Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/CT7rzWn2AV7uxgWNtNfl6X3l850.roa
File: CT7rzWn2AV7uxgWNtNfl6X3l850.roa (raw, json)
Hash identifier: tggAJUQJxQhnTLA7VhKYZFtsqyMdQUguhI9pdz1lcn8=
Subject key identifier: 09:3E:EB:CD:69:F6:01:5E:EE:C6:05:8D:B4:D7:E5:E9:7D:E5:F3:9D
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019718F58C01C22D325653F71A2DAAF1D4A8
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/CT7rzWn2AV7uxgWNtNfl6X3l850.roa
Signing time: Wed 28 May 2025 22:13:54 +0000
ROA not before: Wed 28 May 2025 22:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 28 May 2025 23:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:18:f5:8c:01:c2:2d:32:56:53:f7:1a:2d:aa:f1:d4:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 28 22:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=093eebcd69f6015eeec6058db4d7e5e97de5f39d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:81:f6:8e:63:7b:8f:56:96:fb:60:92:25:31:
59:6a:36:89:88:d8:bd:68:b8:15:26:ef:68:b3:ca:
0b:6e:01:c0:5a:aa:e7:3d:6f:9b:f5:55:ae:be:d9:
68:07:b7:49:da:be:1b:02:ce:a6:06:cd:36:b6:15:
10:7a:09:f7:f8:88:ef:27:02:b1:38:11:77:81:13:
3d:31:cf:51:e5:24:c1:4b:e9:0d:93:95:b0:5a:61:
04:0e:ad:40:4a:e6:6e:cb:b6:59:c2:e3:2e:6a:38:
b3:b8:6d:06:16:a7:7d:96:16:91:a8:a9:c8:73:5f:
d4:f0:a0:d5:d4:76:3f:62:4e:e3:4f:db:6c:cc:41:
21:86:e2:7a:fd:01:50:22:2e:2b:c8:e4:07:15:f5:
bd:2d:d8:5d:80:ec:48:71:6b:40:d4:d1:6a:71:0b:
12:44:8e:34:8e:01:51:87:32:a4:36:54:e0:ae:ec:
0f:eb:b0:76:44:08:a5:57:68:2a:b5:ea:3b:ee:ba:
7d:7a:a6:ea:39:1f:c8:e6:a3:e0:4c:7b:85:a8:93:
dc:0e:f0:b2:55:71:36:a8:d9:e2:67:84:c7:b8:96:
bc:91:ac:77:96:81:e0:d8:66:14:1b:88:2d:75:c4:
15:09:d0:d4:72:96:39:03:eb:43:f1:64:c8:49:76:
fd:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:3E:EB:CD:69:F6:01:5E:EE:C6:05:8D:B4:D7:E5:E9:7D:E5:F3:9D
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/CT7rzWn2AV7uxgWNtNfl6X3l850.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
2e:2f:78:64:2d:5c:bd:de:5b:54:c5:0c:91:a3:a2:92:89:c9:
8e:90:22:45:d9:f9:dd:af:f9:12:8d:e3:9a:28:a7:ea:b3:79:
cd:43:36:93:74:61:72:58:b0:5b:34:1a:32:82:c9:ce:78:76:
d2:ee:98:81:33:65:97:76:8d:15:0b:f6:89:c5:fa:52:9d:9d:
16:ba:53:3d:79:77:f5:a3:f1:d9:f1:8e:83:3a:2f:66:9f:e9:
c1:bd:42:8e:ea:2c:94:da:d8:aa:4f:10:82:3e:68:04:d9:e0:
29:b8:4c:20:06:9c:6a:80:dd:37:2b:4e:83:08:d1:67:86:3c:
15:6a:b3:8d:e5:05:e6:cd:99:5a:60:7b:67:90:c3:c7:60:dc:
a4:f8:bf:e2:e9:7a:2b:50:eb:c2:d5:a9:87:b9:d7:45:71:7e:
d3:18:31:07:d9:0a:81:df:2f:43:3d:d3:8d:1e:ba:1a:c1:89:
bd:da:d0:8a:7f:5c:76:26:9f:a7:87:de:a1:7e:2e:b3:3f:aa:
5e:83:98:f0:c0:b8:2d:b9:7f:a0:3e:a6:a5:c8:e9:fb:60:9b:
4f:d2:ef:5b:95:c8:79:ed:86:ab:51:c2:59:ed:48:ac:21:d8:
d3:c3:64:25:47:4a:84:74:d4:4b:41:49:e8:da:55:9e:2c:d9:
1f:ce:a0:7d
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcY9YwBwi0yVlP3Gi2q8dSoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI4MjIxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTNlZWJjZDY5ZjYwMTVlZWVjNjA1OGRiNGQ3ZTVlOTdkZTVmMzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIH2jmN7j1aW+2CSJTFZajaJiNi9
aLgVJu9os8oLbgHAWqrnPW+b9VWuvtloB7dJ2r4bAs6mBs02thUQegn3+IjvJwKx
OBF3gRM9Mc9R5STBS+kNk5WwWmEEDq1ASuZuy7ZZwuMuajizuG0GFqd9lhaRqKnI
c1/U8KDV1HY/Yk7jT9tszEEhhuJ6/QFQIi4ryOQHFfW9LdhdgOxIcWtA1NFqcQsS
RI40jgFRhzKkNlTgruwP67B2RAilV2gqteo77rp9eqbqOR/I5qPgTHuFqJPcDvCy
VXE2qNniZ4THuJa8kax3loHg2GYUG4gtdcQVCdDUcpY5A+tD8WTISXb9wwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFAk+681p9gFe7sYFjbTX5el95fOdMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvQ1Q3cnpXbjJBVjd1eGdXTnROZmw2WDNsODUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQAuL3hkLVy93ltUxQyRo6KSicmOkCJF2fndr/kS
jeOaKKfqs3nNQzaTdGFyWLBbNBoygsnOeHbS7piBM2WXdo0VC/aJxfpSnZ0WulM9
eXf1o/HZ8Y6DOi9mn+nBvUKO6iyU2tiqTxCCPmgE2eApuEwgBpxqgN03K06DCNFn
hjwVarON5QXmzZlaYHtnkMPHYNyk+L/i6XorUOvC1amHuddFcX7TGDEH2QqB3y9D
PdONHroawYm92tCKf1x2Jp+nh96hfi6zP6peg5jwwLgtuX+gPqalyOn7YJtP0u9b
lch57YarUcJZ7UisIdjTw2QlR0qEdNRLQUno2lWeLNkfzqB9
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:44:11 2025 by rpki-client