Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/3cdDP4U5guR9cib8UEiEp6d8QCM.roa
File: 3cdDP4U5guR9cib8UEiEp6d8QCM.roa (raw, json)
Hash identifier: t6lyNpOXWZnCqIVDfiapTkVId3EAM6cu93qotlJC3V8=
Subject key identifier: DD:C7:43:3F:85:39:82:E4:7D:72:26:FC:50:48:84:A7:A7:7C:40:23
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01974AF323A993FAD178F7E61879645E4A07
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/3cdDP4U5guR9cib8UEiEp6d8QCM.roa
Signing time: Sat 07 Jun 2025 15:12:17 +0000
ROA not before: Sat 07 Jun 2025 15:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 07 Jun 2025 16:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:f3:23:a9:93:fa:d1:78:f7:e6:18:79:64:5e:4a:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 7 15:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddc7433f853982e47d7226fc504884a7a77c4023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2e:7d:3e:24:b6:d2:da:db:8f:b8:af:fe:51:
c3:d6:df:fc:b9:0d:4f:d9:2e:4b:b3:6e:94:df:8e:
60:48:dd:7f:d5:64:f8:25:96:87:85:ab:ce:b4:7b:
3c:06:07:8f:67:61:67:9b:ed:e6:47:c9:51:37:4f:
fb:5f:8d:54:53:3b:24:fe:4c:75:52:ea:49:2a:aa:
0f:31:ea:d7:9e:63:fd:8f:ac:ae:fe:ca:b5:89:a5:
81:df:c1:e1:6c:69:1b:14:1e:9e:e1:97:3d:06:d2:
bd:6c:38:dd:53:0e:b5:f3:a6:91:79:46:d1:61:fd:
c0:12:00:93:f9:da:c3:ed:e5:b0:cd:e1:f8:01:c2:
94:22:23:31:42:31:b4:33:e5:53:b2:b0:97:99:71:
64:d0:8a:65:48:44:6c:a5:9f:ad:02:f6:db:af:54:
9a:40:0f:fd:70:80:b8:ff:3e:ac:ed:da:99:d3:4e:
53:4e:2b:c9:bc:7a:83:0f:a1:cf:2f:e5:2f:05:e0:
e6:a3:94:f1:6f:ea:26:8e:df:72:cc:65:22:9b:b4:
c0:83:10:cd:53:7b:2e:7d:e0:a5:36:37:6f:2d:2a:
4b:8b:40:bc:0f:14:64:0c:0a:bb:af:33:60:63:0c:
a7:73:3e:9b:f2:7c:2e:d0:86:c3:d1:fe:57:73:5d:
e7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C7:43:3F:85:39:82:E4:7D:72:26:FC:50:48:84:A7:A7:7C:40:23
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/3cdDP4U5guR9cib8UEiEp6d8QCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
06:fd:ea:22:6f:c3:49:d9:7a:13:1d:b2:ba:cd:c1:6e:29:65:
fe:8d:0a:47:61:1c:bd:24:f2:d8:86:7a:c0:40:19:ad:29:25:
35:e2:c1:de:54:95:66:ce:9d:96:12:d5:01:87:b5:f4:06:9d:
88:bc:bb:03:96:32:41:0b:6e:1e:d1:fe:37:35:01:c8:68:df:
a7:4d:a5:e2:62:51:69:26:ca:39:96:0c:a4:1d:b8:7d:02:dd:
ce:90:35:95:d9:2d:f3:db:7a:bb:50:9c:cf:d9:54:28:a1:88:
a9:ee:63:8b:6e:81:17:dc:df:41:25:6a:5a:6e:d3:e0:a2:ec:
ea:94:42:89:ed:17:1b:a0:ab:50:17:b0:0f:4b:6f:2c:0f:8f:
f4:9a:66:63:57:8f:39:52:69:72:45:ee:6f:9a:2d:33:43:56:
68:94:4f:a0:46:ba:06:36:ca:3d:4f:ca:a6:52:94:1c:3f:14:
cd:bb:16:32:31:80:54:ea:f9:98:f8:1b:01:5c:8b:04:c7:00:
fb:5a:f1:a8:12:bb:15:b3:13:9a:02:a0:72:18:c3:81:1a:cf:
dc:4f:bd:45:63:ce:a6:e7:4b:ad:65:b8:18:70:fc:ce:77:06:
e2:c0:7a:18:74:51:45:22:94:7b:03:e1:f9:f8:42:49:e1:3e:
12:6e:ef:26
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZdK8yOpk/rRePfmGHlkXkoHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA3MTUxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGM3NDMzZjg1Mzk4MmU0N2Q3MjI2ZmM1MDQ4ODRhN2E3N2M0MDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxi59PiS20trbj7iv/lHD1t/8uQ1P
2S5Ls26U345gSN1/1WT4JZaHhavOtHs8BgePZ2Fnm+3mR8lRN0/7X41UUzsk/kx1
UupJKqoPMerXnmP9j6yu/sq1iaWB38HhbGkbFB6e4Zc9BtK9bDjdUw6186aReUbR
Yf3AEgCT+drD7eWwzeH4AcKUIiMxQjG0M+VTsrCXmXFk0IplSERspZ+tAvbbr1Sa
QA/9cIC4/z6s7dqZ005TTivJvHqDD6HPL+UvBeDmo5Txb+omjt9yzGUim7TAgxDN
U3sufeClNjdvLSpLi0C8DxRkDAq7rzNgYwyncz6b8nwu0IbD0f5Xc13nQQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFN3HQz+FOYLkfXIm/FBIhKenfEAjMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvM2NkRFA0VTVndVI5Y2liOFVFaUVwNmQ4UUNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEABv3qIm/DSdl6
Ex2yus3Bbill/o0KR2EcvSTy2IZ6wEAZrSklNeLB3lSVZs6dlhLVAYe19AadiLy7
A5YyQQtuHtH+NzUByGjfp02l4mJRaSbKOZYMpB24fQLdzpA1ldkt89t6u1Ccz9lU
KKGIqe5ji26BF9zfQSVqWm7T4KLs6pRCie0XG6CrUBewD0tvLA+P9JpmY1ePOVJp
ckXub5otM0NWaJRPoEa6BjbKPU/KplKUHD8UzbsWMjGAVOr5mPgbAVyLBMcA+1rx
qBK7FbMTmgKgchjDgRrP3E+9RWPOpudLrWW4GHD8zncG4sB6GHRRRSKUewPh+fhC
SeE+Em7vJg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:16:46 2025 by rpki-client