Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/8gxjhqBPpWJj27wV6L6vBnnSHps.roa
File: 8gxjhqBPpWJj27wV6L6vBnnSHps.roa (raw, json)
Hash identifier: aZydHD7jy8gJ+kghq/Px++DNx80BgdwYd0pFDToXTno=
Subject key identifier: F2:0C:63:86:A0:4F:A5:62:63:DB:BC:15:E8:BE:AF:06:79:D2:1E:9B
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196D88E0F1C4C68DC07992ECF41EAF7D8BE
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/8gxjhqBPpWJj27wV6L6vBnnSHps.roa
Signing time: Fri 16 May 2025 10:05:10 +0000
ROA not before: Fri 16 May 2025 10:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:d88d:3363/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 16 May 2025 10:13:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d8:8e:0f:1c:4c:68:dc:07:99:2e:cf:41:ea:f7:d8:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 16 10:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f20c6386a04fa56263dbbc15e8beaf0679d21e9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ce:b7:7e:d0:15:66:81:40:59:ff:4e:e8:57:
f8:4e:10:64:be:7e:0a:9c:e8:18:91:f8:1c:f1:36:
ca:af:78:ee:7d:a7:30:35:51:11:2a:75:13:2e:04:
a9:a9:a2:35:87:16:ee:bf:a7:94:23:62:89:3b:6d:
7c:e0:c4:1a:1c:c8:57:54:59:84:6f:96:f8:b2:f8:
fb:d9:d5:79:d6:52:b1:b3:2f:48:f1:6f:e7:38:c1:
dc:32:b9:ac:ac:3b:71:e2:6b:ab:79:5c:83:4f:07:
c3:18:6e:a7:e7:ac:40:82:f1:03:c5:b8:6c:9a:9b:
71:8a:6a:70:8d:02:f9:07:24:d8:bb:ae:0c:61:f2:
78:66:f4:5a:bf:37:c1:d1:c8:f8:4b:47:fa:ae:e6:
87:88:b0:55:76:0a:b0:2b:50:b6:69:9b:3d:67:64:
22:83:56:34:e6:26:80:e5:0d:37:fb:16:d6:a4:30:
7a:d3:1e:be:e0:06:20:fb:b1:74:48:13:96:b7:86:
81:ab:92:aa:ee:26:96:fc:8b:00:cf:04:aa:66:20:
b3:79:33:bf:35:d7:0d:2b:c2:a8:81:50:a8:fa:0f:
c7:19:de:9b:24:69:c4:f7:76:9a:b2:d8:6b:66:16:
b0:40:26:bb:8b:ba:f3:06:e5:67:3c:98:cc:83:37:
39:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:0C:63:86:A0:4F:A5:62:63:DB:BC:15:E8:BE:AF:06:79:D2:1E:9B
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/8gxjhqBPpWJj27wV6L6vBnnSHps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:d88d:3363/128
Signature Algorithm: sha256WithRSAEncryption
7b:c3:02:86:c5:59:23:59:90:aa:72:35:3b:e5:b9:4c:67:71:
11:fe:b5:40:0a:38:2d:4c:98:b6:07:38:8d:04:67:90:52:9b:
ef:e5:5a:fe:d2:82:1f:5e:b5:c2:a1:7c:a9:02:dd:49:89:a2:
12:ab:11:ef:15:a9:3f:ba:a1:70:10:2e:15:e6:c5:48:eb:cc:
88:2f:b6:90:57:b7:ff:e7:3b:21:16:b4:fc:a8:31:22:8d:c5:
c7:d0:3c:a0:7b:4b:02:9c:b5:6a:70:cb:37:ec:0c:0d:ff:dd:
9f:d7:1f:27:50:c1:d4:d0:92:47:51:f5:c9:38:55:3c:d4:9b:
f7:f2:0b:0b:fd:f9:3e:47:65:de:5a:16:c3:67:0e:e2:c3:dd:
89:8d:c7:aa:f8:0f:e0:fe:00:a2:8a:b2:2c:ae:83:46:35:02:
5e:bf:54:0a:a6:a0:8a:8d:11:1a:db:5c:cf:bc:13:06:01:b0:
b8:f5:de:ad:f2:65:60:0a:6a:5c:9a:f1:de:63:85:d4:cc:dd:
77:65:4d:c4:a9:18:7b:fb:3b:c1:b5:86:5f:eb:3d:af:fe:9f:
69:e4:e8:63:1b:a3:e4:c9:1e:a7:15:a3:52:d0:7c:d3:3d:9a:
3c:43:5b:d2:3f:32:25:fb:02:73:c9:16:36:af:18:b3:e7:99:
54:49:2c:c7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbYjg8cTGjcB5kuz0Hq99i+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTE2MTAwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjBjNjM4NmEwNGZhNTYyNjNkYmJjMTVlOGJlYWYwNjc5ZDIxZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvs63ftAVZoFAWf9O6Ff4ThBkvn4K
nOgYkfgc8TbKr3jufacwNVERKnUTLgSpqaI1hxbuv6eUI2KJO2184MQaHMhXVFmE
b5b4svj72dV51lKxsy9I8W/nOMHcMrmsrDtx4mureVyDTwfDGG6n56xAgvEDxbhs
mptximpwjQL5ByTYu64MYfJ4ZvRavzfB0cj4S0f6ruaHiLBVdgqwK1C2aZs9Z2Qi
g1Y05iaA5Q03+xbWpDB60x6+4AYg+7F0SBOWt4aBq5Kq7iaW/IsAzwSqZiCzeTO/
NdcNK8KogVCo+g/HGd6bJGnE93aasthrZhawQCa7i7rzBuVnPJjMgzc59QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPIMY4agT6ViY9u8Fei+rwZ50h6bMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvOGd4amhxQlBwV0pqMjd3VjZMNnZCbm5TSHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW2I0zYzANBgkqhkiG9w0BAQsFAAOCAQEAe8MChsVZI1mQqnI1O+W5TGdx
Ef61QAo4LUyYtgc4jQRnkFKb7+Va/tKCH161wqF8qQLdSYmiEqsR7xWpP7qhcBAu
FebFSOvMiC+2kFe3/+c7IRa0/KgxIo3Fx9A8oHtLApy1anDLN+wMDf/dn9cfJ1DB
1NCSR1H1yThVPNSb9/ILC/35Pkdl3loWw2cO4sPdiY3HqvgP4P4AooqyLK6DRjUC
Xr9UCqagio0RGttcz7wTBgGwuPXerfJlYApqXJrx3mOF1Mzdd2VNxKkYe/s7wbWG
X+s9r/6faeToYxuj5MkepxWjUtB80z2aPENb0j8yJfsCc8kWNq8Ys+eZVEksxw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:42:59 2025 by rpki-client