Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/2mXQVMAAOy1v8237hE16reHKm1k.roa
File: 2mXQVMAAOy1v8237hE16reHKm1k.roa (raw, json)
Hash identifier: 5D7l62X5GJFr2zHOot3aF9fRpB6Pc/sUdGRqg686G5M=
Subject key identifier: DA:65:D0:54:C0:00:3B:2D:6F:F3:6D:FB:84:4D:7A:AD:E1:CA:9B:59
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197056EC489E1740F9199743F34E699C934
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/2mXQVMAAOy1v8237hE16reHKm1k.roa
Signing time: Sun 25 May 2025 03:13:54 +0000
ROA not before: Sun 25 May 2025 03:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 25 May 2025 04:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:05:6e:c4:89:e1:74:0f:91:99:74:3f:34:e6:99:c9:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 25 03:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da65d054c0003b2d6ff36dfb844d7aade1ca9b59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:57:b5:2a:38:11:79:2f:ac:60:7e:8a:03:81:
60:3e:35:b3:4b:f1:e5:8b:3c:aa:7d:28:50:05:0d:
17:19:cc:11:ef:90:06:94:a7:b9:9b:06:83:65:e0:
23:d1:fc:d4:a1:a9:a3:13:92:5d:34:a4:54:f5:d6:
93:78:80:27:e2:02:f0:f6:92:f0:9f:3a:bf:29:5c:
34:78:fb:84:38:c1:02:e3:54:19:0b:ab:b0:3f:17:
0a:e7:37:b2:6f:04:11:70:20:a3:c9:dc:91:4c:25:
01:33:a5:1b:e5:aa:99:10:e1:8b:83:8a:27:00:19:
e5:f5:6e:8e:f2:40:d6:2b:98:c7:3f:5f:5f:4f:74:
d8:e6:52:e3:1f:32:70:db:ca:32:aa:3a:22:10:23:
68:1b:23:fa:9c:68:79:41:98:d1:d0:92:9c:91:ff:
ff:b2:8e:ec:c7:1b:64:e5:e2:2a:3a:14:41:18:a2:
69:40:1c:d4:2a:e7:fe:88:29:df:da:b7:d5:37:c1:
60:9c:4a:4f:e9:fb:cd:ee:62:52:31:f3:1b:2f:03:
25:c0:43:70:e2:8e:51:c3:49:19:a4:91:65:ff:05:
cd:46:82:a0:1e:32:b9:91:ef:5e:17:ac:93:73:e4:
09:c6:28:8a:90:5c:98:2c:f5:ab:fe:98:51:e9:40:
15:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:65:D0:54:C0:00:3B:2D:6F:F3:6D:FB:84:4D:7A:AD:E1:CA:9B:59
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/2mXQVMAAOy1v8237hE16reHKm1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
3b:a8:87:25:cf:2f:13:92:f6:d6:e9:19:9b:27:b9:56:1b:e0:
53:6c:06:86:f7:d2:e9:4b:54:37:eb:a6:1b:de:c3:65:63:c8:
f8:5b:35:46:2b:37:13:6c:ad:5d:f2:39:57:39:c9:4b:6c:ae:
6a:d6:74:6b:ed:70:c7:45:af:75:6e:f0:ce:d3:ad:9d:36:09:
46:ad:d3:cc:f8:fc:e9:fd:2f:40:c7:aa:ee:ca:8d:5f:85:de:
6d:c7:07:06:2c:6e:05:cb:5d:d8:25:6f:45:42:0a:93:80:0c:
22:3d:83:88:83:cd:0b:34:38:45:66:e8:7d:79:6b:93:01:b9:
6d:94:12:30:56:89:56:7e:9f:26:24:9e:c5:07:4f:f2:51:dd:
59:f3:c6:0d:83:ec:cb:55:56:e2:d4:14:4c:07:19:12:bf:5a:
83:86:c0:82:f6:b3:01:83:0d:48:72:cb:64:da:aa:78:85:72:
53:1b:dc:29:70:17:77:5d:65:45:0e:02:49:4d:19:d0:df:3d:
96:32:e4:d1:18:e2:6e:d0:6c:ec:cb:55:d2:e0:59:b2:a5:d6:
93:bf:f5:4e:e6:6d:a3:a2:8a:41:33:7f:4d:fe:6b:b5:d1:3d:
97:9b:4a:cc:9e:8e:e6:98:bd:e3:62:82:ab:74:8d:76:49:7e:
5d:78:0c:ee
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZcFbsSJ4XQPkZl0PzTmmck0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI1MDMxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTY1ZDA1NGMwMDAzYjJkNmZmMzZkZmI4NDRkN2FhZGUxY2E5YjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFe1KjgReS+sYH6KA4FgPjWzS/Hl
izyqfShQBQ0XGcwR75AGlKe5mwaDZeAj0fzUoamjE5JdNKRU9daTeIAn4gLw9pLw
nzq/KVw0ePuEOMEC41QZC6uwPxcK5zeybwQRcCCjydyRTCUBM6Ub5aqZEOGLg4on
ABnl9W6O8kDWK5jHP19fT3TY5lLjHzJw28oyqjoiECNoGyP6nGh5QZjR0JKckf//
so7sxxtk5eIqOhRBGKJpQBzUKuf+iCnf2rfVN8FgnEpP6fvN7mJSMfMbLwMlwENw
4o5Rw0kZpJFl/wXNRoKgHjK5ke9eF6yTc+QJxiiKkFyYLPWr/phR6UAVWQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNpl0FTAADstb/Nt+4RNeq3hyptZMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvMm1YUVZNQUFPeTF2ODIzN2hFMTZyZUhLbTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAO6iHJc8vE5L21ukZmye5Vhvg
U2wGhvfS6UtUN+umG97DZWPI+Fs1Ris3E2ytXfI5VznJS2yuatZ0a+1wx0WvdW7w
ztOtnTYJRq3TzPj86f0vQMeq7sqNX4XebccHBixuBctd2CVvRUIKk4AMIj2DiIPN
CzQ4RWbofXlrkwG5bZQSMFaJVn6fJiSexQdP8lHdWfPGDYPsy1VW4tQUTAcZEr9a
g4bAgvazAYMNSHLLZNqqeIVyUxvcKXAXd11lRQ4CSU0Z0N89ljLk0RjibtBs7MtV
0uBZsqXWk7/1TuZto6KKQTN/Tf5rtdE9l5tKzJ6O5pi942KCq3SNdkl+XXgM7g==
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:58:50 2025 by rpki-client