Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/3FfPYgWc-hcb5wdIDkMKoyezIkU.roa
File: 3FfPYgWc-hcb5wdIDkMKoyezIkU.roa (raw, json)
Hash identifier: 1Xi775Vdo+jyRKjYL6bxPKK1KSf0HPQKr73HBBiZQQo=
Subject key identifier: DC:57:CF:62:05:9C:FA:17:1B:E7:07:48:0E:43:0A:A3:27:B3:22:45
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196EFC11457F39B650F2639D76F374EB9B5
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/3FfPYgWc-hcb5wdIDkMKoyezIkU.roa
Signing time: Tue 20 May 2025 22:12:10 +0000
ROA not before: Tue 20 May 2025 22:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 20 May 2025 23:04:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ef:c1:14:57:f3:9b:65:0f:26:39:d7:6f:37:4e:b9:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 20 22:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc57cf62059cfa171be707480e430aa327b32245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:91:b7:65:7a:1e:3a:5d:cd:0b:f7:dd:96:ef:
e0:93:4a:6f:da:43:36:ed:30:53:a8:82:ee:5e:2f:
01:09:07:bc:ab:11:ab:a0:98:62:47:70:6d:37:72:
08:0d:3a:47:af:d0:47:52:92:58:24:ab:48:1c:00:
c9:35:11:53:f4:b5:d8:1e:43:e2:69:54:fb:55:77:
49:05:a8:f3:43:70:58:a4:ef:31:3d:0e:a6:5d:3b:
c1:cf:d4:49:96:b9:3b:f8:b8:da:88:9b:c3:cd:f0:
86:77:e4:9c:92:16:9c:0b:92:d4:93:d0:9a:f8:36:
cd:b3:f6:e8:bc:c9:8e:6c:41:93:11:da:ee:e1:fc:
38:72:54:d8:4d:4f:b3:91:6b:a0:5b:19:0c:49:a2:
a6:5b:82:08:5a:89:70:1d:88:f5:b8:55:09:41:47:
64:92:e2:1c:63:40:ff:ae:91:47:2b:83:06:63:9f:
9b:1a:36:45:74:df:0c:84:57:8c:5f:68:d6:2a:61:
2c:2d:a8:4b:aa:08:a9:57:e7:5d:f0:ec:34:75:bb:
e8:91:27:69:af:a8:fc:f3:fa:0a:50:26:cd:a1:35:
c7:ca:70:70:e6:07:d3:d3:67:33:25:07:8f:e9:90:
58:13:dc:3c:f2:31:1c:b4:c7:74:0f:88:fc:8a:a2:
68:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:57:CF:62:05:9C:FA:17:1B:E7:07:48:0E:43:0A:A3:27:B3:22:45
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/3FfPYgWc-hcb5wdIDkMKoyezIkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
4b:ff:c5:49:71:32:04:e3:4e:af:02:8a:95:5a:70:c5:60:7b:
8d:75:f0:f3:1e:0b:f3:4e:06:4e:07:db:c7:ef:eb:e4:61:a5:
2a:42:a2:16:54:1b:c4:89:55:ab:97:e7:09:79:52:f6:51:85:
c6:86:69:7f:50:2b:71:bb:0d:d8:a6:bb:f7:70:ce:69:70:ea:
b7:44:41:6d:23:a7:db:a4:c7:0a:c5:ba:ca:e2:89:7f:8b:4a:
9b:eb:4a:8a:fb:ad:b4:d1:ea:6e:1d:b1:10:a4:71:ac:7d:d2:
02:3d:77:d0:10:23:6e:e1:1b:e3:a4:0f:29:0b:d9:11:39:19:
6f:ac:f6:08:79:7e:4a:a5:21:40:ab:1b:36:3e:42:0f:43:94:
f3:37:ec:30:af:ec:6a:03:11:88:83:41:67:25:27:36:5e:01:
00:46:e5:42:54:2d:64:22:1e:d8:73:45:a1:b6:92:9d:39:cf:
0a:d7:e1:91:67:31:54:bb:23:b8:2d:00:7f:12:b2:a6:67:ea:
a2:07:aa:80:a7:3f:39:ac:4e:3d:e6:d7:17:93:c9:61:0b:3f:
ab:1f:1f:7c:af:f6:99:4e:d3:c4:e3:f7:27:ab:c2:0c:93:24:
b7:31:ad:00:f2:d4:31:df:d4:8e:7a:43:4c:8d:88:f9:ed:69:
ad:98:18:57
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbvwRRX85tlDyY51283Trm1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIwMjIxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzU3Y2Y2MjA1OWNmYTE3MWJlNzA3NDgwZTQzMGFhMzI3YjMyMjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZG3ZXoeOl3NC/fdlu/gk0pv2kM2
7TBTqILuXi8BCQe8qxGroJhiR3BtN3IIDTpHr9BHUpJYJKtIHADJNRFT9LXYHkPi
aVT7VXdJBajzQ3BYpO8xPQ6mXTvBz9RJlrk7+LjaiJvDzfCGd+SckhacC5LUk9Ca
+DbNs/bovMmObEGTEdru4fw4clTYTU+zkWugWxkMSaKmW4IIWolwHYj1uFUJQUdk
kuIcY0D/rpFHK4MGY5+bGjZFdN8MhFeMX2jWKmEsLahLqgipV+dd8Ow0dbvokSdp
r6j88/oKUCbNoTXHynBw5gfT02czJQeP6ZBYE9w88jEctMd0D4j8iqJoiQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNxXz2IFnPoXG+cHSA5DCqMnsyJFMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvM0ZmUFlnV2MtaGNiNXdkSURrTUtveWV6SWtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAS//FSXEyBONOrwKKlVpwxWB7
jXXw8x4L804GTgfbx+/r5GGlKkKiFlQbxIlVq5fnCXlS9lGFxoZpf1ArcbsN2Ka7
93DOaXDqt0RBbSOn26THCsW6yuKJf4tKm+tKivuttNHqbh2xEKRxrH3SAj130BAj
buEb46QPKQvZETkZb6z2CHl+SqUhQKsbNj5CD0OU8zfsMK/sagMRiINBZyUnNl4B
AEblQlQtZCIe2HNFobaSnTnPCtfhkWcxVLsjuC0AfxKypmfqogeqgKc/OaxOPebX
F5PJYQs/qx8ffK/2mU7TxOP3J6vCDJMktzGtAPLUMd/UjnpDTI2I+e1prZgYVw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:45:27 2025 by rpki-client