Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/0NMB7-f8nEnj00le0FpX_j7LJBo.roa
File: 0NMB7-f8nEnj00le0FpX_j7LJBo.roa (raw, json)
Hash identifier: dPPM8Ls/liBFNQ3rS2aW9E+OaBAGMXkdwkXW7msra6Y=
Subject key identifier: D0:D3:01:EF:E7:FC:9C:49:E3:D3:49:5E:D0:5A:57:FE:3E:CB:24:1A
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196EF542216347B9BDAF4AAFAA767B86FD9
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/0NMB7-f8nEnj00le0FpX_j7LJBo.roa
Signing time: Tue 20 May 2025 20:13:10 +0000
ROA not before: Tue 20 May 2025 20:13:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 20 May 2025 21:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ef:54:22:16:34:7b:9b:da:f4:aa:fa:a7:67:b8:6f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 20 20:13:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0d301efe7fc9c49e3d3495ed05a57fe3ecb241a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:73:a6:72:78:81:a5:e1:78:45:3a:8e:d1:35:
f7:4d:37:96:c8:d9:a3:24:ad:86:84:eb:d0:99:2d:
54:bb:1f:f2:bb:e0:bd:1e:5f:6a:cc:5d:35:16:6e:
33:65:d5:74:d2:be:b4:81:eb:ab:18:83:75:d4:9a:
fe:ff:84:4c:53:17:e6:74:fc:3a:1c:b3:eb:e1:b4:
66:0c:ab:58:3d:95:3f:e3:89:91:7f:e0:6c:c6:28:
71:29:56:b3:bb:11:80:64:11:dc:6e:78:c9:21:9c:
48:8f:c4:fc:53:df:5c:18:74:b5:e6:ed:ab:0e:98:
59:3b:23:5c:38:bd:b1:7f:9c:27:8c:a9:5a:b3:d1:
59:31:99:32:a4:7b:30:4e:c8:6d:01:ab:9d:00:76:
13:5f:1a:f9:ef:fe:2a:5e:e9:b1:6a:ee:35:34:44:
72:a1:bc:96:a0:4f:9d:55:9d:4b:96:d7:b7:05:c9:
26:00:67:86:f2:b5:d4:31:b3:09:a9:af:3e:de:44:
0e:38:28:5e:52:59:77:3a:95:64:30:b3:6b:56:e3:
f4:91:0a:77:c9:dd:30:3e:c9:a6:e1:8e:10:40:ed:
e8:42:85:d8:2e:b1:6f:cd:24:6f:a1:ee:ca:bb:fc:
f8:6c:bc:0d:c9:65:45:76:9c:99:e3:37:aa:f9:b8:
78:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D3:01:EF:E7:FC:9C:49:E3:D3:49:5E:D0:5A:57:FE:3E:CB:24:1A
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/0NMB7-f8nEnj00le0FpX_j7LJBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
48:07:46:46:d6:a6:be:d1:a7:7c:06:c1:54:c5:41:ef:48:20:
86:5a:f0:c5:03:13:e7:1f:f8:c4:a4:46:f6:57:a7:35:64:0e:
7e:00:d9:ac:49:27:27:fc:c8:d1:9d:21:50:43:09:89:94:e2:
ba:f6:87:ef:d1:65:de:d8:f4:57:f7:cf:74:1f:3c:61:a8:2f:
5b:49:0c:06:34:b3:6d:6f:9b:d2:fe:a9:00:23:99:17:d5:be:
a3:b5:17:b9:b8:81:53:fd:d2:70:8f:d3:0a:9b:84:a3:0c:c4:
17:4c:4e:7f:91:f4:98:f0:35:0a:8f:03:44:75:46:33:bf:c4:
e2:69:26:be:12:4a:3d:37:06:d9:f8:a7:72:ee:b9:5d:63:48:
91:88:5c:78:30:06:66:f3:6c:ad:71:35:b7:6d:04:10:2f:72:
4e:af:38:a8:ee:7f:fd:d8:12:68:2a:80:28:fd:a6:5a:cf:a7:
00:48:9b:a5:bb:7a:cb:f6:60:06:d3:ba:b2:7f:3c:9e:12:0a:
7f:60:e2:c2:4b:79:c4:24:71:55:f4:a3:91:48:30:8f:5b:2f:
37:f0:3e:ba:6a:3e:d3:d7:11:39:28:d2:ab:cc:b3:70:a2:a8:
3b:f4:5c:82:1e:71:e9:b1:9e:64:52:60:98:4a:9f:de:2e:ef:
f8:95:03:3f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbvVCIWNHub2vSq+qdnuG/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIwMjAxMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGQzMDFlZmU3ZmM5YzQ5ZTNkMzQ5NWVkMDVhNTdmZTNlY2IyNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXOmcniBpeF4RTqO0TX3TTeWyNmj
JK2GhOvQmS1Uux/yu+C9Hl9qzF01Fm4zZdV00r60geurGIN11Jr+/4RMUxfmdPw6
HLPr4bRmDKtYPZU/44mRf+BsxihxKVazuxGAZBHcbnjJIZxIj8T8U99cGHS15u2r
DphZOyNcOL2xf5wnjKlas9FZMZkypHswTshtAaudAHYTXxr57/4qXumxau41NERy
obyWoE+dVZ1Llte3BckmAGeG8rXUMbMJqa8+3kQOOCheUll3OpVkMLNrVuP0kQp3
yd0wPsmm4Y4QQO3oQoXYLrFvzSRvoe7Ku/z4bLwNyWVFdpyZ4zeq+bh4uwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNDTAe/n/JxJ49NJXtBaV/4+yyQaMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvME5NQjctZjhuRW5qMDBsZTBGcFhfajdMSkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEASAdGRtamvtGnfAbBVMVB70gg
hlrwxQMT5x/4xKRG9lenNWQOfgDZrEknJ/zI0Z0hUEMJiZTiuvaH79Fl3tj0V/fP
dB88YagvW0kMBjSzbW+b0v6pACOZF9W+o7UXubiBU/3ScI/TCpuEowzEF0xOf5H0
mPA1Co8DRHVGM7/E4mkmvhJKPTcG2fincu65XWNIkYhceDAGZvNsrXE1t20EEC9y
Tq84qO5//dgSaCqAKP2mWs+nAEibpbt6y/ZgBtO6sn88nhIKf2Diwkt5xCRxVfSj
kUgwj1svN/A+umo+09cROSjSq8yzcKKoO/Rcgh5x6bGeZFJgmEqf3i7v+JUDPw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:27:11 2025 by rpki-client