Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/0HJbaCIr2GgPM6ecah_eUtJBj_0.roa
File: 0HJbaCIr2GgPM6ecah_eUtJBj_0.roa (raw, json)
Hash identifier: t9X+6D4e8Spgjx81eV+zMH1XjZ0kCh5hZc60eQqnp/w=
Subject key identifier: D0:72:5B:68:22:2B:D8:68:0F:33:A7:9C:6A:1F:DE:52:D2:41:8F:FD
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01972E6BA22511F7C432CAB49DBCC9AB840D
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/0HJbaCIr2GgPM6ecah_eUtJBj_0.roa
Signing time: Mon 02 Jun 2025 02:14:55 +0000
ROA not before: Mon 02 Jun 2025 02:14:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 02 Jun 2025 03:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2e:6b:a2:25:11:f7:c4:32:ca:b4:9d:bc:c9:ab:84:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 2 02:14:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0725b68222bd8680f33a79c6a1fde52d2418ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:75:95:24:a7:65:0e:85:bb:ed:be:fc:e9:a5:
ab:f6:71:0a:e5:fc:3a:23:87:bd:65:94:f9:80:80:
ac:3a:ac:d1:a2:61:92:9b:e7:6e:7a:51:a6:d6:7d:
db:06:3e:77:fa:54:c2:51:31:7e:c6:b4:5c:f5:40:
b8:14:68:69:bb:df:f9:76:0f:bd:e8:49:c6:7d:f5:
d4:38:4a:62:66:ac:71:09:62:59:9d:13:4d:fc:d6:
70:13:8c:4c:c6:19:f8:86:9a:06:1f:35:dc:f6:16:
30:66:0b:19:b1:da:12:70:91:d6:61:ec:f2:f9:b0:
10:43:0d:45:ff:ca:4c:b5:e7:56:55:0c:1f:c5:6b:
cc:c0:ac:a1:cc:e1:8c:1e:cb:5f:88:10:e8:5b:cb:
bd:e7:98:37:4f:eb:39:d5:64:17:d0:0d:e7:21:9f:
8a:51:1a:b3:ec:d4:1e:85:f8:25:84:27:e9:68:f6:
87:86:03:fc:6e:40:e6:5e:3f:4d:3b:f8:e6:ea:84:
c8:4f:aa:25:31:31:c5:4f:c1:79:c4:a0:00:e0:8a:
9a:78:9f:38:5e:ca:f7:f4:fe:e5:c3:84:00:24:1d:
2c:02:cf:b3:89:72:b7:cd:bf:57:7f:74:f2:54:28:
3b:6f:4d:09:38:af:35:f4:14:89:35:90:7a:66:dd:
ea:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:72:5B:68:22:2B:D8:68:0F:33:A7:9C:6A:1F:DE:52:D2:41:8F:FD
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/0HJbaCIr2GgPM6ecah_eUtJBj_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
b9:1a:f5:30:29:4d:cb:6d:df:a3:92:16:3d:76:f1:00:a3:10:
4c:d9:2a:9b:5e:ee:c7:f2:44:b4:f4:5a:d2:d9:50:02:34:a7:
ac:4e:b2:22:46:7f:e1:9d:a8:a6:fd:ed:b8:7c:3b:f6:59:77:
99:52:57:a1:9f:60:d6:36:2c:48:5b:7e:c4:e2:1e:e7:48:c8:
1c:41:fc:8d:82:3e:61:4b:5b:af:9c:24:98:41:bc:e6:41:62:
1e:f4:1f:c1:e9:04:9b:f7:ea:0c:2c:65:ee:80:14:67:9c:c1:
79:2d:61:d4:17:62:9b:de:b0:51:11:96:98:25:24:81:b6:97:
a9:29:d2:91:81:88:a9:d0:ba:e3:57:d4:9a:0b:3f:be:b9:b3:
20:48:2d:17:73:72:94:b7:8b:86:1b:9d:45:9a:b3:0c:4c:63:
bd:82:53:aa:12:48:89:fc:fc:df:2e:1e:4b:30:f6:79:1b:b7:
6b:eb:5c:2e:75:3b:78:33:55:b4:c7:5a:79:1e:aa:ec:e9:77:
04:71:73:aa:cc:76:62:3a:32:0b:fd:b3:2e:bb:c0:52:5d:9c:
0c:c6:69:e6:61:9b:9d:77:fa:92:b2:a3:c7:13:88:43:09:df:
02:e1:9c:75:2d:30:6c:68:22:db:46:01:7b:d6:a6:fb:22:b2:
7f:dd:18:08
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcua6IlEffEMsq0nbzJq4QNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAyMDIxNDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDcyNWI2ODIyMmJkODY4MGYzM2E3OWM2YTFmZGU1MmQyNDE4ZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3WVJKdlDoW77b786aWr9nEK5fw6
I4e9ZZT5gICsOqzRomGSm+duelGm1n3bBj53+lTCUTF+xrRc9UC4FGhpu9/5dg+9
6EnGffXUOEpiZqxxCWJZnRNN/NZwE4xMxhn4hpoGHzXc9hYwZgsZsdoScJHWYezy
+bAQQw1F/8pMtedWVQwfxWvMwKyhzOGMHstfiBDoW8u955g3T+s51WQX0A3nIZ+K
URqz7NQehfglhCfpaPaHhgP8bkDmXj9NO/jm6oTIT6olMTHFT8F5xKAA4IqaeJ84
Xsr39P7lw4QAJB0sAs+ziXK3zb9Xf3TyVCg7b00JOK819BSJNZB6Zt3qOQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFNByW2giK9hoDzOnnGof3lLSQY/9MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvMEhKYmFDSXIyR2dQTTZlY2FoX2VVdEpCal8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQC5GvUwKU3Lbd+jkhY9dvEAoxBM2SqbXu7H8kS0
9FrS2VACNKesTrIiRn/hnaim/e24fDv2WXeZUlehn2DWNixIW37E4h7nSMgcQfyN
gj5hS1uvnCSYQbzmQWIe9B/B6QSb9+oMLGXugBRnnMF5LWHUF2Kb3rBREZaYJSSB
tpepKdKRgYip0LrjV9SaCz++ubMgSC0Xc3KUt4uGG51FmrMMTGO9glOqEkiJ/Pzf
Lh5LMPZ5G7dr61wudTt4M1W0x1p5Hqrs6XcEcXOqzHZiOjIL/bMuu8BSXZwMxmnm
YZudd/qSsqPHE4hDCd8C4Zx1LTBsaCLbRgF71qb7IrJ/3RgI
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:02:58 2025 by rpki-client