Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/yMyfJE9AjAGYtcxym33czm0LXBk.roa
File: yMyfJE9AjAGYtcxym33czm0LXBk.roa (raw, json)
Hash identifier: Uu4l87ydC6nAOBQMdq1H/VRwg8y2dBNC0HVu0+bcxwA=
Subject key identifier: C8:CC:9F:24:4F:40:8C:01:98:B5:CC:72:9B:7D:DC:CE:6D:0B:5C:19
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0190BF80E7408118047D12BAB5C869966253
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/yMyfJE9AjAGYtcxym33czm0LXBk.roa
Signing time: Wed 17 Jul 2024 07:03:34 +0000
ROA not before: Wed 17 Jul 2024 07:03:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10753
IP address blocks: 2a0f:1940::/29 maxlen: 29
2a0f:7d07::/32 maxlen: 32
2a11:4800::/29 maxlen: 32
Validation: Failed, certificate revoked on Fri 26 Jul 2024 08:58:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bf:80:e7:40:81:18:04:7d:12:ba:b5:c8:69:96:62:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 17 07:03:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8cc9f244f408c0198b5cc729b7ddcce6d0b5c19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:95:20:05:48:de:fc:bd:e2:33:a5:21:ee:6b:
5c:8a:29:e9:57:70:b2:5f:e6:36:9b:89:d5:cb:d2:
8f:df:aa:16:6b:1e:a5:05:01:1e:61:0b:1e:ff:7e:
77:94:45:75:34:c9:15:89:db:4d:d6:bc:59:66:52:
61:46:27:31:45:9c:e4:7f:f2:73:f5:4f:18:fc:2c:
49:a6:53:36:de:63:e7:23:2c:44:3d:aa:72:7d:93:
ff:38:9d:88:31:cd:24:19:61:cf:d8:f3:01:d9:9f:
77:60:2d:0a:51:20:f5:ae:84:e8:68:51:d0:ca:ce:
3b:10:5f:e7:b4:22:e0:16:72:c7:ad:7d:9f:cd:ca:
ea:70:3e:97:7a:bd:00:f8:d9:4c:bb:4a:80:92:3b:
73:53:a4:df:db:0e:1f:83:37:5d:1f:67:ee:fd:c6:
bb:a3:0a:2a:68:63:66:51:a3:9d:d0:0c:4c:0c:2b:
a9:55:bc:b0:68:57:5f:dc:e4:46:8d:3f:d0:9f:7c:
22:76:13:e4:31:07:33:d0:68:2a:95:aa:6d:60:9d:
7b:12:bc:15:7b:52:01:bc:3e:05:eb:19:11:cd:b7:
d2:e5:f7:86:c0:41:83:23:7a:c5:f0:24:ce:cd:03:
ad:fc:52:eb:84:1e:34:30:c7:e1:85:fe:26:e8:25:
03:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:CC:9F:24:4F:40:8C:01:98:B5:CC:72:9B:7D:DC:CE:6D:0B:5C:19
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/yMyfJE9AjAGYtcxym33czm0LXBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1940::/29
2a0f:7d07::/32
2a11:4800::/29
Signature Algorithm: sha256WithRSAEncryption
b5:a0:49:c5:d7:bc:e5:30:55:1c:96:f5:71:a7:e8:1e:95:c4:
70:ad:7f:80:13:8c:89:94:03:af:01:b0:53:41:4d:9c:61:2c:
d6:4b:70:10:32:7e:2f:26:87:e1:06:e0:71:de:a3:55:be:cf:
a7:aa:bc:47:b4:08:b2:c4:ab:15:78:b8:e7:8f:d2:ed:27:03:
f2:f5:4b:f3:35:3c:85:fa:db:f5:76:5f:17:d5:60:a3:d1:c6:
db:0c:9b:e1:0e:a7:41:b3:76:c3:51:09:d5:04:56:19:ba:64:
1d:22:66:88:dd:2e:85:b2:c0:fa:70:1e:f4:ff:45:62:4e:c0:
13:fb:a8:ed:74:54:35:bc:12:2e:6d:67:e7:13:7f:1c:f9:6f:
a7:70:b4:52:11:e0:50:9e:14:9d:40:59:95:1b:a1:35:1f:99:
f5:3b:50:b1:ef:89:3c:b8:12:b5:52:97:d9:1b:32:fd:f7:a7:
0b:1e:fb:d7:93:36:d1:63:04:6f:89:2f:d2:8a:aa:9c:a5:21:
29:e2:a2:fb:6b:b0:83:16:a9:66:09:d3:7f:e7:17:55:2a:d1:
81:2f:b1:a7:25:d0:d6:46:31:ee:06:e3:4a:6e:61:52:5c:3e:
0e:cf:1b:29:4e:6d:e9:81:94:70:fc:c7:ae:6f:7b:d4:ef:02:
07:6f:25:54
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZC/gOdAgRgEfRK6tchplmJTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNzE3MDcwMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGNjOWYyNDRmNDA4YzAxOThiNWNjNzI5YjdkZGNjZTZkMGI1YzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZUgBUje/L3iM6Uh7mtciinpV3Cy
X+Y2m4nVy9KP36oWax6lBQEeYQse/353lEV1NMkVidtN1rxZZlJhRicxRZzkf/Jz
9U8Y/CxJplM23mPnIyxEPapyfZP/OJ2IMc0kGWHP2PMB2Z93YC0KUSD1roToaFHQ
ys47EF/ntCLgFnLHrX2fzcrqcD6Xer0A+NlMu0qAkjtzU6Tf2w4fgzddH2fu/ca7
owoqaGNmUaOd0AxMDCupVbywaFdf3ORGjT/Qn3widhPkMQcz0GgqlaptYJ17ErwV
e1IBvD4F6xkRzbfS5feGwEGDI3rF8CTOzQOt/FLrhB40MMfhhf4m6CUDJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMjMnyRPQIwBmLXMcpt93M5tC1wZMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveU15ZkpFOUFqQUdZdGN4eW0zM2N6bTBMWEJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg8ZQAMF
ACoPfQcDBQMqEUgAMA0GCSqGSIb3DQEBCwUAA4IBAQC1oEnF17zlMFUclvVxp+ge
lcRwrX+AE4yJlAOvAbBTQU2cYSzWS3AQMn4vJofhBuBx3qNVvs+nqrxHtAiyxKsV
eLjnj9LtJwPy9UvzNTyF+tv1dl8X1WCj0cbbDJvhDqdBs3bDUQnVBFYZumQdImaI
3S6FssD6cB70/0ViTsAT+6jtdFQ1vBIubWfnE38c+W+ncLRSEeBQnhSdQFmVG6E1
H5n1O1Cx74k8uBK1UpfZGzL996cLHvvXkzbRYwRviS/SiqqcpSEp4qL7a7CDFqlm
CdN/5xdVKtGBL7GnJdDWRjHuBuNKbmFSXD4OzxspTm3pgZRw/Meub3vU7wIHbyVU
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:17 2025 by rpki-client