Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/2jNSEjAMF9mdBqa0Fb9yIUmaNc4.roa
File: 2jNSEjAMF9mdBqa0Fb9yIUmaNc4.roa (raw, json)
Hash identifier: znbBZ4Z36JTyYx+oaO76zlgKT4ldsKb+zUakY/On/ag=
Subject key identifier: DA:33:52:12:30:0C:17:D9:9D:06:A6:B4:15:BF:72:21:49:9A:35:CE
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196ED5EA6A1F3B726CF5F19A4633949BB43
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/2jNSEjAMF9mdBqa0Fb9yIUmaNc4.roa
Signing time: Tue 20 May 2025 11:05:25 +0000
ROA not before: Tue 20 May 2025 11:05:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 20 May 2025 12:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:5e:a6:a1:f3:b7:26:cf:5f:19:a4:63:39:49:bb:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 20 11:05:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da335212300c17d99d06a6b415bf7221499a35ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ae:33:e6:f0:e5:46:d6:4a:57:44:c0:02:da:
56:76:3d:7e:37:35:b8:5a:1d:5c:f8:9a:cb:e7:55:
fd:e6:d6:6b:81:3e:bd:93:61:7c:28:d6:15:3e:ba:
3c:cb:73:f7:cc:0f:bf:e1:d9:cd:d6:28:86:80:45:
6b:23:22:d2:86:69:e1:83:14:35:67:ec:1d:f8:9f:
c7:41:c8:a7:5c:a5:a6:7b:30:e0:dd:e1:4b:e0:d8:
ab:c5:fd:70:16:44:6d:a8:ea:06:2a:a0:89:35:17:
c8:df:18:1b:b3:84:ab:57:8a:0b:91:bd:aa:66:2b:
7b:49:ad:2c:ae:de:1c:0e:1d:c0:5f:7c:f5:2e:7c:
43:47:38:4a:22:25:35:5f:de:e5:96:20:7a:26:f8:
ca:61:4e:73:b3:2d:d0:f5:9c:2a:ba:fe:ef:64:e4:
11:41:98:70:12:a0:a1:e2:ff:41:d0:1d:fc:28:d3:
f2:ca:12:f4:4b:fe:43:95:82:8b:33:b2:f4:8e:5d:
f1:e2:9b:a7:a7:08:8e:3f:c7:be:7c:46:41:5c:04:
4e:1a:84:af:24:fb:9d:54:5e:7a:87:a9:03:02:11:
84:b3:0a:18:d6:6d:6c:ec:0c:5c:7c:76:80:3e:b0:
d5:2a:2e:0e:dc:4a:d6:40:6c:77:09:2c:f2:50:3d:
32:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:33:52:12:30:0C:17:D9:9D:06:A6:B4:15:BF:72:21:49:9A:35:CE
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/2jNSEjAMF9mdBqa0Fb9yIUmaNc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
1f:c6:5c:46:0b:bf:d2:75:87:32:26:2e:0f:11:55:55:04:0b:
fa:c2:87:52:77:6f:a6:a9:c8:b6:a3:8d:d5:a8:97:d1:80:65:
e3:f5:4b:17:53:c0:de:cc:b0:4c:3f:63:c2:5a:3b:4c:eb:6a:
d7:29:ed:0d:79:5e:8d:97:d2:4a:0e:67:a8:b3:cb:d3:95:da:
40:b3:30:4c:03:ff:16:3b:00:e9:97:d0:04:44:1d:fd:34:43:
bc:ef:ba:de:cb:e4:4b:66:15:8c:c9:ca:61:fe:31:22:20:6d:
05:d7:e9:85:15:17:5e:05:65:8c:9b:06:7e:7a:bb:26:d0:6a:
e0:fd:31:be:01:ad:99:57:fa:d1:83:1b:b3:52:86:7b:90:6d:
54:a4:fb:26:6f:e6:55:a5:75:88:4b:16:e9:e5:5d:1a:95:c1:
ee:a3:5b:a3:8c:fa:bb:c5:f2:39:ce:d3:b1:cc:c2:9e:b8:58:
7b:17:47:06:cf:11:06:78:79:91:b4:e0:b5:6f:ac:0b:a0:18:
41:d9:63:7b:75:a0:7e:8f:54:44:ce:58:21:61:69:42:11:2d:
63:de:ba:e3:f1:40:e6:ce:b9:b5:1c:d5:74:60:52:54:fa:2b:
2c:4b:5d:a6:dd:c8:4c:2b:e3:e7:36:c2:13:12:26:8a:1c:a5:
fa:e6:2c:ef
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbtXqah87cmz18ZpGM5SbtDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIwMTEwNTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTMzNTIxMjMwMGMxN2Q5OWQwNmE2YjQxNWJmNzIyMTQ5OWEzNWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4K4z5vDlRtZKV0TAAtpWdj1+NzW4
Wh1c+JrL51X95tZrgT69k2F8KNYVPro8y3P3zA+/4dnN1iiGgEVrIyLShmnhgxQ1
Z+wd+J/HQcinXKWmezDg3eFL4Nirxf1wFkRtqOoGKqCJNRfI3xgbs4SrV4oLkb2q
Zit7Sa0srt4cDh3AX3z1LnxDRzhKIiU1X97lliB6JvjKYU5zsy3Q9Zwquv7vZOQR
QZhwEqCh4v9B0B38KNPyyhL0S/5DlYKLM7L0jl3x4punpwiOP8e+fEZBXAROGoSv
JPudVF56h6kDAhGEswoY1m1s7AxcfHaAPrDVKi4O3ErWQGx3CSzyUD0ysQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNozUhIwDBfZnQamtBW/ciFJmjXOMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvMmpOU0VqQU1GOW1kQnFhMEZiOXlJVW1hTmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAH8ZcRgu/0nWHMiYuDxFVVQQL
+sKHUndvpqnItqON1aiX0YBl4/VLF1PA3sywTD9jwlo7TOtq1yntDXlejZfSSg5n
qLPL05XaQLMwTAP/FjsA6ZfQBEQd/TRDvO+63svkS2YVjMnKYf4xIiBtBdfphRUX
XgVljJsGfnq7JtBq4P0xvgGtmVf60YMbs1KGe5BtVKT7Jm/mVaV1iEsW6eVdGpXB
7qNbo4z6u8XyOc7TsczCnrhYexdHBs8RBnh5kbTgtW+sC6AYQdlje3Wgfo9URM5Y
IWFpQhEtY9664/FA5s65tRzVdGBSVPorLEtdpt3ITCvj5zbCExImihyl+uYs7w==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:42:56 2025 by rpki-client