Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/1-Ugs0CmDY8F9wn_1PUj1cTCE6Ys.roa
File: 1-Ugs0CmDY8F9wn_1PUj1cTCE6Ys.roa (raw, json)
Hash identifier: PIsH31V5jS5Z501xOyXVcNx+m36M6nEAHVd8vntoO7w=
Subject key identifier: F9:48:2C:D0:29:83:63:C1:7D:C2:7F:F5:3D:48:F5:71:30:84:E9:8B
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01973622C7392A1C92A2BA9ED9F894F75C71
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/1-Ugs0CmDY8F9wn_1PUj1cTCE6Ys.roa
Signing time: Tue 03 Jun 2025 14:12:18 +0000
ROA not before: Tue 03 Jun 2025 14:12:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 03 Jun 2025 15:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:36:22:c7:39:2a:1c:92:a2:ba:9e:d9:f8:94:f7:5c:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 3 14:12:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9482cd0298363c17dc27ff53d48f5713084e98b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:21:a1:46:69:d2:c3:09:a9:b4:6d:2d:0b:41:
2f:dc:ac:eb:85:68:91:19:31:40:68:73:ee:d8:3c:
bd:ec:9a:7d:f9:51:39:b8:89:b4:78:d8:cf:23:2b:
88:83:32:1c:4a:d1:39:d7:df:75:c2:24:d8:c4:d7:
61:ac:be:8e:00:21:53:d2:b5:d1:f5:52:de:96:8b:
72:7d:34:eb:ac:38:02:21:26:ad:11:c6:fe:2b:64:
e4:29:5c:1d:d7:fa:09:6a:48:50:79:b4:5e:f9:fb:
6c:f4:ca:41:ce:39:bb:fe:25:06:59:e7:a7:b0:3e:
aa:f9:f9:2b:75:85:21:74:e5:8e:23:25:22:48:1e:
d8:80:60:eb:90:43:f6:69:ae:38:9d:2e:aa:e5:0e:
42:59:7c:28:30:3d:be:ff:f1:80:3e:ba:37:80:15:
79:ce:15:ce:00:08:2e:b5:f5:e5:22:0a:18:f1:df:
8f:14:f5:8b:dc:60:3b:65:63:6e:d3:35:a2:57:e6:
8e:1a:ea:77:2f:58:e7:3a:7a:5a:2c:1e:05:3a:ca:
1b:44:02:29:d9:e2:ac:6e:9b:96:50:1c:e3:96:21:
ff:fb:c2:e8:e5:ab:c9:a9:ef:67:18:e6:0f:36:70:
20:23:de:6e:57:5f:22:0f:ee:1d:70:c0:b2:30:e2:
68:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:48:2C:D0:29:83:63:C1:7D:C2:7F:F5:3D:48:F5:71:30:84:E9:8B
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/1-Ugs0CmDY8F9wn_1PUj1cTCE6Ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
94:5e:bb:44:22:fe:ca:fa:eb:7c:39:b2:7e:aa:7b:cf:ee:33:
22:e7:4d:64:52:e4:e3:e0:60:46:f1:80:e3:73:a1:15:f0:43:
a7:fe:ab:74:38:ec:25:1a:3f:36:86:5f:a6:56:34:38:ab:bc:
81:59:2c:00:c3:c0:09:69:4a:8f:2d:53:70:ec:f9:3f:7f:cf:
a1:4e:57:3f:ba:34:d4:0b:6e:cf:2c:6b:58:e3:06:7a:d2:14:
6f:f2:d1:04:ed:a3:a0:0a:13:38:f1:d0:45:7f:ba:ca:63:bd:
22:e4:76:34:e2:c3:6c:b3:5a:3e:05:fa:bd:68:a4:d8:12:e5:
cc:73:ed:1d:6d:f6:94:02:c8:67:8d:5d:b4:ed:ec:7d:ce:17:
ea:8e:12:bd:c4:6c:70:80:5c:4e:d7:99:5b:d0:bc:b7:a7:80:
86:43:e5:37:3a:23:34:f4:e8:6f:f1:2f:ad:38:7b:84:36:17:
50:cb:36:f1:a4:da:ab:d5:78:a2:5c:82:6c:90:77:ae:ea:c9:
aa:5b:7f:cf:af:7b:85:32:7b:79:1a:fe:63:dc:ed:06:ff:b5:
35:1b:75:6d:bc:41:83:ac:b0:9e:4a:56:fb:da:cc:8c:4a:d4:
eb:2a:13:7e:43:1f:b3:ec:b5:d4:a6:87:06:0e:59:b0:2d:e0:
c6:0c:d3:48
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZc2Isc5KhySorqe2fiU91xxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAzMTQxMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTQ4MmNkMDI5ODM2M2MxN2RjMjdmZjUzZDQ4ZjU3MTMwODRlOThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CGhRmnSwwmptG0tC0Ev3KzrhWiR
GTFAaHPu2Dy97Jp9+VE5uIm0eNjPIyuIgzIcStE51991wiTYxNdhrL6OACFT0rXR
9VLelotyfTTrrDgCISatEcb+K2TkKVwd1/oJakhQebRe+fts9MpBzjm7/iUGWeen
sD6q+fkrdYUhdOWOIyUiSB7YgGDrkEP2aa44nS6q5Q5CWXwoMD2+//GAPro3gBV5
zhXOAAgutfXlIgoY8d+PFPWL3GA7ZWNu0zWiV+aOGup3L1jnOnpaLB4FOsobRAIp
2eKsbpuWUBzjliH/+8Lo5avJqe9nGOYPNnAgI95uV18iD+4dcMCyMOJoywIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFPlILNApg2PBfcJ/9T1I9XEwhOmLMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvMS1VZ3MwQ21EWThGOXduXzFQVWoxY1RDRTZZcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvYzU2YTFlLTMyNmQtNGM2Ny1hMGIyLTkwZWI5NTEwOWQ4
OS8xL2VzMkJmeVdKUG4tSXNfT3YtcEZTeG0xclp3SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBlBggrBgEFBQcBBwEB/wRWMFQwUgQCAAIwTAMRACABBnwA
ZP//AAABlu1djCgDEQAgAQZ8AGT//wAAAZcQjpJ+AxEAIAEGfABk//8AAAGXFeti
JgMRACABBnwAZP//AAABlzU/vpEwDQYJKoZIhvcNAQELBQADggEBAJReu0Qi/sr6
63w5sn6qe8/uMyLnTWRS5OPgYEbxgONzoRXwQ6f+q3Q47CUaPzaGX6ZWNDirvIFZ
LADDwAlpSo8tU3Ds+T9/z6FOVz+6NNQLbs8sa1jjBnrSFG/y0QTto6AKEzjx0EV/
uspjvSLkdjTiw2yzWj4F+r1opNgS5cxz7R1t9pQCyGeNXbTt7H3OF+qOEr3EbHCA
XE7XmVvQvLengIZD5Tc6IzT06G/xL604e4Q2F1DLNvGk2qvVeKJcgmyQd67qyapb
f8+ve4Uye3ka/mPc7Qb/tTUbdW28QYOssJ5KVvvazIxK1OsqE35DH7PstdSmhwYO
WbAt4MYM00g=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:16:04 2025 by rpki-client