Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/2H7-llN-zzUbq4cO9QwHhSoPBKM.roa
File: 2H7-llN-zzUbq4cO9QwHhSoPBKM.roa (raw, json)
Hash identifier: +ZQktH2jLnx1jCYkDlKdrrhSuMVyaCg1zigMgLq0dp8=
Subject key identifier: D8:7E:FE:96:53:7E:CF:35:1B:AB:87:0E:F5:0C:07:85:2A:0F:04:A3
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01972DC415CCC3E677972C71D51E3E465C85
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/2H7-llN-zzUbq4cO9QwHhSoPBKM.roa
Signing time: Sun 01 Jun 2025 23:11:54 +0000
ROA not before: Sun 01 Jun 2025 23:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 02 Jun 2025 00:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2d:c4:15:cc:c3:e6:77:97:2c:71:d5:1e:3e:46:5c:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 1 23:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d87efe96537ecf351bab870ef50c07852a0f04a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:4e:45:98:7e:53:8a:d9:dd:de:9e:78:6e:45:
f4:85:53:3f:6c:bd:3e:55:57:58:37:d6:d0:03:07:
9d:9d:71:f5:79:19:c0:ae:94:e7:fa:ce:81:b5:31:
d3:9f:30:da:af:7e:f3:5b:c9:ff:ce:38:fb:85:b3:
91:cb:36:69:ec:98:a6:08:0b:0f:c6:e7:c7:0b:56:
f6:b0:ab:d3:db:ea:40:b9:d1:9e:e0:7f:e5:8e:1d:
dd:5d:e5:db:6e:d3:bc:19:64:2b:8d:48:3f:f5:d5:
14:e3:ed:78:0a:f6:3d:a3:aa:87:9b:5b:07:c5:32:
4f:0b:b3:9d:69:16:38:21:8b:fc:88:02:a0:c1:9d:
f8:1f:56:6f:69:a8:15:0f:73:2c:01:ff:3d:b6:19:
1c:3d:59:88:43:6a:bc:72:96:7e:fe:64:df:ce:17:
ef:da:a2:8f:12:e7:e6:2b:89:4b:89:bf:a4:3b:e0:
51:c4:de:63:b7:b5:95:da:13:24:b0:62:1e:57:16:
8d:09:85:93:09:a0:2c:6c:38:45:d9:82:93:28:47:
c3:6b:66:1a:0d:a2:ec:ab:69:78:5c:0e:85:35:df:
6e:11:6f:a5:60:51:4a:a8:29:54:66:ca:a6:cf:10:
03:60:e8:79:9a:a2:7f:8b:3f:57:71:8b:6a:c0:e9:
bc:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:7E:FE:96:53:7E:CF:35:1B:AB:87:0E:F5:0C:07:85:2A:0F:04:A3
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/2H7-llN-zzUbq4cO9QwHhSoPBKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
19:15:a0:df:ed:1e:00:46:ea:ad:a2:54:f0:b8:4e:cf:64:0d:
c9:6e:dc:04:1a:87:33:68:26:03:a0:8b:9f:42:02:9e:84:00:
e5:18:18:66:56:10:22:2d:f9:3a:ed:57:70:39:28:d8:59:44:
b7:2f:2c:ac:e2:9a:c4:51:66:de:df:d8:27:39:a0:5e:9a:bb:
af:5f:95:2d:99:f8:e4:89:94:cd:3a:68:8a:e9:93:5f:f7:3f:
6c:26:70:dc:2a:36:70:e5:bd:60:77:e6:0e:73:e4:83:f3:69:
91:a4:3f:ef:43:f4:05:12:1b:da:49:91:57:a6:56:fd:5a:4f:
e3:2b:15:8b:79:30:e4:c0:ae:fb:bb:67:f0:38:12:40:58:77:
96:c8:1d:f5:fe:f2:a8:9d:c6:4c:8f:54:df:71:77:88:43:ea:
f2:4a:20:ea:9c:fd:d0:04:a9:2d:6e:f8:12:75:ea:7f:d8:93:
2d:ea:a2:8c:c5:04:f4:fa:7a:e4:ce:cf:5d:68:63:0b:7f:f1:
cf:31:e9:d4:55:1a:b2:37:69:48:e5:93:f2:bf:97:f5:a3:b8:
14:96:3c:41:b1:f1:3b:45:86:e4:20:27:a2:4a:e9:61:66:86:
0b:86:56:05:b8:22:ce:fd:ee:d9:21:a0:8f:6c:64:01:17:07:
71:37:4c:7b
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZctxBXMw+Z3lyxx1R4+RlyFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAxMjMxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODdlZmU5NjUzN2VjZjM1MWJhYjg3MGVmNTBjMDc4NTJhMGYwNGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7E5FmH5Titnd3p54bkX0hVM/bL0+
VVdYN9bQAwednXH1eRnArpTn+s6BtTHTnzDar37zW8n/zjj7hbORyzZp7JimCAsP
xufHC1b2sKvT2+pAudGe4H/ljh3dXeXbbtO8GWQrjUg/9dUU4+14CvY9o6qHm1sH
xTJPC7OdaRY4IYv8iAKgwZ34H1ZvaagVD3MsAf89thkcPVmIQ2q8cpZ+/mTfzhfv
2qKPEufmK4lLib+kO+BRxN5jt7WV2hMksGIeVxaNCYWTCaAsbDhF2YKTKEfDa2Ya
DaLsq2l4XA6FNd9uEW+lYFFKqClUZsqmzxADYOh5mqJ/iz9XcYtqwOm8TwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFNh+/pZTfs81G6uHDvUMB4UqDwSjMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvMkg3LWxsTi16elVicTRjTzlRd0hoU29QQktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQAZFaDf7R4ARuqtolTwuE7PZA3JbtwEGoczaCYD
oIufQgKehADlGBhmVhAiLfk67VdwOSjYWUS3Lyys4prEUWbe39gnOaBemruvX5Ut
mfjkiZTNOmiK6ZNf9z9sJnDcKjZw5b1gd+YOc+SD82mRpD/vQ/QFEhvaSZFXplb9
Wk/jKxWLeTDkwK77u2fwOBJAWHeWyB31/vKoncZMj1TfcXeIQ+rySiDqnP3QBKkt
bvgSdep/2JMt6qKMxQT0+nrkzs9daGMLf/HPMenUVRqyN2lI5ZPyv5f1o7gUljxB
sfE7RYbkICeiSulhZoYLhlYFuCLO/e7ZIaCPbGQBFwdxN0x7
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:45:23 2025 by rpki-client