Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/2w2ZvQmnL8uQDezJfkYVJIZm0TE.roa
File: 2w2ZvQmnL8uQDezJfkYVJIZm0TE.roa (raw, json)
Hash identifier: 0IZbnAeL9D3zHo7/fZsKulv+hMlIKxJaCDQvA3pxM74=
Subject key identifier: DB:0D:99:BD:09:A7:2F:CB:90:0D:EC:C9:7E:46:15:24:86:66:D1:31
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019700ED3444318C74C0A4DF2BCC42888974
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/2w2ZvQmnL8uQDezJfkYVJIZm0TE.roa
Signing time: Sat 24 May 2025 06:13:54 +0000
ROA not before: Sat 24 May 2025 06:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 24 May 2025 07:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:00:ed:34:44:31:8c:74:c0:a4:df:2b:cc:42:88:89:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 24 06:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db0d99bd09a72fcb900decc97e4615248666d131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:02:67:e2:42:98:8c:91:1e:9b:ce:ed:16:db:
fd:73:c7:f5:fb:82:cd:ac:d6:98:34:57:1f:af:d7:
14:bb:ac:f6:a3:75:b5:ed:63:db:3e:88:a6:0e:ee:
70:a0:68:f7:6d:56:b3:61:bd:91:b7:be:85:2d:94:
29:49:d9:ae:66:e2:36:7c:88:a4:94:6e:30:9d:10:
51:79:9b:be:0f:87:81:cc:2a:b0:c8:a9:e4:6b:2c:
aa:14:de:8e:26:88:0a:ad:ae:26:17:ec:a1:a5:f0:
0b:bd:d5:fe:38:e2:f8:30:af:84:3c:de:ba:9a:c6:
0e:7e:56:87:4b:09:5a:89:84:9b:ce:4b:8f:0b:fa:
c7:37:32:ed:6a:93:fb:21:9d:d8:fa:bc:26:f4:8e:
3d:c0:cc:4b:5b:9f:61:72:67:f5:a5:3c:24:71:09:
51:6e:e7:85:c8:fc:d0:f9:d0:e0:c0:95:ef:8e:bc:
df:b6:11:76:3e:ad:3a:c6:a5:a8:85:c8:c0:91:b9:
f4:c4:a0:71:82:d8:fc:3d:7f:cb:70:e7:fd:e4:29:
49:ee:7d:8d:47:27:77:29:a0:00:16:c5:96:2e:9f:
80:00:a9:0a:4c:be:ea:15:42:29:3a:67:cc:08:25:
dd:71:80:00:19:8b:ed:98:8b:51:fa:8b:c6:9c:6e:
4d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:0D:99:BD:09:A7:2F:CB:90:0D:EC:C9:7E:46:15:24:86:66:D1:31
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/2w2ZvQmnL8uQDezJfkYVJIZm0TE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
9b:83:cc:37:10:4a:03:04:ee:41:cf:9e:b7:f1:6b:37:df:72:
f9:f4:a2:0b:0e:c9:18:e5:22:85:db:52:11:d6:bb:96:5a:80:
20:08:13:31:04:bf:6b:de:43:b5:b9:45:93:8e:45:3a:ac:95:
6e:32:b4:58:c6:ae:b6:3f:37:14:27:7d:72:08:6c:e7:5e:04:
57:0b:bf:41:9b:59:d5:d1:4f:22:ad:3d:49:79:56:be:3a:6e:
f2:bf:9b:a0:eb:ab:62:2a:5d:c1:ff:d2:5d:d9:af:3b:67:b2:
16:d1:63:ab:ac:59:56:81:de:0d:7c:bd:91:fb:cf:57:61:3f:
dc:62:ea:c8:34:67:a2:b1:43:35:dd:58:7d:21:b4:f3:1f:a6:
46:4e:e6:af:af:12:f3:41:0c:9c:93:c5:b7:24:21:ce:26:9b:
a9:22:5a:d1:cd:bd:cd:20:c6:95:9b:ae:6f:ab:c5:c6:52:5c:
9d:ee:79:83:c2:fc:b4:9e:88:3f:97:c3:85:53:b0:91:8e:e9:
b9:bf:42:44:1c:83:97:df:fc:51:93:22:14:45:76:08:3b:2a:
4f:4a:65:3c:38:96:76:9e:4c:9a:58:d8:71:49:e8:9a:d2:e2:
92:8d:0d:eb:16:82:2a:c7:65:2b:a1:ba:f1:af:75:10:6c:3a:
39:4c:c8:29
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZcA7TREMYx0wKTfK8xCiIl0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI0MDYxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjBkOTliZDA5YTcyZmNiOTAwZGVjYzk3ZTQ2MTUyNDg2NjZkMTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAJn4kKYjJEem87tFtv9c8f1+4LN
rNaYNFcfr9cUu6z2o3W17WPbPoimDu5woGj3bVazYb2Rt76FLZQpSdmuZuI2fIik
lG4wnRBReZu+D4eBzCqwyKnkayyqFN6OJogKra4mF+yhpfALvdX+OOL4MK+EPN66
msYOflaHSwlaiYSbzkuPC/rHNzLtapP7IZ3Y+rwm9I49wMxLW59hcmf1pTwkcQlR
bueFyPzQ+dDgwJXvjrzfthF2Pq06xqWohcjAkbn0xKBxgtj8PX/LcOf95ClJ7n2N
Ryd3KaAAFsWWLp+AAKkKTL7qFUIpOmfMCCXdcYAAGYvtmItR+ovGnG5NVQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNsNmb0Jpy/LkA3syX5GFSSGZtExMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvMncyWnZRbW5MOHVRRGV6SmZrWVZKSVptMFRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAm4PMNxBKAwTuQc+et/FrN99y
+fSiCw7JGOUihdtSEda7llqAIAgTMQS/a95DtblFk45FOqyVbjK0WMautj83FCd9
cghs514EVwu/QZtZ1dFPIq09SXlWvjpu8r+boOurYipdwf/SXdmvO2eyFtFjq6xZ
VoHeDXy9kfvPV2E/3GLqyDRnorFDNd1YfSG08x+mRk7mr68S80EMnJPFtyQhziab
qSJa0c29zSDGlZuub6vFxlJcne55g8L8tJ6IP5fDhVOwkY7pub9CRByDl9/8UZMi
FEV2CDsqT0plPDiWdp5MmljYcUnomtLiko0N6xaCKsdlK6G68a91EGw6OUzIKQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:45:20 2025 by rpki-client