Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/D1kg0-apJ6xtc4DfeU3lij6_lG0.roa
File: D1kg0-apJ6xtc4DfeU3lij6_lG0.roa (raw, json)
Hash identifier: gF12Ol6aDcSrv55H6p3kxWCqSksAqEXPkK8hGe2wWKQ=
Subject key identifier: 0F:59:20:D3:E6:A9:27:AC:6D:73:80:DF:79:4D:E5:8A:3E:BF:94:6D
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019732ECA147F0938EC2277C63C26618EBC3
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/D1kg0-apJ6xtc4DfeU3lij6_lG0.roa
Signing time: Mon 02 Jun 2025 23:14:17 +0000
ROA not before: Mon 02 Jun 2025 23:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 03 Jun 2025 00:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:32:ec:a1:47:f0:93:8e:c2:27:7c:63:c2:66:18:eb:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 2 23:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f5920d3e6a927ac6d7380df794de58a3ebf946d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b6:81:63:48:e4:e0:e3:a6:40:98:ee:9d:53:
b2:b6:40:ea:13:0f:8d:52:7f:73:93:e0:17:27:ca:
68:7e:66:6c:cd:9a:09:8e:07:bf:68:75:46:6a:a6:
a9:ab:20:f9:61:22:ca:07:6b:7e:fe:a7:e9:59:81:
2c:aa:27:a2:0e:36:a5:2e:7e:0f:53:c8:f4:b6:59:
93:37:aa:87:ea:5c:ee:1f:61:7d:94:af:ba:c6:9b:
74:84:3b:cb:b1:88:d3:3b:ea:dc:d5:df:f9:03:3c:
d9:85:b0:71:7d:be:8f:ea:b1:62:3d:ee:c2:aa:f9:
1e:fa:81:44:14:6e:15:95:be:03:ff:29:5d:18:08:
0d:f9:d3:bb:ab:64:42:40:e1:85:1e:9f:e1:3b:6f:
40:f0:86:2e:98:4a:ac:79:f3:5a:76:96:43:58:b1:
e0:3d:44:9c:78:6b:70:78:7e:07:13:18:30:98:1e:
71:74:ad:be:4b:d6:65:1d:8b:81:5d:13:22:d2:70:
78:c7:aa:ce:3d:56:54:84:cd:e1:35:9d:3a:ec:e3:
06:d0:db:37:af:01:99:bd:6d:c6:80:71:4f:5d:14:
2d:df:54:67:c4:0c:d5:b5:74:69:b8:fc:d1:a0:fe:
ef:c9:09:f9:da:58:fd:75:93:d1:14:4b:53:e9:8c:
d3:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:59:20:D3:E6:A9:27:AC:6D:73:80:DF:79:4D:E5:8A:3E:BF:94:6D
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/D1kg0-apJ6xtc4DfeU3lij6_lG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
7b:8f:ab:21:73:6f:53:c6:32:fa:32:e7:4d:97:32:3b:be:98:
e3:0d:b3:50:7f:e2:1a:76:02:22:88:d3:1f:e6:81:22:92:e7:
c2:e3:82:8e:e1:b3:85:f0:2f:e9:7c:57:0b:7f:9e:09:65:f9:
6d:79:06:01:c1:62:76:b1:78:fe:35:f6:94:67:95:d3:96:13:
dc:19:8d:81:30:8e:0d:4d:00:19:48:0f:6f:eb:07:74:40:d3:
07:86:ba:f0:e0:f5:9a:da:9c:63:10:92:6e:8b:e6:af:9c:c6:
89:4e:a8:74:34:9d:05:37:b2:8d:4d:45:9b:43:be:e5:db:62:
e3:29:5a:f6:f2:ce:dd:cb:0e:b9:40:9b:12:03:1f:0c:c3:2c:
36:8b:99:1c:91:6c:1a:05:09:29:0d:57:ad:49:eb:32:d6:a5:
dc:c1:10:02:f8:46:65:8e:c2:4d:56:58:03:86:cf:80:bc:23:
4f:62:f8:a7:e5:97:13:c0:2b:6a:42:ff:47:84:fc:9c:0f:68:
c6:da:da:7d:36:1d:43:53:3f:a0:6d:f6:e8:a5:29:8e:47:fb:
4b:b7:3a:ce:70:f0:e8:9c:95:35:04:01:f1:67:d2:a0:01:06:
20:fa:f0:ac:8d:0d:a2:79:c3:84:a4:8a:e1:83:da:1e:aa:b2:
5d:48:16:24
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcy7KFH8JOOwid8Y8JmGOvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAyMjMxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjU5MjBkM2U2YTkyN2FjNmQ3MzgwZGY3OTRkZTU4YTNlYmY5NDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7aBY0jk4OOmQJjunVOytkDqEw+N
Un9zk+AXJ8pofmZszZoJjge/aHVGaqapqyD5YSLKB2t+/qfpWYEsqieiDjalLn4P
U8j0tlmTN6qH6lzuH2F9lK+6xpt0hDvLsYjTO+rc1d/5AzzZhbBxfb6P6rFiPe7C
qvke+oFEFG4Vlb4D/yldGAgN+dO7q2RCQOGFHp/hO29A8IYumEqsefNadpZDWLHg
PUSceGtweH4HExgwmB5xdK2+S9ZlHYuBXRMi0nB4x6rOPVZUhM3hNZ067OMG0Ns3
rwGZvW3GgHFPXRQt31RnxAzVtXRpuPzRoP7vyQn52lj9dZPRFEtT6YzTvQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFA9ZINPmqSesbXOA33lN5Yo+v5RtMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvRDFrZzAtYXBKNnh0YzREZmVVM2xpajZfbEcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQB7j6shc29TxjL6MudNlzI7vpjjDbNQf+IadgIi
iNMf5oEikufC44KO4bOF8C/pfFcLf54JZflteQYBwWJ2sXj+NfaUZ5XTlhPcGY2B
MI4NTQAZSA9v6wd0QNMHhrrw4PWa2pxjEJJui+avnMaJTqh0NJ0FN7KNTUWbQ77l
22LjKVr28s7dyw65QJsSAx8Mwyw2i5kckWwaBQkpDVetSesy1qXcwRAC+EZljsJN
VlgDhs+AvCNPYvin5ZcTwCtqQv9HhPycD2jG2tp9Nh1DUz+gbfbopSmOR/tLtzrO
cPDonJU1BAHxZ9KgAQYg+vCsjQ2iecOEpIrhg9oeqrJdSBYk
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:09:54 2025 by rpki-client