Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/9p7_2YpSoOx8_J0YA_jKVVtCM6o.roa
File: 9p7_2YpSoOx8_J0YA_jKVVtCM6o.roa (raw, json)
Hash identifier: lEl8FV9qL2qrnf9a2JZrSKJOS0UP0ptAin2v6CLwT0A=
Subject key identifier: F6:9E:FF:D9:8A:52:A0:EC:7C:FC:9D:18:03:F8:CA:55:5B:42:33:AA
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01973BAFAC7E966BDF3C7CF10C14D6F0E4F0
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/9p7_2YpSoOx8_J0YA_jKVVtCM6o.roa
Signing time: Wed 04 Jun 2025 16:04:18 +0000
ROA not before: Wed 04 Jun 2025 16:04:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
2001:67c:64:ffff:0:197:3baf:73f9/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 04 Jun 2025 16:12:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3b:af:ac:7e:96:6b:df:3c:7c:f1:0c:14:d6:f0:e4:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 4 16:04:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f69effd98a52a0ec7cfc9d1803f8ca555b4233aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:14:75:b4:e7:09:dc:70:ee:4f:96:a4:9c:16:
01:31:46:ef:20:33:c0:cb:9a:5c:ea:b6:86:3d:2f:
d8:b0:4f:0c:12:25:bf:8d:c8:de:a8:c7:92:64:fa:
52:6c:7c:87:6c:97:7b:e5:55:bf:70:ef:69:50:f3:
d0:35:6c:56:3c:e4:9f:88:a7:ad:be:94:7c:1c:52:
64:db:50:65:06:26:f0:5b:79:50:77:ef:a2:59:b5:
f8:3e:1d:43:69:40:c7:49:0f:cb:72:c0:de:a9:b4:
be:03:81:c1:2e:2d:a3:fc:22:2b:9b:85:c6:f5:83:
bd:10:66:16:72:c7:f4:02:72:ed:cd:29:cd:0b:28:
89:48:16:55:ed:8b:d1:4f:8c:2f:34:8d:ca:91:8c:
04:e0:9a:50:51:9e:3f:c1:b3:91:50:7f:39:95:5a:
01:b3:ad:6a:47:43:1a:75:4e:05:8f:48:68:3c:c0:
ef:16:f1:7d:00:15:f3:16:d0:cb:1d:f3:44:c2:a6:
79:a2:56:b8:16:af:95:13:25:13:5f:26:a1:76:e8:
8c:30:bd:71:b2:15:b4:51:ed:01:a0:be:87:bd:5d:
e6:39:19:29:84:fa:10:7a:13:45:3f:ea:c2:16:5a:
c8:16:d1:eb:86:2c:77:9f:2b:42:19:99:b5:dc:e4:
1f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:9E:FF:D9:8A:52:A0:EC:7C:FC:9D:18:03:F8:CA:55:5B:42:33:AA
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/9p7_2YpSoOx8_J0YA_jKVVtCM6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
2001:67c:64:ffff:0:197:3baf:73f9/128
Signature Algorithm: sha256WithRSAEncryption
7e:ff:24:ee:0f:31:72:87:6f:1b:ed:d8:c4:7b:35:66:dc:6d:
4c:fc:89:fe:fe:96:2f:4b:a3:b4:af:1e:83:a9:52:84:28:be:
0a:27:bd:35:3e:54:d5:ec:d9:bd:9b:e0:42:ef:40:8e:d4:90:
9d:e4:f5:d3:82:63:05:04:6f:25:7c:3e:09:5a:5f:39:f9:e0:
da:49:22:0e:0d:0d:bd:3d:42:97:85:aa:72:bd:12:a4:54:84:
7c:cc:02:57:08:43:75:5a:a4:1b:1f:99:7b:c4:3d:2a:68:0b:
56:a3:f7:de:d6:58:dd:a8:0f:2e:a5:cf:62:68:ec:d7:9d:9c:
83:89:39:2b:cf:c9:b6:25:67:b6:88:6b:06:1b:a2:3c:6e:62:
6c:ee:2a:52:01:9b:d5:40:88:99:93:f3:8b:ec:6c:0f:ab:3e:
da:d9:6d:68:7c:87:74:e1:2b:cc:30:e8:c3:11:4f:91:88:62:
52:52:d2:8f:9c:16:2c:61:5b:4c:85:1d:a0:ec:a4:01:b7:3a:
63:65:6c:ad:e2:db:5a:8d:71:e6:e3:2a:24:34:70:af:1d:a8:
20:13:b6:00:01:a7:c4:17:ad:57:be:93:0a:0d:79:a8:ab:8c:
f0:20:da:80:9e:85:34:59:7b:d1:da:af:31:b4:b4:5b:f9:26:
94:4f:62:b5
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZc7r6x+lmvfPHzxDBTW8OTwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA0MTYwNDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjllZmZkOThhNTJhMGVjN2NmYzlkMTgwM2Y4Y2E1NTViNDIzM2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxR1tOcJ3HDuT5aknBYBMUbvIDPA
y5pc6raGPS/YsE8MEiW/jcjeqMeSZPpSbHyHbJd75VW/cO9pUPPQNWxWPOSfiKet
vpR8HFJk21BlBibwW3lQd++iWbX4Ph1DaUDHSQ/LcsDeqbS+A4HBLi2j/CIrm4XG
9YO9EGYWcsf0AnLtzSnNCyiJSBZV7YvRT4wvNI3KkYwE4JpQUZ4/wbORUH85lVoB
s61qR0MadU4Fj0hoPMDvFvF9ABXzFtDLHfNEwqZ5ola4Fq+VEyUTXyahduiMML1x
shW0Ue0BoL6HvV3mORkphPoQehNFP+rCFlrIFtHrhix3nytCGZm13OQffwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFPae/9mKUqDsfPydGAP4ylVbQjOqMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvOXA3XzJZcFNvT3g4X0owWUFfaktWVnRDTTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBlBAIAAjBfAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kQMRACABBnwAZP//AAABlzuvc/kwDQYJKoZIhvcN
AQELBQADggEBAH7/JO4PMXKHbxvt2MR7NWbcbUz8if7+li9Lo7SvHoOpUoQovgon
vTU+VNXs2b2b4ELvQI7UkJ3k9dOCYwUEbyV8PglaXzn54NpJIg4NDb09QpeFqnK9
EqRUhHzMAlcIQ3VapBsfmXvEPSpoC1aj997WWN2oDy6lz2Jo7NednIOJOSvPybYl
Z7aIawYbojxuYmzuKlIBm9VAiJmT84vsbA+rPtrZbWh8h3ThK8ww6MMRT5GIYlJS
0o+cFixhW0yFHaDspAG3OmNlbK3i21qNcebjKiQ0cK8dqCATtgABp8QXrVe+kwoN
eairjPAg2oCehTRZe9HarzG0tFv5JpRPYrU=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:43:34 2025 by rpki-client