Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/1FM2FK-oyyZAzE0hMiLpBStmqDE.roa
File: 1FM2FK-oyyZAzE0hMiLpBStmqDE.roa (raw, json)
Hash identifier: 4yEnkHBwDXbPIV+xLGLfAobjyt7WGX3WWjqCgwe/sOo=
Subject key identifier: D4:53:36:14:AF:A8:CB:26:40:CC:4D:21:32:22:E9:05:2B:66:A8:31
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01973321BA1BA22B6F15F3EB08AD8899AECC
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/1FM2FK-oyyZAzE0hMiLpBStmqDE.roa
Signing time: Tue 03 Jun 2025 00:12:17 +0000
ROA not before: Tue 03 Jun 2025 00:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 03 Jun 2025 01:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:33:21:ba:1b:a2:2b:6f:15:f3:eb:08:ad:88:99:ae:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 3 00:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4533614afa8cb2640cc4d213222e9052b66a831
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f4:64:5e:64:76:49:df:8e:f0:51:3e:76:10:
dd:59:a4:dc:ba:b7:70:c4:fb:9a:d1:10:fa:e4:03:
e9:d7:32:11:a1:18:22:01:43:f6:bc:fa:bd:39:54:
93:ed:b8:66:3b:c2:4b:a1:05:d3:f5:ef:1c:9e:30:
5c:08:a9:d1:d6:81:c1:f7:c3:1f:e0:e7:dc:9d:93:
4f:ff:1a:e6:de:cd:60:4b:de:1d:44:31:88:50:a0:
95:b7:18:9b:af:65:7e:7d:ce:df:ef:ff:df:ee:42:
80:71:42:23:56:b0:6f:d1:06:88:88:43:c5:0e:53:
7c:9c:7d:ea:d6:4d:ca:b0:7d:1c:8d:63:c9:dd:21:
20:4c:51:f6:e5:57:59:00:a8:9f:fa:8a:d3:bb:65:
75:97:41:54:33:b0:11:f7:8e:42:d3:05:d2:8e:af:
78:62:2b:a4:a0:72:57:f2:9b:2c:07:eb:f5:d2:4c:
51:d9:83:76:f1:b8:66:05:07:1a:5c:e7:04:9e:87:
bc:18:9d:9d:b1:4d:d0:c7:54:88:31:5e:f3:9c:65:
82:82:b6:58:33:f9:54:32:4e:da:b6:4a:04:c0:3a:
e3:a6:dc:36:41:5a:10:6c:66:d2:65:f8:7f:78:da:
9f:8c:a4:40:94:22:8b:4b:49:cc:4c:5b:8a:a9:b9:
a7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:53:36:14:AF:A8:CB:26:40:CC:4D:21:32:22:E9:05:2B:66:A8:31
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/1FM2FK-oyyZAzE0hMiLpBStmqDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
6e:a2:29:92:89:0f:36:5a:a9:85:35:51:6d:d8:8e:d3:f6:25:
04:21:e5:04:fb:dc:7e:10:bc:2f:5a:f0:a4:a2:ee:ff:ad:70:
c7:db:23:28:02:a8:da:1e:9c:86:61:04:3f:03:13:de:95:65:
e4:84:90:3e:f2:75:ca:ab:9b:9f:57:b0:e8:0d:fd:85:56:14:
d2:3a:7a:db:6b:9d:c3:89:a0:48:72:70:bf:47:a6:35:2a:47:
1e:98:18:c9:07:e3:ec:51:a0:45:ab:9c:90:8c:eb:d8:78:5b:
06:95:3e:a5:73:c1:ba:60:9b:61:96:a7:fa:02:e2:d7:4d:32:
94:49:c4:97:73:dc:b2:b2:bf:82:85:f0:eb:48:06:2f:7c:06:
0a:97:5e:c2:a3:45:8b:4b:02:84:7f:5f:76:28:30:ee:33:3d:
3b:93:0a:9b:2b:99:63:f7:4e:bd:17:ae:cf:b0:d0:87:ef:47:
5e:92:05:c6:66:6f:19:c8:ea:f4:bd:38:59:44:01:bd:d3:63:
12:4f:e9:4a:46:fb:4a:a5:8c:1e:19:18:c9:b2:47:68:32:67:
63:81:31:e3:82:b5:8d:3c:a7:d6:4f:66:68:72:f0:be:a4:07:
31:01:b3:26:e8:0b:03:80:e9:57:09:32:d2:85:dc:81:56:92:
23:bf:07:ca
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZczIboboitvFfPrCK2Ima7MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAzMDAxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDUzMzYxNGFmYThjYjI2NDBjYzRkMjEzMjIyZTkwNTJiNjZhODMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvRkXmR2Sd+O8FE+dhDdWaTcurdw
xPua0RD65APp1zIRoRgiAUP2vPq9OVST7bhmO8JLoQXT9e8cnjBcCKnR1oHB98Mf
4OfcnZNP/xrm3s1gS94dRDGIUKCVtxibr2V+fc7f7//f7kKAcUIjVrBv0QaIiEPF
DlN8nH3q1k3KsH0cjWPJ3SEgTFH25VdZAKif+orTu2V1l0FUM7AR945C0wXSjq94
YiukoHJX8pssB+v10kxR2YN28bhmBQcaXOcEnoe8GJ2dsU3Qx1SIMV7znGWCgrZY
M/lUMk7atkoEwDrjptw2QVoQbGbSZfh/eNqfjKRAlCKLS0nMTFuKqbmnTQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFNRTNhSvqMsmQMxNITIi6QUrZqgxMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvMUZNMkZLLW95eVpBekUwaE1pTHBCU3RtcURFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQBuoimSiQ82WqmFNVFt2I7T9iUEIeUE+9x+ELwv
WvCkou7/rXDH2yMoAqjaHpyGYQQ/AxPelWXkhJA+8nXKq5ufV7DoDf2FVhTSOnrb
a53DiaBIcnC/R6Y1KkcemBjJB+PsUaBFq5yQjOvYeFsGlT6lc8G6YJthlqf6AuLX
TTKUScSXc9yysr+ChfDrSAYvfAYKl17Co0WLSwKEf192KDDuMz07kwqbK5lj9069
F67PsNCH70dekgXGZm8ZyOr0vThZRAG902MST+lKRvtKpYweGRjJskdoMmdjgTHj
grWNPKfWT2ZocvC+pAcxAbMm6AsDgOlXCTLShdyBVpIjvwfK
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:00:54 2025 by rpki-client