Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/BacKLN0NkOA-Qe2EQk8MFUZ7PAg.roa
File: BacKLN0NkOA-Qe2EQk8MFUZ7PAg.roa (raw, json)
Hash identifier: aOKw96Co3WO8lE7DxribQXXBsq8L+zCh9Ms4LthRD2E=
Subject key identifier: 05:A7:0A:2C:DD:0D:90:E0:3E:41:ED:84:42:4F:0C:15:46:7B:3C:08
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01974603B647E999A963CA1F8F2EB25E1D43
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/BacKLN0NkOA-Qe2EQk8MFUZ7PAg.roa
Signing time: Fri 06 Jun 2025 16:12:17 +0000
ROA not before: Fri 06 Jun 2025 16:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 06 Jun 2025 17:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:46:03:b6:47:e9:99:a9:63:ca:1f:8f:2e:b2:5e:1d:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 6 16:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05a70a2cdd0d90e03e41ed84424f0c15467b3c08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f0:6b:e7:95:ca:30:5b:b1:80:79:f7:e6:92:
1a:45:4f:ac:c6:97:b4:51:c2:4b:8a:8c:da:0d:94:
d3:d6:c2:f7:af:ed:70:e3:0b:06:c9:f4:fd:45:5e:
3e:96:b4:cb:27:c6:8b:53:91:2a:b2:0f:9a:fc:ce:
26:27:06:82:c6:24:2f:ce:ba:4e:5a:74:f4:76:aa:
bf:d9:a7:e2:17:2b:30:dc:b3:fd:78:3a:6d:b5:a6:
bd:74:47:92:3c:a2:43:73:c6:65:f4:a0:96:df:ed:
83:a6:fc:86:26:aa:81:98:58:ef:10:23:f0:d1:fa:
69:f2:8a:52:2e:ac:95:f2:7c:2c:7b:ba:7b:b0:0e:
32:0c:41:c9:ef:14:45:45:bd:7c:62:1b:12:4d:9f:
9b:f5:1d:22:c0:4c:80:0c:ac:04:a1:27:b5:4d:ba:
a7:67:fe:8e:4c:2a:95:2a:b0:43:ec:47:d0:d8:86:
b2:0b:25:ca:9f:93:b4:8e:22:c5:45:ec:89:b2:36:
7f:2e:84:17:38:10:04:88:59:b4:3a:45:a2:ee:82:
5e:81:69:f8:07:b7:52:8b:37:c8:05:83:5a:5b:e5:
6d:5e:55:7b:c6:e6:0f:93:74:d6:0b:50:a4:d9:7a:
61:43:81:a0:4a:bc:d3:9e:65:56:a9:03:f8:9b:68:
b3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A7:0A:2C:DD:0D:90:E0:3E:41:ED:84:42:4F:0C:15:46:7B:3C:08
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/BacKLN0NkOA-Qe2EQk8MFUZ7PAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
4f:84:42:b6:2b:11:19:ec:41:03:8f:3a:33:83:2e:3c:64:24:
64:b5:54:4a:e5:38:e5:cd:7d:70:d2:e2:f5:0f:26:31:fc:e7:
54:2c:db:fe:85:28:a5:61:7c:b4:d6:f9:5c:21:59:ea:98:91:
97:ff:78:87:f9:7b:c1:9f:29:3f:f2:74:5c:7a:56:d9:fa:d0:
1f:62:f1:af:8c:bc:f5:92:96:24:f5:08:5c:35:2a:b9:1f:62:
6e:2c:83:a4:74:38:c5:90:bf:1e:a4:15:81:e6:3b:3f:e0:62:
0b:af:d7:de:59:ad:36:91:35:8e:d4:89:84:f3:c5:ac:20:a0:
bb:07:5f:76:da:c5:df:fc:76:4b:29:a0:aa:f1:a4:64:2e:eb:
64:10:77:ce:55:4c:23:e9:0a:f7:c8:6a:f2:b5:da:e7:b6:fe:
05:0b:1b:bc:63:1a:e1:24:5f:3c:95:68:44:2b:70:dc:f8:ff:
54:eb:b3:df:bf:ad:d4:15:1d:1c:97:5c:0a:db:29:20:d5:61:
b6:a2:62:27:12:15:91:47:49:5b:7d:a3:e7:9d:a0:f8:56:64:
28:1b:bd:bd:5c:f7:ed:37:3e:f3:1f:3c:30:fb:4e:20:d0:b4:
bf:bb:00:a4:19:94:30:6a:d6:70:92:3d:2f:2c:e3:9d:80:d6:
63:05:db:dd
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZdGA7ZH6ZmpY8ofjy6yXh1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA2MTYxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWE3MGEyY2RkMGQ5MGUwM2U0MWVkODQ0MjRmMGMxNTQ2N2IzYzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/Br55XKMFuxgHn35pIaRU+sxpe0
UcJLiozaDZTT1sL3r+1w4wsGyfT9RV4+lrTLJ8aLU5Eqsg+a/M4mJwaCxiQvzrpO
WnT0dqq/2afiFysw3LP9eDpttaa9dEeSPKJDc8Zl9KCW3+2DpvyGJqqBmFjvECPw
0fpp8opSLqyV8nwse7p7sA4yDEHJ7xRFRb18YhsSTZ+b9R0iwEyADKwEoSe1Tbqn
Z/6OTCqVKrBD7EfQ2IayCyXKn5O0jiLFReyJsjZ/LoQXOBAEiFm0OkWi7oJegWn4
B7dSizfIBYNaW+VtXlV7xuYPk3TWC1Ck2XphQ4GgSrzTnmVWqQP4m2izewIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFAWnCizdDZDgPkHthEJPDBVGezwIMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvQmFjS0xOME5rT0EtUWUyRVFrOE1GVVo3UEFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAT4RCtisRGexB
A486M4MuPGQkZLVUSuU45c19cNLi9Q8mMfznVCzb/oUopWF8tNb5XCFZ6piRl/94
h/l7wZ8pP/J0XHpW2frQH2Lxr4y89ZKWJPUIXDUquR9ibiyDpHQ4xZC/HqQVgeY7
P+BiC6/X3lmtNpE1jtSJhPPFrCCguwdfdtrF3/x2SymgqvGkZC7rZBB3zlVMI+kK
98hq8rXa57b+BQsbvGMa4SRfPJVoRCtw3Pj/VOuz37+t1BUdHJdcCtspINVhtqJi
JxIVkUdJW32j552g+FZkKBu9vVz37Tc+8x88MPtOINC0v7sApBmUMGrWcJI9Lyzj
nYDWYwXb3Q==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:47:30 2025 by rpki-client