Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2YXhoNBFE6U2QHM72RlGZONEaqw.roa
File: 2YXhoNBFE6U2QHM72RlGZONEaqw.roa (raw, json)
Hash identifier: pZaUc4xuhDE6cnQHfPls3pnVcoYayMEFv/G5iej/CKo=
Subject key identifier: D9:85:E1:A0:D0:45:13:A5:36:40:73:3B:D9:19:46:64:E3:44:6A:AC
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019671D73286A29565CD248EAEC9488B1FBD
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2YXhoNBFE6U2QHM72RlGZONEaqw.roa
Signing time: Sat 26 Apr 2025 11:24:10 +0000
ROA not before: Sat 26 Apr 2025 11:24:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209858
IP address blocks: 2a10:3340::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 26 Apr 2025 11:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:71:d7:32:86:a2:95:65:cd:24:8e:ae:c9:48:8b:1f:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 26 11:24:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d985e1a0d04513a53640733bd9194664e3446aac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1d:67:70:03:a3:a7:37:0f:7f:1e:f3:41:2f:
cf:4a:0c:40:0d:cd:40:79:78:00:f5:f9:85:3b:63:
9c:66:d8:88:da:d9:d2:1c:28:83:40:54:d0:38:43:
94:8d:fd:99:60:a2:d3:fa:63:7e:d3:c0:1b:e8:ec:
0d:12:b9:25:bd:47:e7:c2:a4:cd:05:de:27:73:bc:
6b:bf:73:32:a5:5a:be:81:09:68:65:aa:06:2f:c6:
5f:0c:99:a3:f3:1c:f8:43:78:34:7f:79:b5:39:9e:
25:64:fd:57:87:5a:7f:a0:48:fc:22:b6:27:a5:7b:
cf:c6:2a:d8:29:06:fd:63:4c:53:dd:82:22:41:bb:
86:31:6a:e0:c8:60:f3:52:ad:9b:51:d6:99:ed:b3:
f0:81:24:99:23:d5:45:1e:cc:d8:9d:2e:61:f8:c9:
fd:cc:59:7a:7b:60:3e:5e:06:91:a5:d8:d7:fc:08:
a0:60:97:93:ed:87:30:90:1e:42:b9:69:1a:a0:1e:
b8:f7:f0:b3:c2:75:57:7c:00:0b:b1:0c:00:e0:57:
f7:6c:2c:b1:f3:f3:d2:52:f7:b0:d9:2d:df:78:d3:
85:e0:3e:d0:01:9b:06:49:f3:56:60:2e:d5:8a:be:
03:8f:86:f3:9a:fa:9e:bc:d8:57:12:01:ee:bf:78:
99:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:85:E1:A0:D0:45:13:A5:36:40:73:3B:D9:19:46:64:E3:44:6A:AC
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2YXhoNBFE6U2QHM72RlGZONEaqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:3340::/29
Signature Algorithm: sha256WithRSAEncryption
cf:55:23:0a:83:fe:4b:e6:4a:28:f0:27:2a:d4:7f:88:7a:e9:
25:9c:66:49:d7:f2:c0:2a:67:04:a9:0e:3d:62:18:b5:b1:13:
a2:b7:ee:ef:df:e2:e4:4b:93:ee:91:32:42:5e:f4:ef:b3:75:
9f:e9:bc:8f:04:90:5d:84:70:df:f8:30:2a:86:da:0f:d9:98:
91:d0:6d:5e:b4:0a:29:bf:56:4b:70:c8:09:4e:d8:ed:f5:68:
6f:a9:ac:34:9d:b1:80:3b:87:2e:b2:90:ff:09:13:42:9a:67:
81:14:d1:0f:7f:38:23:92:a4:bf:06:2f:8f:09:22:75:e8:39:
b2:e4:42:bd:d3:90:96:15:7d:3e:56:4f:a1:a5:58:04:9a:98:
40:b9:33:d7:32:3f:b5:41:0f:75:d4:a7:7b:19:bf:59:a6:e8:
b0:88:29:d7:49:73:5b:dd:b4:40:a9:48:52:57:d9:2c:2b:3a:
46:86:d5:ae:92:20:54:c8:3f:75:07:1b:53:98:0f:f5:c1:b6:
9e:59:c8:bf:7f:3d:1e:bd:17:a9:b3:06:5e:35:f6:d8:64:18:
cf:f7:6c:dd:d7:6c:ee:55:16:b0:64:98:77:fd:79:c7:6e:5c:
e4:c4:bc:20:d2:f2:ee:f9:b3:ac:66:ea:ca:b9:bd:c2:cc:88:
26:2a:5d:d7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZZx1zKGopVlzSSOrslIix+9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNDI2MTEyNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTg1ZTFhMGQwNDUxM2E1MzY0MDczM2JkOTE5NDY2NGUzNDQ2YWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArB1ncAOjpzcPfx7zQS/PSgxADc1A
eXgA9fmFO2OcZtiI2tnSHCiDQFTQOEOUjf2ZYKLT+mN+08Ab6OwNErklvUfnwqTN
Bd4nc7xrv3MypVq+gQloZaoGL8ZfDJmj8xz4Q3g0f3m1OZ4lZP1Xh1p/oEj8IrYn
pXvPxirYKQb9Y0xT3YIiQbuGMWrgyGDzUq2bUdaZ7bPwgSSZI9VFHszYnS5h+Mn9
zFl6e2A+XgaRpdjX/AigYJeT7YcwkB5CuWkaoB649/CzwnVXfAALsQwA4Ff3bCyx
8/PSUvew2S3feNOF4D7QAZsGSfNWYC7Vir4Dj4bzmvqevNhXEgHuv3iZEwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNmF4aDQRROlNkBzO9kZRmTjRGqsMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMllYaG9OQkZFNlUyUUhNNzJSbEdaT05FYXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhAzQDAN
BgkqhkiG9w0BAQsFAAOCAQEAz1UjCoP+S+ZKKPAnKtR/iHrpJZxmSdfywCpnBKkO
PWIYtbETorfu79/i5EuT7pEyQl7077N1n+m8jwSQXYRw3/gwKobaD9mYkdBtXrQK
Kb9WS3DICU7Y7fVob6msNJ2xgDuHLrKQ/wkTQppngRTRD384I5KkvwYvjwkideg5
suRCvdOQlhV9PlZPoaVYBJqYQLkz1zI/tUEPddSnexm/WabosIgp10lzW920QKlI
UlfZLCs6RobVrpIgVMg/dQcbU5gP9cG2nlnIv389Hr0XqbMGXjX22GQYz/ds3dds
7lUWsGSYd/15x25c5MS8INLy7vmzrGbqyrm9wsyIJipd1w==
-----END CERTIFICATE-----
Generated at Sat May 10 19:03:39 2025 by rpki-client