Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/AV6zCYhIFkFAahRdOWAVQ3wACow.roa
File: AV6zCYhIFkFAahRdOWAVQ3wACow.roa (raw, json)
Hash identifier: LUGO6DCNVbBn6Q/LBvA3woseCNhJhMuH7YfF2s40Wws=
Subject key identifier: 01:5E:B3:09:88:48:16:41:40:6A:14:5D:39:60:15:43:7C:00:0A:8C
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196FB593E94EBE26F3EFC8EAB3BB0034CE0
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/AV6zCYhIFkFAahRdOWAVQ3wACow.roa
Signing time: Fri 23 May 2025 04:14:12 +0000
ROA not before: Fri 23 May 2025 04:14:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 23 May 2025 05:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fb:59:3e:94:eb:e2:6f:3e:fc:8e:ab:3b:b0:03:4c:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 23 04:14:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=015eb30988481641406a145d396015437c000a8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:35:2d:b5:8c:6e:b3:11:eb:9e:5e:82:59:aa:
e4:80:84:a2:0c:2a:5d:53:3d:bd:7e:1f:26:a0:71:
e9:1b:88:f0:ef:4b:5c:02:11:f1:fd:9d:67:ad:d0:
cf:37:a6:9a:8d:d7:c8:0a:e2:92:7e:76:9a:52:22:
c6:91:2b:46:5f:d3:ef:84:e5:54:33:d7:c4:50:62:
1f:c1:1a:88:90:6e:4e:5f:9e:d0:e9:6e:1c:b7:42:
3d:89:08:59:6d:ec:b3:78:99:d2:b7:a2:19:67:db:
66:c4:53:90:69:cb:b0:9f:43:b3:95:aa:5c:4d:78:
9f:06:21:87:8c:bf:e8:16:1d:dc:62:0c:51:4e:db:
38:d5:1f:97:f5:2b:2d:6c:e1:6e:05:74:8d:99:31:
d9:d3:49:1b:a2:2c:56:92:65:5d:d8:e0:54:04:93:
43:17:9f:68:98:3b:23:38:0c:44:f5:72:68:8c:b3:
30:71:52:0b:d5:10:91:56:94:e7:06:98:cb:24:95:
dd:9b:20:12:6e:9f:42:e5:f6:d5:d9:9c:60:df:67:
41:82:a7:6d:e5:3a:74:9a:ba:31:11:d8:c4:75:b2:
6a:c5:50:27:11:27:59:2c:82:af:56:29:0d:8e:5c:
68:30:65:43:50:55:d6:a7:5d:ce:d0:5f:c1:ea:f1:
54:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:5E:B3:09:88:48:16:41:40:6A:14:5D:39:60:15:43:7C:00:0A:8C
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/AV6zCYhIFkFAahRdOWAVQ3wACow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
c5:59:92:2e:08:a7:c8:92:a7:0d:c9:96:e9:bc:dd:c8:72:f0:
51:74:49:dd:27:56:6b:d5:d7:2a:36:48:4e:c3:ae:5e:7a:93:
3f:ce:27:6b:5e:7b:bf:85:f1:e8:14:b8:70:0e:0a:e0:86:a9:
b2:0c:78:7e:68:07:12:ec:35:09:1d:13:3f:54:f9:91:d1:74:
2d:f0:82:3c:f8:bf:65:16:53:9a:b1:cf:fa:4b:64:33:13:bb:
b7:97:96:4a:4b:97:6b:42:99:7a:30:9f:b8:7d:5e:24:6e:6d:
1d:2f:51:6e:93:37:54:4d:36:5e:17:2b:37:00:67:20:90:c8:
7a:f0:31:3b:f3:49:6a:1e:7f:33:17:97:bb:95:88:56:f7:e9:
fc:59:ae:79:f3:4f:72:8e:08:c1:1c:ec:f7:6c:ef:b2:aa:19:
bd:3d:91:86:f3:5d:56:21:88:12:3a:99:f3:a6:8d:a5:21:0c:
3b:b6:35:75:e7:6b:3c:27:77:01:b3:11:64:0c:dc:f6:ad:f9:
da:62:ef:88:67:b1:30:38:07:84:7b:33:3a:68:e7:b8:dc:af:
27:72:02:31:83:dc:5a:a2:50:53:fa:63:72:f8:94:29:87:20:
3b:be:58:17:00:2f:fd:c3:4e:c0:bb:cf:d1:9b:e1:1c:6a:58:
b3:3c:08:00
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb7WT6U6+JvPvyOqzuwA0zgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIzMDQxNDEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTVlYjMwOTg4NDgxNjQxNDA2YTE0NWQzOTYwMTU0MzdjMDAwYThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDUttYxusxHrnl6CWarkgISiDCpd
Uz29fh8moHHpG4jw70tcAhHx/Z1nrdDPN6aajdfICuKSfnaaUiLGkStGX9PvhOVU
M9fEUGIfwRqIkG5OX57Q6W4ct0I9iQhZbeyzeJnSt6IZZ9tmxFOQacuwn0Ozlapc
TXifBiGHjL/oFh3cYgxRTts41R+X9SstbOFuBXSNmTHZ00kboixWkmVd2OBUBJND
F59omDsjOAxE9XJojLMwcVIL1RCRVpTnBpjLJJXdmyASbp9C5fbV2Zxg32dBgqdt
5Tp0mroxEdjEdbJqxVAnESdZLIKvVikNjlxoMGVDUFXWp13O0F/B6vFU6wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAFeswmISBZBQGoUXTlgFUN8AAqMMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvQVY2ekNZaElGa0ZBYWhSZE9XQVZRM3dBQ293LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAxVmSLginyJKnDcmW6bzdyHLw
UXRJ3SdWa9XXKjZITsOuXnqTP84na157v4Xx6BS4cA4K4Iapsgx4fmgHEuw1CR0T
P1T5kdF0LfCCPPi/ZRZTmrHP+ktkMxO7t5eWSkuXa0KZejCfuH1eJG5tHS9RbpM3
VE02XhcrNwBnIJDIevAxO/NJah5/MxeXu5WIVvfp/FmuefNPco4IwRzs92zvsqoZ
vT2RhvNdViGIEjqZ86aNpSEMO7Y1dedrPCd3AbMRZAzc9q352mLviGexMDgHhHsz
OmjnuNyvJ3ICMYPcWqJQU/pjcviUKYcgO75YFwAv/cNOwLvP0ZvhHGpYszwIAA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:45:22 2025 by rpki-client