Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/E3DJRUT1ujOleXbneQYXKV1iPi8.roa
File: E3DJRUT1ujOleXbneQYXKV1iPi8.roa (raw, json)
Hash identifier: mzOBv5A0FvAh/fGpIFAXTh6JK7jY3JlKTc7+RpUFvr4=
Subject key identifier: 13:70:C9:45:44:F5:BA:33:A5:79:76:E7:79:06:17:29:5D:62:3E:2F
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01972BD7888CF19F318F86ECC12B84052422
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/E3DJRUT1ujOleXbneQYXKV1iPi8.roa
Signing time: Sun 01 Jun 2025 14:13:54 +0000
ROA not before: Sun 01 Jun 2025 14:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 01 Jun 2025 15:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2b:d7:88:8c:f1:9f:31:8f:86:ec:c1:2b:84:05:24:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 1 14:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1370c94544f5ba33a57976e7790617295d623e2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:07:77:ed:4c:89:1c:fe:1d:26:a7:0c:0c:b3:
6d:74:e4:9c:89:db:2b:f3:13:7f:e2:be:0a:08:15:
62:93:22:98:93:c6:4b:96:e3:51:17:2e:15:5b:29:
bf:68:e8:ad:d5:f5:7a:46:66:28:dd:2a:c3:12:5b:
d8:10:47:f1:18:51:2b:ff:4a:43:18:cf:5d:ab:b7:
26:88:37:0b:67:3b:34:42:c6:c9:01:9e:47:b2:98:
ef:b7:28:fc:e6:06:af:5f:53:79:53:9b:bd:e2:ac:
70:e9:42:7e:86:64:cc:50:df:0d:41:b7:e7:91:a9:
d7:82:48:07:c5:ab:b5:ae:d6:49:a5:d8:f6:5c:b1:
5d:e8:9c:fe:3a:96:11:b4:fc:8f:d8:8c:2a:b2:a9:
e0:02:6f:0d:6c:c3:c8:6c:24:b6:8f:33:33:85:38:
6a:fb:31:19:60:4c:80:95:1e:21:36:22:d0:74:ab:
1b:75:09:fe:7f:13:3d:c0:0c:7c:f9:8f:ae:ee:3d:
20:10:22:58:58:58:b2:a5:8e:b3:2e:ef:9f:1b:21:
92:09:b8:1b:87:c2:b5:da:1a:e3:7d:e2:f3:e3:38:
15:9e:4d:25:87:d4:11:18:f4:0e:ec:bc:e6:75:b7:
8a:21:bd:7f:00:9d:cd:7d:c9:2b:c4:80:2a:e4:a5:
36:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:70:C9:45:44:F5:BA:33:A5:79:76:E7:79:06:17:29:5D:62:3E:2F
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/E3DJRUT1ujOleXbneQYXKV1iPi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
6d:81:09:5a:76:e9:48:da:8a:f8:23:5a:d4:27:99:28:5d:ac:
d1:8a:40:59:40:84:7e:9f:59:7c:88:01:d5:20:c1:5d:37:e9:
cb:c1:d2:c4:7c:96:c8:fb:e8:c1:a2:78:11:7f:ed:f6:3d:70:
cc:5a:b7:2d:6e:bc:a2:a7:c1:58:6e:ba:3d:4b:16:e3:35:c9:
84:1c:20:f7:80:60:df:5f:64:8b:84:54:15:6b:58:44:84:cc:
f0:5e:5f:23:95:0b:cb:48:0d:b5:68:99:0d:dc:d7:9f:9d:d9:
3f:d7:4d:53:61:91:e0:05:b4:5f:26:7a:14:e8:99:a3:f6:13:
68:0d:26:92:99:0a:e7:c8:c8:29:da:33:0b:2f:f7:7a:ff:a6:
56:63:00:fe:e9:f8:0c:db:8d:8d:51:b7:d9:d1:14:79:92:fc:
15:4f:3c:6c:16:11:06:39:95:ae:f1:8d:49:8e:a7:2d:ee:5d:
7f:80:b7:03:ad:fe:38:00:ad:5a:7d:20:44:ac:e5:3f:eb:0c:
e7:87:c0:33:a5:18:ca:90:2d:d4:91:94:96:49:07:32:22:29:
88:ba:06:86:b7:bf:86:4f:a6:08:d9:53:2a:98:4a:b8:d2:5e:
98:4c:56:06:94:4d:a4:f3:a7:2b:dc:d5:fd:17:a0:4e:08:9f:
3f:5d:ca:26
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcr14iM8Z8xj4bswSuEBSQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAxMTQxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzcwYzk0NTQ0ZjViYTMzYTU3OTc2ZTc3OTA2MTcyOTVkNjIzZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwd37UyJHP4dJqcMDLNtdOScidsr
8xN/4r4KCBVikyKYk8ZLluNRFy4VWym/aOit1fV6RmYo3SrDElvYEEfxGFEr/0pD
GM9dq7cmiDcLZzs0QsbJAZ5Hspjvtyj85gavX1N5U5u94qxw6UJ+hmTMUN8NQbfn
kanXgkgHxau1rtZJpdj2XLFd6Jz+OpYRtPyP2IwqsqngAm8NbMPIbCS2jzMzhThq
+zEZYEyAlR4hNiLQdKsbdQn+fxM9wAx8+Y+u7j0gECJYWFiypY6zLu+fGyGSCbgb
h8K12hrjfeLz4zgVnk0lh9QRGPQO7LzmdbeKIb1/AJ3NfckrxIAq5KU2+QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFBNwyUVE9bozpXl253kGFyldYj4vMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvRTNESlJVVDF1ak9sZVhibmVRWVhLVjFpUGk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQBtgQladulI2or4I1rUJ5koXazRikBZQIR+n1l8
iAHVIMFdN+nLwdLEfJbI++jBongRf+32PXDMWrctbryip8FYbro9SxbjNcmEHCD3
gGDfX2SLhFQVa1hEhMzwXl8jlQvLSA21aJkN3Nefndk/101TYZHgBbRfJnoU6Jmj
9hNoDSaSmQrnyMgp2jMLL/d6/6ZWYwD+6fgM242NUbfZ0RR5kvwVTzxsFhEGOZWu
8Y1Jjqct7l1/gLcDrf44AK1afSBErOU/6wznh8AzpRjKkC3UkZSWSQcyIimIugaG
t7+GT6YI2VMqmEq40l6YTFYGlE2k86cr3NX9F6BOCJ8/Xcom
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:55:14 2025 by rpki-client