Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/NYVChFJ-wqz6AYsngyri_hK0aTM.roa
File: NYVChFJ-wqz6AYsngyri_hK0aTM.roa (raw, json)
Hash identifier: 0VCZo9wx61/GPqxBxbFaSO0rump5Kdx48dCg82ud3/k=
Subject key identifier: 35:85:42:84:52:7E:C2:AC:FA:01:8B:27:83:2A:E2:FE:12:B4:69:33
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018F6665C6076113E3574E631E9414F43C1F
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/NYVChFJ-wqz6AYsngyri_hK0aTM.roa
Signing time: Sat 11 May 2024 06:44:56 +0000
ROA not before: Sat 11 May 2024 06:44:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212027
IP address blocks: 2a09:17c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 13 May 2024 16:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:66:65:c6:07:61:13:e3:57:4e:63:1e:94:14:f4:3c:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 11 06:44:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35854284527ec2acfa018b27832ae2fe12b46933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0d:0d:79:ad:85:42:90:bb:47:57:47:b8:6a:
93:45:39:cf:a2:3f:c3:f3:18:ef:ca:aa:f0:b2:07:
18:e3:b8:ab:df:ed:99:57:23:a4:fe:7b:90:fc:83:
1d:15:7c:f4:c2:61:8f:7c:22:18:9e:a1:65:d6:f9:
2e:7a:90:37:58:61:60:4c:d5:34:63:e3:fe:38:b9:
b0:1a:b6:74:1a:9e:87:7f:eb:ae:70:d3:e7:cd:fa:
91:1b:ea:b4:38:60:60:41:6b:ea:6f:22:76:97:72:
e8:42:61:2d:2b:19:5e:23:73:92:70:d7:93:00:12:
13:ba:61:d6:90:8c:26:22:dd:b1:60:ba:63:e1:d2:
b0:04:d9:22:18:66:f7:b6:4b:62:50:4d:f4:95:09:
5a:74:89:c1:0d:fa:13:2e:b7:f9:58:5f:e5:b0:40:
39:74:a9:95:d8:22:34:6d:53:c9:47:fd:cd:00:d2:
26:9d:bd:85:8b:b6:74:47:d2:ee:88:24:a9:25:1a:
65:34:f0:01:08:d0:ea:f0:f2:3f:e2:6d:3b:e3:29:
02:39:ee:a3:63:11:3d:2e:c9:aa:b8:05:29:e0:f6:
f8:c7:59:d4:67:b5:ce:74:04:ce:87:e4:16:95:8f:
27:87:95:85:67:48:1e:c3:17:f2:3a:8a:1f:36:ce:
c8:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:85:42:84:52:7E:C2:AC:FA:01:8B:27:83:2A:E2:FE:12:B4:69:33
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/NYVChFJ-wqz6AYsngyri_hK0aTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:17c0::/48
Signature Algorithm: sha256WithRSAEncryption
52:47:59:91:c6:6f:23:78:e3:76:58:d6:c7:9f:3e:16:29:cc:
a2:82:cf:b5:ef:42:ad:a9:d9:d9:0e:4f:ed:9e:02:ea:47:b3:
4f:de:a2:3e:8d:90:86:93:cc:57:75:37:7b:36:a7:ed:25:f3:
67:fc:49:84:4a:b1:52:69:cf:1e:fa:de:df:3d:ef:0e:2e:48:
2b:45:32:ae:9b:d9:fe:f1:47:75:2a:17:69:9c:44:fe:a9:7f:
8e:06:5a:4c:e7:57:bd:36:33:12:25:cd:69:e3:6c:79:ce:32:
6c:91:2f:aa:5b:fb:4f:05:c2:8f:cb:66:d4:ab:70:9f:7f:f4:
ba:e2:9d:70:c4:f5:c8:da:c5:dd:75:d6:69:0e:81:6c:7d:58:
76:4c:17:7c:24:72:ad:fb:a2:c9:62:69:91:a5:78:60:79:4e:
95:2d:89:5e:e3:3c:6f:06:cd:44:61:c9:b3:3c:8f:ff:82:d1:
f5:4c:4b:0f:e8:28:b5:ed:17:66:ff:9e:b5:95:80:35:2b:f5:
40:33:b4:df:bd:90:73:cd:73:81:ba:cb:2e:d7:bf:b9:d8:c5:
a8:f4:4d:01:ad:0b:7a:5b:21:98:a0:db:b0:95:50:86:6f:02:
89:b4:af:10:75:a2:34:ee:46:3d:3d:d0:9d:0b:c2:eb:e9:3b:
b2:36:a4:a4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY9mZcYHYRPjV05jHpQU9DwfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNTExMDY0NDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTg1NDI4NDUyN2VjMmFjZmEwMThiMjc4MzJhZTJmZTEyYjQ2OTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQ0Nea2FQpC7R1dHuGqTRTnPoj/D
8xjvyqrwsgcY47ir3+2ZVyOk/nuQ/IMdFXz0wmGPfCIYnqFl1vkuepA3WGFgTNU0
Y+P+OLmwGrZ0Gp6Hf+uucNPnzfqRG+q0OGBgQWvqbyJ2l3LoQmEtKxleI3OScNeT
ABITumHWkIwmIt2xYLpj4dKwBNkiGGb3tktiUE30lQladInBDfoTLrf5WF/lsEA5
dKmV2CI0bVPJR/3NANImnb2Fi7Z0R9LuiCSpJRplNPABCNDq8PI/4m074ykCOe6j
YxE9LsmquAUp4Pb4x1nUZ7XOdATOh+QWlY8nh5WFZ0gewxfyOoofNs7IhQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDWFQoRSfsKs+gGLJ4Mq4v4StGkzMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTllWQ2hGSi13cXo2QVlzbmd5cmlfaEswYVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgkXwAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBSR1mRxm8jeON2WNbHnz4WKcyigs+170KtqdnZ
Dk/tngLqR7NP3qI+jZCGk8xXdTd7NqftJfNn/EmESrFSac8e+t7fPe8OLkgrRTKu
m9n+8Ud1KhdpnET+qX+OBlpM51e9NjMSJc1p42x5zjJskS+qW/tPBcKPy2bUq3Cf
f/S64p1wxPXI2sXdddZpDoFsfVh2TBd8JHKt+6LJYmmRpXhgeU6VLYle4zxvBs1E
YcmzPI//gtH1TEsP6Ci17Rdm/561lYA1K/VAM7TfvZBzzXOBussu17+52MWo9E0B
rQt6WyGYoNuwlVCGbwKJtK8QdaI07kY9PdCdC8Lr6TuyNqSk
-----END CERTIFICATE-----
Generated at Sun May 11 13:40:30 2025 by rpki-client