Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/8zi_-NUbWLUPed_u1DXOXq1tO7Q.roa
File: 8zi_-NUbWLUPed_u1DXOXq1tO7Q.roa (raw, json)
Hash identifier: pzyV2S/3nFyl33d7mXa099+LKGbuNPlLjiLG2gx71uA=
Subject key identifier: F3:38:BF:F8:D5:1B:58:B5:0F:79:DF:EE:D4:35:CE:5E:AD:6D:3B:B4
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01970EA9BF1C88CDCFF5B704B958FEDDCBF4
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/8zi_-NUbWLUPed_u1DXOXq1tO7Q.roa
Signing time: Mon 26 May 2025 22:14:54 +0000
ROA not before: Mon 26 May 2025 22:14:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 26 May 2025 23:04:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0e:a9:bf:1c:88:cd:cf:f5:b7:04:b9:58:fe:dd:cb:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 26 22:14:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f338bff8d51b58b50f79dfeed435ce5ead6d3bb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:71:02:eb:8c:22:67:e8:14:e5:32:7a:51:a4:
d2:f8:82:f2:07:e0:88:48:23:d1:f8:dd:ab:bc:ba:
a6:a4:f3:7a:44:1a:8e:61:82:9a:55:55:c8:d7:87:
24:90:6c:fd:4a:26:bc:17:9d:c1:67:0c:e6:a3:c6:
67:83:d1:6b:3d:25:3b:b9:5d:d5:86:7a:97:36:17:
a7:60:ae:b5:1a:aa:bd:7b:bb:54:0a:f8:45:80:ef:
59:c8:da:2e:9b:c5:3f:3a:f7:58:c3:1d:c5:f8:07:
5d:b3:73:2f:21:64:a8:c1:b5:85:f5:f6:42:ce:26:
97:39:89:0c:28:96:65:d8:1a:5b:b2:55:64:41:20:
9e:3f:67:a5:cc:36:cd:d4:f3:ef:5c:e2:b3:b3:cf:
59:40:df:8d:c2:d1:f3:e3:f5:92:c3:a1:43:84:2d:
9b:2f:04:39:42:65:35:47:91:2c:3b:3a:44:64:4c:
fb:08:97:f0:14:a8:67:60:43:72:9a:68:f6:95:bf:
a5:eb:24:2b:aa:26:4d:74:2d:a1:63:c8:75:4c:88:
59:a1:18:bb:7c:db:75:43:14:22:c5:96:84:fa:79:
65:a7:da:db:ca:ed:2c:8d:52:1f:35:82:57:fa:70:
2f:fe:5d:b2:ca:96:a4:4c:96:93:27:cb:7a:28:52:
09:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:38:BF:F8:D5:1B:58:B5:0F:79:DF:EE:D4:35:CE:5E:AD:6D:3B:B4
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/8zi_-NUbWLUPed_u1DXOXq1tO7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
6c:70:06:df:93:c9:96:50:31:8d:7f:18:8c:ab:af:82:04:75:
bf:6e:85:d4:81:67:01:bb:96:3d:bd:83:45:17:0f:f9:88:b0:
ad:af:97:c0:0f:00:ed:01:e8:69:ab:69:40:2b:97:b7:d5:d4:
f4:4c:60:f4:39:f0:fb:3d:fa:50:98:82:a4:5c:89:c6:ca:5b:
81:55:aa:af:f7:6b:b9:4c:a5:39:50:a4:d1:bd:4f:5e:f5:8e:
ca:0c:49:da:7e:16:89:f3:01:17:aa:7e:4a:c6:da:0c:c9:9f:
1a:28:5a:79:f8:3f:a3:66:e5:4c:2d:99:70:be:d1:d8:87:90:
ca:6f:5d:8b:e2:14:be:18:65:9c:5b:6a:4e:b9:01:bf:42:3b:
ea:c0:a0:a0:02:2f:b7:69:3a:bc:61:d0:7a:26:0e:44:5b:f5:
42:19:0f:15:f4:d9:f1:ef:da:db:61:0e:80:64:05:5b:8c:9a:
ef:7d:8d:cd:69:97:0f:26:7d:9e:b0:43:3f:d1:40:e4:b9:09:
e3:2c:8a:ce:56:40:78:82:d3:9f:66:9d:d3:77:4d:20:a3:f6:
79:cd:6b:1c:31:d7:73:56:3f:25:a8:de:56:fd:29:81:bc:0b:
41:0c:05:fa:b1:97:c8:8a:31:cf:da:33:72:3b:2e:9e:1c:b4:
21:52:89:dd
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZcOqb8ciM3P9bcEuVj+3cv0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI2MjIxNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzM4YmZmOGQ1MWI1OGI1MGY3OWRmZWVkNDM1Y2U1ZWFkNmQzYmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHEC64wiZ+gU5TJ6UaTS+ILyB+CI
SCPR+N2rvLqmpPN6RBqOYYKaVVXI14ckkGz9Sia8F53BZwzmo8Zng9FrPSU7uV3V
hnqXNhenYK61Gqq9e7tUCvhFgO9ZyNoum8U/OvdYwx3F+Adds3MvIWSowbWF9fZC
ziaXOYkMKJZl2BpbslVkQSCeP2elzDbN1PPvXOKzs89ZQN+NwtHz4/WSw6FDhC2b
LwQ5QmU1R5EsOzpEZEz7CJfwFKhnYENymmj2lb+l6yQrqiZNdC2hY8h1TIhZoRi7
fNt1QxQixZaE+nllp9rbyu0sjVIfNYJX+nAv/l2yypakTJaTJ8t6KFIJ5wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPM4v/jVG1i1D3nf7tQ1zl6tbTu0MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvOHppXy1OVWJXTFVQZWRfdTFEWE9YcTF0TzdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAbHAG35PJllAxjX8YjKuvggR1
v26F1IFnAbuWPb2DRRcP+Yiwra+XwA8A7QHoaatpQCuXt9XU9Exg9Dnw+z36UJiC
pFyJxspbgVWqr/druUylOVCk0b1PXvWOygxJ2n4WifMBF6p+SsbaDMmfGihaefg/
o2blTC2ZcL7R2IeQym9di+IUvhhlnFtqTrkBv0I76sCgoAIvt2k6vGHQeiYORFv1
QhkPFfTZ8e/a22EOgGQFW4ya732NzWmXDyZ9nrBDP9FA5LkJ4yyKzlZAeILTn2ad
03dNIKP2ec1rHDHXc1Y/JajeVv0pgbwLQQwF+rGXyIoxz9ozcjsunhy0IVKJ3Q==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:39:54 2025 by rpki-client