Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/8L5tvRhAuKY65EjbwQ89G9ySq60.roa
File: 8L5tvRhAuKY65EjbwQ89G9ySq60.roa (raw, json)
Hash identifier: ufDNUxcV8hgr98+iRDUTrELgixkcuM0WBViJLFXCMNw=
Subject key identifier: F0:BE:6D:BD:18:40:B8:A6:3A:E4:48:DB:C1:0F:3D:1B:DC:92:AB:AD
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196FD0F84D2F75C4C0AD32C3338039E48E2
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/8L5tvRhAuKY65EjbwQ89G9ySq60.roa
Signing time: Fri 23 May 2025 12:12:54 +0000
ROA not before: Fri 23 May 2025 12:12:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 23 May 2025 13:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fd:0f:84:d2:f7:5c:4c:0a:d3:2c:33:38:03:9e:48:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 23 12:12:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0be6dbd1840b8a63ae448dbc10f3d1bdc92abad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:16:60:7e:05:e2:12:43:77:7b:17:c1:29:54:
a0:d8:36:5e:5b:f6:ce:9c:bb:cf:3f:12:72:5c:b3:
d5:cf:29:76:35:bc:43:c5:31:23:d3:29:81:d7:fd:
a7:04:bc:dc:bb:dc:61:bd:5a:b2:ec:97:02:09:91:
65:a3:c2:e0:00:d3:07:42:e4:e8:cf:9e:f3:a5:fb:
df:9c:46:5f:2b:07:c8:02:ab:8d:59:38:4d:8a:86:
02:1b:6d:1e:2f:fa:a1:c6:89:11:76:a4:41:09:4b:
72:40:d2:dc:d7:31:f0:10:4d:d0:0b:f3:c3:46:4a:
c3:46:ba:d9:fb:16:7d:36:01:92:d1:dd:b5:4e:99:
fd:39:23:1b:1e:4a:04:21:14:44:c2:4c:37:be:ea:
cf:84:6e:38:0b:e5:b0:75:2f:f8:87:ae:00:f2:07:
17:e5:01:d6:58:36:64:73:29:81:b2:33:d6:be:dc:
4f:98:9c:ca:c3:37:43:56:ae:c2:ea:a1:d0:4c:86:
63:97:c2:c8:e6:aa:27:2c:a9:d9:d5:d8:b6:e3:b3:
d5:20:85:09:81:2c:c1:a7:64:15:ca:22:55:52:8e:
3d:50:0f:4b:9b:9e:58:e3:bf:a2:97:34:e0:71:94:
8c:12:01:ac:33:4f:b7:82:f9:5d:06:9b:55:bf:4e:
71:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:BE:6D:BD:18:40:B8:A6:3A:E4:48:DB:C1:0F:3D:1B:DC:92:AB:AD
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/8L5tvRhAuKY65EjbwQ89G9ySq60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
11:d0:4b:39:18:26:d6:92:f3:af:cf:a7:90:dc:e7:4a:4b:20:
c6:66:84:00:9f:40:f8:5f:3e:1d:d4:03:26:95:ab:cd:27:95:
8d:df:69:ed:71:aa:63:0e:90:7a:a6:70:46:9d:41:0f:1d:c6:
35:ef:09:44:50:b1:71:1a:cb:d1:85:58:12:c1:9b:d7:b4:da:
31:5c:0c:c3:3b:14:ae:0a:23:a7:44:47:00:cc:06:fe:91:8d:
58:7a:98:c0:f0:8a:f6:88:ea:ab:b8:7f:44:74:aa:56:f3:32:
39:f1:b9:05:d5:b7:51:99:21:e9:f7:6c:15:ed:00:eb:03:b6:
c9:03:db:98:91:e6:31:f3:f0:f3:fa:df:8e:47:b2:6d:81:cc:
93:ae:2a:d0:28:aa:f9:90:4e:8f:73:35:73:6b:4d:7e:24:b4:
ac:b4:4b:7d:72:c2:b7:0f:43:44:77:eb:94:6b:fd:ec:b5:4a:
e6:1a:5f:0e:e3:fb:ed:20:67:ee:8b:e6:b6:03:40:19:c8:10:
6c:d2:c9:59:af:37:df:a6:53:31:14:a7:bc:8b:8f:0b:a3:00:
5c:aa:a6:b4:26:a3:2d:90:22:04:22:9b:b2:dc:ea:fc:48:97:
f7:ae:1d:b7:97:a4:3b:0b:bf:42:08:83:e8:45:d9:c6:71:f7:
6b:6e:1d:ed
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb9D4TS91xMCtMsMzgDnkjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIzMTIxMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGJlNmRiZDE4NDBiOGE2M2FlNDQ4ZGJjMTBmM2QxYmRjOTJhYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhZgfgXiEkN3exfBKVSg2DZeW/bO
nLvPPxJyXLPVzyl2NbxDxTEj0ymB1/2nBLzcu9xhvVqy7JcCCZFlo8LgANMHQuTo
z57zpfvfnEZfKwfIAquNWThNioYCG20eL/qhxokRdqRBCUtyQNLc1zHwEE3QC/PD
RkrDRrrZ+xZ9NgGS0d21Tpn9OSMbHkoEIRREwkw3vurPhG44C+WwdS/4h64A8gcX
5QHWWDZkcymBsjPWvtxPmJzKwzdDVq7C6qHQTIZjl8LI5qonLKnZ1di247PVIIUJ
gSzBp2QVyiJVUo49UA9Lm55Y47+ilzTgcZSMEgGsM0+3gvldBptVv05x7wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPC+bb0YQLimOuRI28EPPRvckqutMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvOEw1dHZSaEF1S1k2NUVqYndRODlHOXlTcTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAEdBLORgm1pLzr8+nkNznSksg
xmaEAJ9A+F8+HdQDJpWrzSeVjd9p7XGqYw6QeqZwRp1BDx3GNe8JRFCxcRrL0YVY
EsGb17TaMVwMwzsUrgojp0RHAMwG/pGNWHqYwPCK9ojqq7h/RHSqVvMyOfG5BdW3
UZkh6fdsFe0A6wO2yQPbmJHmMfPw8/rfjkeybYHMk64q0Ciq+ZBOj3M1c2tNfiS0
rLRLfXLCtw9DRHfrlGv97LVK5hpfDuP77SBn7ovmtgNAGcgQbNLJWa8336ZTMRSn
vIuPC6MAXKqmtCajLZAiBCKbstzq/EiX964dt5ekOwu/QgiD6EXZxnH3a24d7Q==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:05:24 2025 by rpki-client