6:63:
e3:9d:a3:55:4f:41:7c:a4:89:33:1a:03:a1:71:d1:
76:a5:32:8d:b5:f8:0f:89:9a:c9:f6:f8:63:0b:f6:
92:1a:20:1b:87:0c:c1:1a:00:8e:70:8f:64:7f:9c:
7b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:26:20:D4:AE:D2:C4:52:2E:6D:A1:3D:6D:28:A0:B8:86:49:68:2F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/yCYg1K7SxFIubaE9bSiguIZJaC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:35c0::/29
2a13:2d40::/29
2a13:2dc0::/29
2a13:c900::/29
2a13:d700::/29
2a13:d900::/29
Signature Algorithm: sha256WithRSAEncryption
14:42:61:2c:87:55:b5:59:0e:e2:f5:ef:84:c4:aa:f0:ce:83:
29:4f:30:00:3f:20:a3:80:4b:0d:51:5a:15:8a:d5:95:2e:76:
ba:66:bf:a3:ac:e9:6f:00:35:b3:cd:fc:69:1b:e4:40:f6:c6:
02:12:97:4a:ce:67:8b:af:36:71:c0:26:df:ab:9e:1e:5b:0e:
bf:b5:c0:7e:3c:3b:75:b1:51:5b:9b:63:99:1c:5f:d6:58:d3:
19:d9:38:8e:53:e1:ec:6e:60:b4:f3:d4:ce:9f:8d:17:20:e3:
f4:4c:32:85:a7:78:0c:4c:db:db:c5:7c:be:b9:07:52:88:a9:
ea:eb:75:49:41:94:7b:ad:8a:aa:a8:cc:2c:45:9e:ee:e1:8e:
64:d8:42:ea:a5:fe:88:f8:36:46:7b:c5:33:2c:18:2b:aa:f6:
ae:1d:72:6a:18:99:76:f7:b4:68:a3:a0:c9:a7:55:d7:5a:53:
59:51:65:70:28:f6:0d:d7:4b:be:33:ab:c0:a9:3f:64:12:fe:
75:cd:3a:44:55:95:45:02:48:cb:23:e6:01:33:56:6c:2c:c0:
c5:37:43:cc:0a:29:ba:20:8a:aa:c1:d1:c3:52:ca:15:bf:16:
91:26:72:b8:e6:08:0f:7d:25:b0:b4:d2:3d:d2:09:e4:fb:c6:
e1:56:d4:b6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY3ASYwUJxBeXXd4mQuvE+/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMjE5MDczNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODI2MjBkNGFlZDJjNDUyMmU2ZGExM2Q2ZDI4YTBiODg2NDk2ODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohjMtVERtJbTFd7CB8ijhNPDne75
B9wg/Unv47vZZZVHF00el2PFNotrdXIL8fJmQzsDIxTN7Dw5zlh55QfTbEn/NGv2
4R5LKtLYuJUeWo+70CY/ZDHWu7rhkqj5F4gECAoV5cvwSoFGkEuIJgqG1xrwd6xt
R92MyW/secVaU7/HnAMOe+swLtXVvSwSJfTf5jV6PGv/aOlot/aYNSNhVIpCbcn5
AX4pZiyNZqWslhoAArFayPtQQo7DD/QCXPlGLvLAYCijqo5F6kOu0pX8tmPjnaNV
T0F8pIkzGgOhcdF2pTKNtfgPiZrJ9vhjC/aSGiAbhwzBGgCOcI9kf5x7HwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMgmINSu0sRSLm2hPW0ooLiGSWgvMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveUNZZzFLN1N4Rkl1YmFFOWJTaWd1SVpKYUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgY1wAMF
AyoTLUADBQMqEy3AAwUDKhPJAAMFAyoT1wADBQMqE9kAMA0GCSqGSIb3DQEBCwUA
A4IBAQAUQmEsh1W1WQ7i9e+ExKrwzoMpTzAAPyCjgEsNUVoVitWVLna6Zr+jrOlv
ADWzzfxpG+RA9sYCEpdKzmeLrzZxwCbfq54eWw6/tcB+PDt1sVFbm2OZHF/WWNMZ
2TiOU+HsbmC089TOn40XIOP0TDKFp3gMTNvbxXy+uQdSiKnq63VJQZR7rYqqqMws
RZ7u4Y5k2ELqpf6I+DZGe8UzLBgrqvauHXJqGJl297Roo6DJp1XXWlNZUWVwKPYN
10u+M6vAqT9kEv51zTpEVZVFAkjLI+YBM1ZsLMDFN0PMCim6IIqqwdHDUsoVvxaR
JnK45ggPfSWwtNI90gnk+8bhVtS2
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:05:33 2025 by rpki-client