Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/3cebm-Pq0Qr4P8gU8CHF7a8ik0w.roa
File: 3cebm-Pq0Qr4P8gU8CHF7a8ik0w.roa (raw, json)
Hash identifier: 5t0ooWs7kGxtJY+9QqCABHiwt4tDGgAP53L4AKGjeN4=
Subject key identifier: DD:C7:9B:9B:E3:EA:D1:0A:F8:3F:C8:14:F0:21:C5:ED:AF:22:93:4C
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019724F9B7F5C612E12B4200FDB6AA220D71
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/3cebm-Pq0Qr4P8gU8CHF7a8ik0w.roa
Signing time: Sat 31 May 2025 06:13:54 +0000
ROA not before: Sat 31 May 2025 06:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 31 May 2025 07:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:24:f9:b7:f5:c6:12:e1:2b:42:00:fd:b6:aa:22:0d:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 31 06:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddc79b9be3ead10af83fc814f021c5edaf22934c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:8a:9d:02:8c:8b:01:37:83:46:36:ee:52:e5:
43:1b:e7:3f:3c:b7:11:03:3b:69:3a:c9:03:3a:0d:
b9:59:cb:6f:14:dc:76:1c:08:06:16:24:2d:b3:97:
e0:d1:a0:2c:c8:80:ae:47:5d:8e:4c:0b:76:6e:9e:
c0:c5:1a:c0:f1:0d:ec:3f:7d:58:78:39:91:8a:c9:
60:82:12:6c:e6:a6:25:49:60:a6:b3:7c:e5:fb:c5:
7e:70:5f:b7:e0:86:5c:c7:ea:df:18:54:18:31:45:
f1:69:82:4b:6a:2f:e2:59:03:4d:17:05:7a:f4:dd:
2c:b0:b6:f6:99:2d:9b:f1:16:0d:2b:77:e6:1a:c7:
00:33:92:72:83:be:a7:41:0d:fe:35:43:22:44:7d:
84:67:7e:3a:2f:ba:f3:15:f3:9c:b3:e3:4b:85:2b:
1a:27:59:9f:f3:9d:06:04:2f:51:1a:50:7a:70:87:
7b:7c:b2:09:64:81:7f:d6:9a:df:a1:8d:b6:58:0f:
13:4c:ad:44:97:b0:1d:bf:c9:e5:50:4d:ee:e2:17:
ee:e6:0b:ab:95:bd:58:85:96:ce:53:31:02:ce:2a:
ac:7c:53:d2:47:99:66:fa:85:a5:67:0e:27:7a:98:
0f:cf:15:f8:a5:16:3f:84:3a:41:d1:10:47:91:b5:
0a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C7:9B:9B:E3:EA:D1:0A:F8:3F:C8:14:F0:21:C5:ED:AF:22:93:4C
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/3cebm-Pq0Qr4P8gU8CHF7a8ik0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
5d:05:16:07:42:21:7c:09:f0:15:3b:a3:ba:75:8e:df:4b:e4:
be:78:e6:fa:37:5a:1e:42:ee:e9:81:3d:0c:61:29:31:1b:14:
8e:66:1c:aa:af:c4:bb:ba:53:ae:9b:fa:47:83:f2:71:2c:49:
7d:db:9f:88:c4:3d:ae:33:bd:54:02:01:d9:ef:ea:99:df:25:
48:d9:e6:c9:6a:bb:d4:c8:15:ce:5d:2e:41:e8:ff:db:20:b5:
cf:89:5b:a2:8f:f0:9a:a7:ad:0e:2a:db:c1:c7:8d:d8:f0:68:
ed:6b:bc:a3:4e:a7:42:78:23:10:22:6e:dd:36:d8:a6:e0:02:
a1:c7:22:73:41:71:c3:c0:f2:4f:0b:db:8d:19:d9:9f:fc:36:
c2:3f:5b:9d:a8:b8:43:dd:6b:de:22:1e:99:54:52:60:d3:07:
79:06:d7:b2:fc:7f:57:ab:55:0d:32:74:56:b2:29:4b:0d:75:
62:27:ce:d6:c0:2b:97:24:2c:c1:17:10:87:99:d6:a6:68:87:
d7:c0:f1:6f:0e:f2:41:e4:61:c4:26:de:33:ea:cc:ae:6b:06:
01:ca:eb:09:a9:8e:0b:2b:60:06:b3:27:ca:5d:3a:17:9c:fa:
bc:02:2d:c7:0a:64:44:8b:aa:aa:39:64:e7:70:53:bf:1d:76:
67:bc:ea:65
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZck+bf1xhLhK0IA/baqIg1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTMxMDYxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGM3OWI5YmUzZWFkMTBhZjgzZmM4MTRmMDIxYzVlZGFmMjI5MzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4qdAoyLATeDRjbuUuVDG+c/PLcR
AztpOskDOg25WctvFNx2HAgGFiQts5fg0aAsyICuR12OTAt2bp7AxRrA8Q3sP31Y
eDmRislgghJs5qYlSWCms3zl+8V+cF+34IZcx+rfGFQYMUXxaYJLai/iWQNNFwV6
9N0ssLb2mS2b8RYNK3fmGscAM5Jyg76nQQ3+NUMiRH2EZ346L7rzFfOcs+NLhSsa
J1mf850GBC9RGlB6cId7fLIJZIF/1prfoY22WA8TTK1El7Adv8nlUE3u4hfu5gur
lb1YhZbOUzECziqsfFPSR5lm+oWlZw4nepgPzxX4pRY/hDpB0RBHkbUKlwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFN3Hm5vj6tEK+D/IFPAhxe2vIpNMMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvM2NlYm0tUHEwUXI0UDhnVThDSEY3YThpazB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQBdBRYHQiF8CfAVO6O6dY7fS+S+eOb6N1oeQu7p
gT0MYSkxGxSOZhyqr8S7ulOum/pHg/JxLEl925+IxD2uM71UAgHZ7+qZ3yVI2ebJ
arvUyBXOXS5B6P/bILXPiVuij/Cap60OKtvBx43Y8Gjta7yjTqdCeCMQIm7dNtim
4AKhxyJzQXHDwPJPC9uNGdmf/DbCP1udqLhD3WveIh6ZVFJg0wd5Btey/H9Xq1UN
MnRWsilLDXViJ87WwCuXJCzBFxCHmdamaIfXwPFvDvJB5GHEJt4z6syuawYByusJ
qY4LK2AGsyfKXToXnPq8Ai3HCmREi6qqOWTncFO/HXZnvOpl
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:23:47 2025 by rpki-client