Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/9hkM41XGg2jjuyPGcYdqqevNovg.roa
File: 9hkM41XGg2jjuyPGcYdqqevNovg.roa (raw, json)
Hash identifier: qckE7+NEHCNzNxpbEsC0cot8CwQ0ljFxSBeo+X7IkUQ=
Subject key identifier: F6:19:0C:E3:55:C6:83:68:E3:BB:23:C6:71:87:6A:A9:EB:CD:A2:F8
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197124EAB0A6347215D9F7F54F879B098E6
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/9hkM41XGg2jjuyPGcYdqqevNovg.roa
Signing time: Tue 27 May 2025 15:13:54 +0000
ROA not before: Tue 27 May 2025 15:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 27 May 2025 16:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:12:4e:ab:0a:63:47:21:5d:9f:7f:54:f8:79:b0:98:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 27 15:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6190ce355c68368e3bb23c671876aa9ebcda2f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d8:ab:bb:2a:e5:58:e2:97:ff:e0:93:11:a0:
00:a0:32:8f:5f:59:60:e6:9f:39:4d:49:62:ef:15:
10:8b:2e:48:c1:86:d6:82:b8:92:29:a5:23:5f:9b:
a4:e4:ed:16:d1:92:f9:41:8b:9c:ae:cd:b5:1b:d3:
86:3b:d2:35:24:c0:cd:2c:11:94:0b:79:d1:5d:bf:
06:7a:a8:f8:dd:7a:b1:2c:5d:e2:2f:ba:84:4f:b1:
ad:14:72:03:90:e8:d2:7f:fa:2e:4b:19:ba:77:d7:
aa:e1:07:05:3d:ff:5e:12:76:e1:e4:48:c8:83:c1:
ea:f4:e1:27:64:72:8f:20:9b:57:df:0a:89:cc:13:
bd:af:e9:4b:b8:fd:a3:91:e1:3a:8d:78:4c:fc:02:
cb:9b:26:54:86:9e:2e:98:f7:b8:d1:7f:fb:b8:79:
94:14:cb:ec:0f:48:f0:bd:50:e7:fc:de:74:5d:42:
5b:b2:bf:75:b0:1e:c2:2a:29:b8:81:d6:4d:c2:64:
5b:91:f6:ce:b7:27:5f:3a:3a:4c:ae:64:98:9c:8b:
05:f7:32:c2:6c:cc:c9:7b:61:39:98:a1:44:06:71:
4d:1b:20:6f:02:61:c4:03:91:f7:68:73:b0:d1:a0:
da:44:a9:27:9e:52:0a:9b:1d:b0:63:30:33:e4:2a:
1e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:19:0C:E3:55:C6:83:68:E3:BB:23:C6:71:87:6A:A9:EB:CD:A2:F8
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/9hkM41XGg2jjuyPGcYdqqevNovg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
Signature Algorithm: sha256WithRSAEncryption
69:2f:f8:0f:8d:d7:a6:33:da:9a:37:5f:af:44:13:33:30:57:
a9:d7:ce:7c:68:29:95:d4:a3:b9:33:87:37:7e:82:30:85:2c:
74:be:c3:50:03:50:cf:02:ac:1e:76:86:5d:cf:b9:21:2f:61:
99:c7:62:c6:56:6e:5a:2a:60:b5:22:81:eb:e2:c3:d6:de:da:
90:ef:d5:b7:c9:9e:5f:05:51:05:6c:12:b3:e6:0a:96:e8:ac:
29:20:fe:db:77:c2:e6:96:db:db:7c:f2:8e:cc:67:39:2f:d6:
02:47:10:41:5e:1a:49:9e:7d:11:06:8f:50:de:e5:7e:1d:1b:
6e:89:c7:f2:03:39:cf:55:38:bc:3a:ee:e6:d1:3e:35:e6:f8:
8c:c4:68:83:30:20:91:21:79:50:36:5c:28:a3:75:42:10:56:
43:95:0f:30:80:ff:e2:8e:56:a6:0e:e3:ba:5b:90:08:bd:b7:
86:f4:a8:b3:eb:89:07:2b:8a:3a:ad:ba:75:2d:ef:84:cf:a0:
c2:bf:0a:74:43:99:45:d9:56:c3:95:64:2b:f3:fb:5c:36:52:
38:28:88:0b:09:79:fa:a9:dd:6b:e0:37:41:98:32:63:59:31:
07:86:dd:7e:67:4d:37:50:9c:05:6e:66:fc:2f:6e:72:60:72:
e1:4a:2c:74
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZcSTqsKY0chXZ9/VPh5sJjmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI3MTUxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjE5MGNlMzU1YzY4MzY4ZTNiYjIzYzY3MTg3NmFhOWViY2RhMmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdiruyrlWOKX/+CTEaAAoDKPX1lg
5p85TUli7xUQiy5IwYbWgriSKaUjX5uk5O0W0ZL5QYucrs21G9OGO9I1JMDNLBGU
C3nRXb8Geqj43XqxLF3iL7qET7GtFHIDkOjSf/ouSxm6d9eq4QcFPf9eEnbh5EjI
g8Hq9OEnZHKPIJtX3wqJzBO9r+lLuP2jkeE6jXhM/ALLmyZUhp4umPe40X/7uHmU
FMvsD0jwvVDn/N50XUJbsr91sB7CKim4gdZNwmRbkfbOtydfOjpMrmSYnIsF9zLC
bMzJe2E5mKFEBnFNGyBvAmHEA5H3aHOw0aDaRKknnlIKmx2wYzAz5CoebQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPYZDONVxoNo47sjxnGHaqnrzaL4MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvOWhrTTQxWEdnMmpqdXlQR2NZZHFxZXZOb3ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4wDQYJKoZIhvcNAQELBQADggEB
AGkv+A+N16Yz2po3X69EEzMwV6nXznxoKZXUo7kzhzd+gjCFLHS+w1ADUM8CrB52
hl3PuSEvYZnHYsZWbloqYLUigeviw9be2pDv1bfJnl8FUQVsErPmCpborCkg/tt3
wuaW29t88o7MZzkv1gJHEEFeGkmefREGj1De5X4dG26Jx/IDOc9VOLw67ubRPjXm
+IzEaIMwIJEheVA2XCijdUIQVkOVDzCA/+KOVqYO47pbkAi9t4b0qLPriQcrijqt
unUt74TPoMK/CnRDmUXZVsOVZCvz+1w2UjgoiAsJefqp3WvgN0GYMmNZMQeG3X5n
TTdQnAVuZvwvbnJgcuFKLHQ=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:58:43 2025 by rpki-client