Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/42VyBCU-nQ-f2fOaFQ8VfBP_660.roa
File: 42VyBCU-nQ-f2fOaFQ8VfBP_660.roa (raw, json)
Hash identifier: Pgk8uyi1YU0V73v+1QxQSVpK61PNYWMqMqrKRCuLxS8=
Subject key identifier: E3:65:72:04:25:3E:9D:0F:9F:D9:F3:9A:15:0F:15:7C:13:FF:EB:AD
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196FEC8CD9FD13D66E80B01669D04DA6935
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/42VyBCU-nQ-f2fOaFQ8VfBP_660.roa
Signing time: Fri 23 May 2025 20:14:54 +0000
ROA not before: Fri 23 May 2025 20:14:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 23 May 2025 21:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fe:c8:cd:9f:d1:3d:66:e8:0b:01:66:9d:04:da:69:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 23 20:14:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3657204253e9d0f9fd9f39a150f157c13ffebad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:98:11:f5:8a:28:30:52:e6:f6:78:f7:3e:ea:
22:a4:12:d5:8f:04:28:cc:1e:ae:36:18:88:70:20:
e7:f4:df:99:5d:87:88:c7:63:3f:7c:7a:fe:fd:4f:
7b:77:75:11:f7:5e:9f:aa:ce:6f:ea:c7:ed:ae:26:
ad:a3:52:f7:10:3f:73:c3:17:02:f2:f9:01:17:66:
d7:68:57:45:eb:9a:69:bb:83:8b:7b:6d:cc:f7:4c:
d6:a5:99:ab:a7:4e:dc:20:d0:94:b5:3e:a9:82:89:
9c:7c:c3:c1:47:c0:81:41:2f:20:45:95:9c:16:25:
db:3f:bb:c1:2f:b1:88:a9:be:26:05:87:54:27:2d:
93:44:55:84:7c:fe:df:e1:12:b1:0a:8a:77:9b:bb:
3c:9f:a3:17:ea:b6:3d:9a:54:8f:9e:9b:44:39:4f:
89:de:4f:27:c6:5a:29:13:d0:6b:36:4a:e3:a0:81:
55:d3:db:fa:73:20:71:dc:05:56:2d:35:da:a9:f8:
c8:56:17:e7:4c:83:f7:5f:a0:ba:b1:ba:03:ef:bc:
b2:53:8a:d0:90:a8:59:bd:69:8f:c5:2c:a1:e4:9a:
73:f0:54:55:88:7c:be:0b:ee:db:5b:4a:46:0e:f6:
f7:9c:cc:62:4e:b1:ab:19:a9:f5:5c:9c:1b:e1:0b:
14:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:65:72:04:25:3E:9D:0F:9F:D9:F3:9A:15:0F:15:7C:13:FF:EB:AD
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/42VyBCU-nQ-f2fOaFQ8VfBP_660.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
07:1f:0b:dd:c6:63:a2:55:03:f4:df:39:30:08:00:49:9c:28:
66:d9:c7:51:8e:97:56:a5:50:3f:29:52:57:7a:4b:48:c2:92:
62:51:8c:99:89:cb:b5:5e:cb:4e:2f:88:8a:56:90:ac:4e:98:
e0:92:82:45:ef:d5:13:d8:b2:a2:0c:59:c2:bb:ee:df:8f:6e:
72:5a:39:40:03:07:d7:d1:c5:22:fa:7d:ea:ea:ad:d4:24:95:
26:1e:99:5b:4d:b4:3f:11:1b:c1:6e:9b:52:bf:39:76:57:30:
75:1f:8b:29:aa:d9:ac:98:9a:8c:28:dd:36:53:80:5a:f4:ad:
3c:20:c8:e8:dd:2c:ac:1c:85:ab:aa:5c:ad:18:79:d2:fc:9d:
a7:7f:66:b7:8f:c2:13:d0:47:c1:c2:65:a3:e4:ff:c3:2c:c0:
8d:64:01:98:74:a2:6a:6e:96:1f:66:e8:ea:44:11:a0:88:7c:
9d:d1:22:5b:9a:39:c3:4c:5b:40:9b:0f:e6:28:6e:d3:66:22:
82:6e:d7:2f:c3:cb:1d:b3:4d:91:a3:5d:86:8d:c1:ca:93:38:
88:12:f7:fd:4f:23:d8:b2:ca:82:b3:49:5b:9b:08:e1:8f:5d:
46:26:b0:88:22:e0:25:ac:94:d4:98:ea:4e:fa:37:3e:bd:f9:
67:eb:04:17
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb+yM2f0T1m6AsBZp0E2mk1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIzMjAxNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzY1NzIwNDI1M2U5ZDBmOWZkOWYzOWExNTBmMTU3YzEzZmZlYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5gR9YooMFLm9nj3PuoipBLVjwQo
zB6uNhiIcCDn9N+ZXYeIx2M/fHr+/U97d3UR916fqs5v6sftriato1L3ED9zwxcC
8vkBF2bXaFdF65ppu4OLe23M90zWpZmrp07cINCUtT6pgomcfMPBR8CBQS8gRZWc
FiXbP7vBL7GIqb4mBYdUJy2TRFWEfP7f4RKxCop3m7s8n6MX6rY9mlSPnptEOU+J
3k8nxlopE9BrNkrjoIFV09v6cyBx3AVWLTXaqfjIVhfnTIP3X6C6sboD77yyU4rQ
kKhZvWmPxSyh5Jpz8FRViHy+C+7bW0pGDvb3nMxiTrGrGan1XJwb4QsUAQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFONlcgQlPp0Pn9nzmhUPFXwT/+utMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvNDJWeUJDVS1uUS1mMmZPYUZROFZmQlBfNjYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEABx8L3cZjolUD9N85MAgASZwo
ZtnHUY6XVqVQPylSV3pLSMKSYlGMmYnLtV7LTi+IilaQrE6Y4JKCRe/VE9iyogxZ
wrvu349uclo5QAMH19HFIvp96uqt1CSVJh6ZW020PxEbwW6bUr85dlcwdR+LKarZ
rJiajCjdNlOAWvStPCDI6N0srByFq6pcrRh50vydp39mt4/CE9BHwcJlo+T/wyzA
jWQBmHSiam6WH2bo6kQRoIh8ndEiW5o5w0xbQJsP5ihu02Yigm7XL8PLHbNNkaNd
ho3BypM4iBL3/U8j2LLKgrNJW5sI4Y9dRiawiCLgJayU1JjqTvo3Pr35Z+sEFw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:15:13 2025 by rpki-client