Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/C2MmuJoXWS-yVZSxmX0O5buvnsI.roa
File: C2MmuJoXWS-yVZSxmX0O5buvnsI.roa (raw, json)
Hash identifier: hr8eeJT39XwAVE+ogX2dcLq6DJY2IiOxFu4GcNPURFw=
Subject key identifier: 0B:63:26:B8:9A:17:59:2F:B2:55:94:B1:99:7D:0E:E5:BB:AF:9E:C2
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019738B6DD9B015AC7CA959DC064B1A71297
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/C2MmuJoXWS-yVZSxmX0O5buvnsI.roa
Signing time: Wed 04 Jun 2025 02:13:17 +0000
ROA not before: Wed 04 Jun 2025 02:13:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 04 Jun 2025 03:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:38:b6:dd:9b:01:5a:c7:ca:95:9d:c0:64:b1:a7:12:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 4 02:13:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b6326b89a17592fb25594b1997d0ee5bbaf9ec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8c:08:ac:27:3f:5f:f3:04:a6:88:4a:a1:1a:
d8:4d:95:12:d6:0c:ef:44:d2:ed:34:df:4a:f5:48:
3c:e2:64:a5:a5:22:50:3e:5e:25:9e:32:93:ab:fb:
9a:8c:1c:49:a3:89:de:48:f1:bf:ab:28:f5:6f:54:
e0:00:fb:2e:2c:f8:fa:da:e0:35:df:14:cd:cc:7f:
23:68:b0:54:09:be:50:08:c0:f8:61:2e:0b:9f:07:
dd:dc:7a:c9:74:c3:7b:9c:8b:58:62:dc:82:b1:96:
bf:6e:c5:87:2e:9e:e3:9c:42:45:ec:cf:94:00:e7:
c9:3d:c1:c1:1c:70:4f:d8:6e:60:31:3c:d3:32:c4:
79:2f:c0:a3:f7:dc:23:f3:25:50:b6:ae:52:8e:61:
70:06:52:eb:c2:47:c5:24:d9:51:46:2d:30:e6:2a:
ac:23:a3:e3:f1:98:e6:2b:6f:33:19:b4:af:e1:0f:
fb:a3:88:d1:d8:48:4e:4f:58:4d:8c:28:3b:12:6a:
39:93:45:ea:1c:5c:ec:9d:61:9c:14:4e:6d:0e:49:
d2:ca:88:ec:4d:85:e5:0e:c0:be:c0:22:f8:02:ec:
a3:c2:99:55:51:60:dc:2f:5f:72:e8:48:94:1f:f2:
44:75:87:2d:9a:fd:1a:ba:84:50:4b:0d:52:73:10:
87:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:63:26:B8:9A:17:59:2F:B2:55:94:B1:99:7D:0E:E5:BB:AF:9E:C2
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/C2MmuJoXWS-yVZSxmX0O5buvnsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
09:77:a1:44:9e:d7:db:95:f9:f1:a0:8c:38:c7:09:21:1e:3c:
e5:96:41:9e:c0:c8:5a:f4:1f:c4:a3:82:48:b9:c1:8b:87:0c:
10:87:7a:b0:a4:e3:7d:b1:65:11:29:4c:44:7a:f8:42:bf:b5:
93:88:ef:b1:fa:35:aa:1a:6e:c4:a8:2e:04:72:9c:2b:0a:73:
ed:f9:84:62:a3:5d:a8:67:2f:92:ba:98:b7:0b:f0:df:22:db:
10:83:ce:01:14:e2:37:9a:f4:26:ee:4d:4e:6e:33:78:0d:7c:
a4:04:4b:02:c3:22:2e:cf:a2:84:cc:90:94:c5:49:01:da:cf:
b7:04:df:aa:0e:63:45:1a:99:00:1c:86:0e:19:cc:d8:f4:57:
c1:b5:d5:fb:38:89:89:2e:7a:52:bb:94:0c:f8:7a:03:07:2b:
31:35:90:c1:92:ef:fc:ba:13:41:96:e8:ef:fa:db:1b:d0:ec:
e8:89:63:50:5e:e0:bf:91:7e:25:fd:f4:84:b3:b4:e0:85:97:
ff:24:46:ce:0e:c5:34:40:cf:9c:87:2f:6e:f8:01:15:81:9b:
31:2e:d6:f1:7c:fb:49:cd:13:43:04:1e:6b:ca:16:d5:36:aa:
68:c9:9e:82:d0:69:f2:bc:8a:72:5a:db:44:f7:72:e7:f3:0d:
d0:27:9c:b1
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc4tt2bAVrHypWdwGSxpxKXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA0MDIxMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjYzMjZiODlhMTc1OTJmYjI1NTk0YjE5OTdkMGVlNWJiYWY5ZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIwIrCc/X/MEpohKoRrYTZUS1gzv
RNLtNN9K9Ug84mSlpSJQPl4lnjKTq/uajBxJo4neSPG/qyj1b1TgAPsuLPj62uA1
3xTNzH8jaLBUCb5QCMD4YS4Lnwfd3HrJdMN7nItYYtyCsZa/bsWHLp7jnEJF7M+U
AOfJPcHBHHBP2G5gMTzTMsR5L8Cj99wj8yVQtq5SjmFwBlLrwkfFJNlRRi0w5iqs
I6Pj8ZjmK28zGbSv4Q/7o4jR2EhOT1hNjCg7Emo5k0XqHFzsnWGcFE5tDknSyojs
TYXlDsC+wCL4AuyjwplVUWDcL19y6EiUH/JEdYctmv0auoRQSw1ScxCHxQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFAtjJriaF1kvslWUsZl9DuW7r57CMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvQzJNbXVKb1hXUy15VlpTeG1YME81YnV2bnNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEACXehRJ7X25X5
8aCMOMcJIR485ZZBnsDIWvQfxKOCSLnBi4cMEId6sKTjfbFlESlMRHr4Qr+1k4jv
sfo1qhpuxKguBHKcKwpz7fmEYqNdqGcvkrqYtwvw3yLbEIPOARTiN5r0Ju5NTm4z
eA18pARLAsMiLs+ihMyQlMVJAdrPtwTfqg5jRRqZAByGDhnM2PRXwbXV+ziJiS56
UruUDPh6AwcrMTWQwZLv/LoTQZbo7/rbG9Ds6IljUF7gv5F+Jf30hLO04IWX/yRG
zg7FNEDPnIcvbvgBFYGbMS7W8Xz7Sc0TQwQea8oW1TaqaMmegtBp8ryKclrbRPdy
5/MN0CecsQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:03:44 2025 by rpki-client