Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/8CH9v9IkyIKJiCqmT8rv8q2m46g.roa
File: 8CH9v9IkyIKJiCqmT8rv8q2m46g.roa (raw, json)
Hash identifier: xEP10Z3YtZN9X5QwH6BmfvaPhUJSavrrXNK4cYuMhG4=
Subject key identifier: F0:21:FD:BF:D2:24:C8:82:89:88:2A:A6:4F:CA:EF:F2:AD:A6:E3:A8
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019661E4DB19830920BE647E8E6436E57A82
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/8CH9v9IkyIKJiCqmT8rv8q2m46g.roa
Signing time: Wed 23 Apr 2025 09:05:10 +0000
ROA not before: Wed 23 Apr 2025 09:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:61e4:3ff5/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 23 Apr 2025 09:15:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:61:e4:db:19:83:09:20:be:64:7e:8e:64:36:e5:7a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 23 09:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f021fdbfd224c88289882aa64fcaeff2ada6e3a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:33:4c:f5:fd:92:99:db:f8:df:c2:2d:7e:e0:
48:b8:28:e5:e2:fd:f5:a5:95:71:db:64:0e:13:34:
6a:c3:38:9a:e9:f7:8d:ca:38:fa:fa:36:eb:10:ea:
13:82:94:02:82:09:7d:63:0d:69:f4:bf:0c:ee:0c:
2d:36:62:20:4c:8b:b1:fd:ff:08:40:f0:a1:dd:18:
e2:56:7e:fc:bc:5c:56:ef:af:93:c3:36:af:f3:92:
37:1d:ec:c5:84:60:0e:38:26:6b:ec:5c:b7:9a:1b:
cf:56:6e:20:e0:f3:82:df:78:38:94:1e:f6:d9:2e:
19:ac:a0:7f:72:6d:d4:4a:25:1d:3e:e6:c1:f1:87:
4b:7c:9e:4f:1b:fd:0d:fb:f5:71:87:c7:9c:66:51:
a8:0f:a0:c7:97:f8:fb:33:05:f2:17:f0:ae:50:4d:
b7:60:1d:85:db:84:ef:79:57:70:70:1a:5d:2c:a4:
3b:93:38:e0:86:a3:b3:e5:65:dd:8c:79:cc:3d:44:
18:8b:78:90:dd:a1:df:0c:d8:c0:df:f9:f2:75:f5:
0a:63:7d:dc:f7:90:e7:2f:93:40:e2:99:55:e8:c3:
54:ac:38:15:d7:d8:c3:df:4d:c6:73:97:a0:96:93:
a1:86:bf:dd:28:ff:31:b7:51:d2:11:0e:8e:27:c6:
fe:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:21:FD:BF:D2:24:C8:82:89:88:2A:A6:4F:CA:EF:F2:AD:A6:E3:A8
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/8CH9v9IkyIKJiCqmT8rv8q2m46g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:61e4:3ff5/128
Signature Algorithm: sha256WithRSAEncryption
8d:9b:11:7c:22:95:89:bf:b3:a9:19:3a:2f:e9:80:32:13:20:
c9:32:24:17:93:14:0e:c7:80:58:5d:e3:04:38:97:71:b0:b5:
a1:2e:ff:ab:6b:b9:2f:79:db:8a:35:1b:9b:4a:c4:78:3c:86:
20:77:05:cc:0a:03:d4:0f:11:96:d9:c2:fd:e4:9d:7e:11:a0:
39:a4:6d:97:6f:f6:db:0a:b0:de:73:e0:24:72:6e:65:b4:46:
47:20:6e:bb:5d:28:31:bb:f7:63:e5:d5:a3:c1:e9:26:19:4c:
ac:05:28:e6:01:28:6e:88:74:91:92:71:15:d6:41:1a:68:22:
c7:59:ff:5a:b3:81:99:2b:9f:dd:51:5e:a8:6c:ab:8c:dc:5d:
01:58:b3:af:da:ac:7e:98:23:c4:9c:fa:75:bf:81:32:0d:72:
45:c0:34:c8:30:3f:e7:d4:9a:54:29:43:67:4f:e6:5e:b9:2d:
17:5d:5e:a5:9c:d5:cd:85:cc:df:db:d4:65:9d:6e:d6:29:74:
60:f8:85:71:33:a4:38:69:a4:c6:34:4b:dc:74:a0:73:b5:34:
36:a8:06:51:11:90:0a:09:46:bd:ef:70:01:ff:b6:b4:29:f8:
ad:12:dc:e3:07:81:50:af:f9:03:b8:42:5a:2e:09:6d:ee:f9:
69:24:b1:11
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZZh5NsZgwkgvmR+jmQ25XqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDIzMDkwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDIxZmRiZmQyMjRjODgyODk4ODJhYTY0ZmNhZWZmMmFkYTZlM2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujNM9f2Smdv438ItfuBIuCjl4v31
pZVx22QOEzRqwzia6feNyjj6+jbrEOoTgpQCggl9Yw1p9L8M7gwtNmIgTIux/f8I
QPCh3RjiVn78vFxW76+Twzav85I3HezFhGAOOCZr7Fy3mhvPVm4g4POC33g4lB72
2S4ZrKB/cm3USiUdPubB8YdLfJ5PG/0N+/Vxh8ecZlGoD6DHl/j7MwXyF/CuUE23
YB2F24TveVdwcBpdLKQ7kzjghqOz5WXdjHnMPUQYi3iQ3aHfDNjA3/nydfUKY33c
95DnL5NA4plV6MNUrDgV19jD303Gc5eglpOhhr/dKP8xt1HSEQ6OJ8b+FQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPAh/b/SJMiCiYgqpk/K7/KtpuOoMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvOENIOXY5SWt5SUtKaUNxbVQ4cnY4cTJtNDZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWYeQ/9TANBgkqhkiG9w0BAQsFAAOCAQEAjZsRfCKVib+zqRk6L+mAMhMg
yTIkF5MUDseAWF3jBDiXcbC1oS7/q2u5L3nbijUbm0rEeDyGIHcFzAoD1A8RltnC
/eSdfhGgOaRtl2/22wqw3nPgJHJuZbRGRyBuu10oMbv3Y+XVo8HpJhlMrAUo5gEo
boh0kZJxFdZBGmgix1n/WrOBmSuf3VFeqGyrjNxdAVizr9qsfpgjxJz6db+BMg1y
RcA0yDA/59SaVClDZ0/mXrktF11epZzVzYXM39vUZZ1u1il0YPiFcTOkOGmkxjRL
3HSgc7U0NqgGURGQCglGve9wAf+2tCn4rRLc4weBUK/5A7hCWi4Jbe75aSSxEQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:45:57 2025 by rpki-client