Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/1shvyQUrr5gT6xADoUPgb0yWBto.roa
File: 1shvyQUrr5gT6xADoUPgb0yWBto.roa (raw, json)
Hash identifier: xgJMWNxEPN0omQzIGciJmNLkiHLti8BdcWRS1iI40tM=
Subject key identifier: D6:C8:6F:C9:05:2B:AF:98:13:EB:10:03:A1:43:E0:6F:4C:96:06:DA
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196F3A058E8522C4FE5C755DAF37F4486B9
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/1shvyQUrr5gT6xADoUPgb0yWBto.roa
Signing time: Wed 21 May 2025 16:14:53 +0000
ROA not before: Wed 21 May 2025 16:14:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 21 May 2025 17:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f3:a0:58:e8:52:2c:4f:e5:c7:55:da:f3:7f:44:86:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 21 16:14:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6c86fc9052baf9813eb1003a143e06f4c9606da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ea:dd:a3:8f:f8:16:ee:ec:6f:81:d9:9f:2d:
9b:fe:dc:33:70:65:86:22:af:d1:25:93:5f:3a:9e:
5e:fe:45:ef:79:31:98:6d:af:2c:63:b9:9c:c8:21:
06:19:68:18:aa:84:1d:1a:88:e2:5d:23:1b:6b:d6:
7b:0c:3c:a2:97:54:6b:4f:05:29:62:9a:8d:d4:b6:
3c:43:9d:7e:41:b9:90:22:5d:26:e5:42:8f:d5:65:
02:a4:49:52:2b:48:1e:97:7f:cc:fd:71:98:55:f2:
30:9a:66:a7:2e:e7:32:3b:70:ca:a0:32:97:6d:37:
b6:c7:74:cb:d9:c0:8d:0f:e3:6a:13:82:c2:13:86:
2f:0e:61:16:ea:dc:0d:bd:fe:05:c2:41:51:22:78:
58:e1:c0:f7:16:63:ac:7e:17:ee:e6:a2:aa:8b:7b:
c9:0f:c4:03:3e:10:39:af:7a:31:7e:a9:8d:9f:7b:
8a:90:66:23:68:71:0c:2e:a5:84:51:86:e1:03:b4:
a9:6a:a6:5d:1f:15:18:f1:23:a2:c4:c1:0a:9f:db:
a6:97:9a:4e:2a:65:d1:ca:2a:b0:dc:b6:af:df:ec:
5d:66:5c:e5:96:02:32:c0:e7:14:18:49:fa:9b:74:
7d:dc:1e:c2:fc:2a:73:90:d6:50:cb:75:f2:ee:6f:
f5:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:C8:6F:C9:05:2B:AF:98:13:EB:10:03:A1:43:E0:6F:4C:96:06:DA
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/1shvyQUrr5gT6xADoUPgb0yWBto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
4b:49:24:64:39:62:64:78:04:28:71:ad:cd:5d:dc:91:50:73:
ba:c6:22:b3:6b:00:9e:29:62:f9:09:70:eb:1e:2b:2b:1f:ff:
76:33:87:20:9b:4d:f9:8d:75:87:0a:ef:77:62:70:05:43:65:
d8:2a:7a:78:a3:71:05:ed:ab:de:c5:0b:44:fd:c2:c1:e7:5a:
49:46:83:b5:03:90:2b:09:95:52:fe:e8:2d:70:32:0e:3d:48:
51:ab:e9:04:db:20:37:27:2c:49:c9:ad:be:b3:2d:9f:22:47:
52:d1:b6:f2:45:3b:31:55:80:af:0e:d4:cf:c4:8e:5b:e2:e3:
db:41:c4:a9:e4:2c:c9:4b:dc:17:34:03:85:95:4e:f5:6d:55:
22:f6:ad:03:61:f5:de:e5:8f:e6:f8:94:6c:11:d0:4b:9c:52:
ea:0c:e1:e8:08:8d:5c:7a:6e:a4:bb:fd:d2:df:63:dd:9f:c7:
3d:62:73:5d:5a:37:9c:39:da:77:0a:8c:39:d6:52:ca:3f:a8:
9e:8c:4c:27:fd:14:f5:f7:34:0e:0c:4c:dc:87:8b:a7:5e:ab:
ed:73:0f:14:0d:45:b5:2c:a0:76:05:cb:cf:b2:da:04:f0:85:
e5:90:e1:2c:d3:da:f4:14:7d:1e:e6:07:5b:aa:59:43:fb:51:
74:98:c2:31
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbzoFjoUixP5cdV2vN/RIa5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIxMTYxNDUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmM4NmZjOTA1MmJhZjk4MTNlYjEwMDNhMTQzZTA2ZjRjOTYwNmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+rdo4/4Fu7sb4HZny2b/twzcGWG
Iq/RJZNfOp5e/kXveTGYba8sY7mcyCEGGWgYqoQdGojiXSMba9Z7DDyil1RrTwUp
YpqN1LY8Q51+QbmQIl0m5UKP1WUCpElSK0gel3/M/XGYVfIwmmanLucyO3DKoDKX
bTe2x3TL2cCND+NqE4LCE4YvDmEW6twNvf4FwkFRInhY4cD3FmOsfhfu5qKqi3vJ
D8QDPhA5r3oxfqmNn3uKkGYjaHEMLqWEUYbhA7SpaqZdHxUY8SOixMEKn9uml5pO
KmXRyiqw3Lav3+xdZlzllgIywOcUGEn6m3R93B7C/CpzkNZQy3Xy7m/1mQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNbIb8kFK6+YE+sQA6FD4G9MlgbaMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvMXNodnlRVXJyNWdUNnhBRG9VUGdiMHlXQnRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAS0kkZDliZHgEKHGtzV3ckVBz
usYis2sAnili+Qlw6x4rKx//djOHIJtN+Y11hwrvd2JwBUNl2Cp6eKNxBe2r3sUL
RP3CwedaSUaDtQOQKwmVUv7oLXAyDj1IUavpBNsgNycsScmtvrMtnyJHUtG28kU7
MVWArw7Uz8SOW+Lj20HEqeQsyUvcFzQDhZVO9W1VIvatA2H13uWP5viUbBHQS5xS
6gzh6AiNXHpupLv90t9j3Z/HPWJzXVo3nDnadwqMOdZSyj+onoxMJ/0U9fc0DgxM
3IeLp16r7XMPFA1FtSygdgXLz7LaBPCF5ZDhLNPa9BR9HuYHW6pZQ/tRdJjCMQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:24:30 2025 by rpki-client