Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/34YFlviJvYgJW84BV_nCdo20Rxc.roa
File: 34YFlviJvYgJW84BV_nCdo20Rxc.roa (raw, json)
Hash identifier: sOTslDp2bk10FMEoqvg3mQunFhzF9eQypch1P6YFda0=
Subject key identifier: DF:86:05:96:F8:89:BD:88:09:5B:CE:01:57:F9:C2:76:8D:B4:47:17
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019746AD154D3BFDEDD89BB9E1D60B3D9E8A
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/34YFlviJvYgJW84BV_nCdo20Rxc.roa
Signing time: Fri 06 Jun 2025 19:17:17 +0000
ROA not before: Fri 06 Jun 2025 19:17:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 06 Jun 2025 20:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:46:ad:15:4d:3b:fd:ed:d8:9b:b9:e1:d6:0b:3d:9e:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 6 19:17:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df860596f889bd88095bce0157f9c2768db44717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9c:bd:30:c2:33:86:90:b7:c5:89:8d:a5:43:
91:e8:b6:b7:2f:62:4b:66:67:b5:7f:40:3e:53:f9:
b9:61:f0:43:f9:30:c3:ef:16:91:19:dc:4b:82:be:
dc:e3:fd:a2:01:9a:cc:a2:62:58:b7:f3:af:b7:8b:
43:a3:df:f8:67:f3:b2:bc:00:59:ae:fe:75:dd:7c:
99:b6:87:2b:86:48:c3:6f:c3:60:76:06:60:7f:6a:
88:6a:75:96:83:9f:39:3a:5c:97:14:ae:e2:de:14:
29:92:b3:a5:e1:8b:63:27:c3:cf:40:fe:4b:23:a1:
89:08:0a:61:5b:2f:ad:3a:5c:28:7b:48:36:e5:d0:
be:18:bf:5d:00:ad:37:6c:4e:f6:b1:bf:ba:2d:b9:
d2:85:74:e2:a5:20:e7:0f:d4:d0:88:69:5e:44:e2:
33:39:17:07:af:a7:97:0e:b2:a9:5b:97:34:2a:66:
f7:fe:cf:c7:8d:9e:35:cd:03:0d:30:d0:b1:65:1d:
00:91:6e:f9:b1:ab:a8:69:51:0e:da:0c:35:3a:78:
e6:1e:19:32:64:2c:4d:bc:2e:4b:b6:b7:20:bd:06:
4c:32:f8:4f:d4:57:66:1b:f4:8b:c3:42:a4:75:c2:
14:9d:9d:48:8b:3e:50:c5:26:ae:92:ea:cc:bd:c7:
d7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:86:05:96:F8:89:BD:88:09:5B:CE:01:57:F9:C2:76:8D:B4:47:17
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/34YFlviJvYgJW84BV_nCdo20Rxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
b7:42:a3:76:1e:58:97:04:e8:16:09:04:18:fc:09:9c:14:a5:
2e:50:d6:fc:53:4c:6a:28:c2:e9:02:a6:e4:ff:c5:89:40:51:
65:2f:e5:6d:81:5e:ef:56:f1:7c:a2:76:77:60:09:18:fa:7d:
bb:92:51:6e:04:8b:86:d5:c0:bf:be:0c:34:a6:80:e6:e7:00:
c1:81:b9:33:18:43:28:c5:d6:35:9c:c5:93:4c:d7:d5:c5:3b:
42:04:4f:a9:21:ea:69:be:04:b1:0f:6f:c7:f0:dd:8f:17:06:
4e:77:93:65:79:01:3a:26:a7:a9:51:b9:d3:64:fa:8f:9c:80:
d1:67:dc:d6:87:02:ba:14:81:84:bf:d7:66:7b:b0:96:6d:f6:
84:94:6a:66:a2:60:3e:27:61:60:c1:ae:dd:7f:95:23:b9:b0:
a4:8a:9b:2d:ba:59:39:47:20:6e:f8:2d:5f:e1:35:7f:2e:fa:
7f:8d:89:a3:41:58:f8:86:71:56:05:7c:a5:2a:ec:b1:ad:85:
32:f6:70:dd:c2:62:8c:8a:4c:ca:57:39:91:87:50:88:2a:09:
63:78:cf:d0:65:45:a9:cf:4c:36:f8:61:49:03:f9:6a:e9:21:
88:e8:34:99:72:46:bc:29:5f:81:cf:4d:a5:19:5d:7b:e5:38:
9d:05:15:b4
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZdGrRVNO/3t2Ju54dYLPZ6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA2MTkxNzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjg2MDU5NmY4ODliZDg4MDk1YmNlMDE1N2Y5YzI3NjhkYjQ0NzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpy9MMIzhpC3xYmNpUOR6La3L2JL
Zme1f0A+U/m5YfBD+TDD7xaRGdxLgr7c4/2iAZrMomJYt/Ovt4tDo9/4Z/OyvABZ
rv513XyZtocrhkjDb8NgdgZgf2qIanWWg585OlyXFK7i3hQpkrOl4YtjJ8PPQP5L
I6GJCAphWy+tOlwoe0g25dC+GL9dAK03bE72sb+6LbnShXTipSDnD9TQiGleROIz
ORcHr6eXDrKpW5c0Kmb3/s/HjZ41zQMNMNCxZR0AkW75sauoaVEO2gw1OnjmHhky
ZCxNvC5LtrcgvQZMMvhP1FdmG/SLw0KkdcIUnZ1Iiz5QxSaukurMvcfXRwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFN+GBZb4ib2ICVvOAVf5wnaNtEcXMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvMzRZRmx2aUp2WWdKVzg0QlZfbkNkbzIwUnhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAt0Kjdh5YlwTo
FgkEGPwJnBSlLlDW/FNMaijC6QKm5P/FiUBRZS/lbYFe71bxfKJ2d2AJGPp9u5JR
bgSLhtXAv74MNKaA5ucAwYG5MxhDKMXWNZzFk0zX1cU7QgRPqSHqab4EsQ9vx/Dd
jxcGTneTZXkBOianqVG502T6j5yA0Wfc1ocCuhSBhL/XZnuwlm32hJRqZqJgPidh
YMGu3X+VI7mwpIqbLbpZOUcgbvgtX+E1fy76f42Jo0FY+IZxVgV8pSrssa2FMvZw
3cJijIpMylc5kYdQiCoJY3jP0GVFqc9MNvhhSQP5aukhiOg0mXJGvClfgc9NpRld
e+U4nQUVtA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:47:08 2025 by rpki-client