Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/63iw5v0I4nyY9jbP7mXartCwG_g.roa
File: 63iw5v0I4nyY9jbP7mXartCwG_g.roa (raw, json)
Hash identifier: VlVXU1GGKM1xjzrukx/9jixBwXUzKh0v/MbOpLJBDtY=
Subject key identifier: EB:78:B0:E6:FD:08:E2:7C:98:F6:36:CF:EE:65:DA:AE:D0:B0:1B:F8
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197289DBA05B1BFD5FA8DC26CEF9878FDDF
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/63iw5v0I4nyY9jbP7mXartCwG_g.roa
Signing time: Sat 31 May 2025 23:11:54 +0000
ROA not before: Sat 31 May 2025 23:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 01 Jun 2025 00:05:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:28:9d:ba:05:b1:bf:d5:fa:8d:c2:6c:ef:98:78:fd:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 31 23:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb78b0e6fd08e27c98f636cfee65daaed0b01bf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4d:e7:4a:23:12:6a:2d:4b:ba:3f:63:bd:9c:
db:12:98:56:dd:3f:3e:96:6a:66:67:ab:77:a1:e3:
6e:fa:c3:00:15:f6:97:27:7a:e0:e4:73:69:cf:ca:
92:5c:d2:6e:5c:6e:30:13:70:af:e6:40:2d:76:f1:
dd:3a:e0:62:e3:8a:d9:63:f7:7b:18:ca:95:b9:3e:
03:aa:74:d3:2e:1b:62:ac:63:82:04:20:3b:ff:d0:
74:f8:fb:fd:de:51:db:6c:9f:50:c9:58:2a:95:32:
49:4e:fd:67:88:78:57:21:97:11:f3:8f:09:04:66:
a5:29:7e:71:77:13:4b:99:5e:e0:62:41:16:f0:02:
c1:d7:b1:25:27:ed:99:1f:02:15:45:38:7d:a0:bc:
e2:7f:cf:06:49:47:c0:0d:54:3b:d4:38:cf:11:c3:
7a:06:79:b0:10:ac:07:34:10:2a:cf:13:d8:bf:d7:
00:7a:75:8e:70:8c:4a:30:a0:7d:04:08:4e:90:e1:
2b:1a:fa:80:d5:7b:fa:b9:a1:7f:e3:91:85:c9:d1:
81:ce:ad:44:67:2b:cf:1b:75:c1:35:da:cb:43:ac:
6a:e1:c6:1b:00:93:ca:e6:12:5c:aa:d4:e9:6b:b6:
ec:3d:39:1d:a6:f2:57:5b:29:16:d0:bd:2e:23:71:
ad:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:78:B0:E6:FD:08:E2:7C:98:F6:36:CF:EE:65:DA:AE:D0:B0:1B:F8
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/63iw5v0I4nyY9jbP7mXartCwG_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
42:3e:a8:88:0e:73:61:e9:62:df:d3:c2:0e:a2:36:5c:b9:cb:
eb:ed:08:f5:4d:74:a0:9e:90:c0:35:9c:c9:1c:40:af:7b:f0:
95:39:5d:77:f6:6f:c9:7c:b2:99:15:3b:a7:f2:df:bc:04:c4:
ef:e4:2d:0d:83:49:ce:a3:3d:68:97:c7:ff:af:a9:72:89:ed:
48:a9:05:83:21:a1:29:80:de:d7:e1:27:b1:06:97:67:43:25:
75:33:35:5e:c5:03:9c:a6:e6:f7:95:d1:7b:80:b0:3e:4a:1d:
95:9d:6a:ae:3a:a9:98:05:d7:04:35:6d:35:50:40:45:50:2f:
89:a2:ab:b8:8f:da:bb:eb:5a:14:92:d1:c7:e2:7b:02:a7:cd:
f2:6f:71:f3:9c:2f:81:09:62:13:f4:6c:86:47:8e:f2:29:40:
9e:04:ea:47:78:37:32:d7:04:be:9a:09:d9:d5:91:8d:be:41:
6f:75:3a:fb:b8:6f:b7:dd:e1:fc:a7:5d:bf:e0:08:7d:72:a5:
27:ec:08:36:c8:da:16:77:e5:fc:68:a9:ed:0f:ac:67:a6:1c:
2a:a7:c7:39:b2:28:80:02:0a:f5:fe:3c:54:8c:5f:65:5c:88:
97:c1:54:bb:e5:ed:f6:10:82:29:a8:1e:27:33:9a:c7:ef:07:
61:3c:50:03
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZconboFsb/V+o3CbO+YeP3fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTMxMjMxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjc4YjBlNmZkMDhlMjdjOThmNjM2Y2ZlZTY1ZGFhZWQwYjAxYmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoU3nSiMSai1Luj9jvZzbEphW3T8+
lmpmZ6t3oeNu+sMAFfaXJ3rg5HNpz8qSXNJuXG4wE3Cv5kAtdvHdOuBi44rZY/d7
GMqVuT4DqnTTLhtirGOCBCA7/9B0+Pv93lHbbJ9QyVgqlTJJTv1niHhXIZcR848J
BGalKX5xdxNLmV7gYkEW8ALB17ElJ+2ZHwIVRTh9oLzif88GSUfADVQ71DjPEcN6
BnmwEKwHNBAqzxPYv9cAenWOcIxKMKB9BAhOkOErGvqA1Xv6uaF/45GFydGBzq1E
ZyvPG3XBNdrLQ6xq4cYbAJPK5hJcqtTpa7bsPTkdpvJXWykW0L0uI3GtnQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFOt4sOb9COJ8mPY2z+5l2q7QsBv4MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvNjNpdzV2MEk0bnlZOWpiUDdtWGFydEN3R19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQBCPqiIDnNh6WLf08IOojZcucvr7Qj1TXSgnpDA
NZzJHECve/CVOV139m/JfLKZFTun8t+8BMTv5C0Ng0nOoz1ol8f/r6lyie1IqQWD
IaEpgN7X4SexBpdnQyV1MzVexQOcpub3ldF7gLA+Sh2VnWquOqmYBdcENW01UEBF
UC+Joqu4j9q761oUktHH4nsCp83yb3HznC+BCWIT9GyGR47yKUCeBOpHeDcy1wS+
mgnZ1ZGNvkFvdTr7uG+33eH8p12/4Ah9cqUn7Ag2yNoWd+X8aKntD6xnphwqp8c5
siiAAgr1/jxUjF9lXIiXwVS75e32EIIpqB4nM5rH7wdhPFAD
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:13:16 2025 by rpki-client