Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/ElYJ8jE1ZndrVggz7yVPJvdOL4U.roa
File: ElYJ8jE1ZndrVggz7yVPJvdOL4U.roa (raw, json)
Hash identifier: huocUKNiRgJR10Au9ehnWHRvF1+F1iK3iRFEf3KmLz0=
Subject key identifier: 12:56:09:F2:31:35:66:77:6B:56:08:33:EF:25:4F:26:F7:4E:2F:85
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197357DF9BC4B7B0CCADD984B28EE0D7C89
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/ElYJ8jE1ZndrVggz7yVPJvdOL4U.roa
Signing time: Tue 03 Jun 2025 11:12:17 +0000
ROA not before: Tue 03 Jun 2025 11:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 03 Jun 2025 12:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:7d:f9:bc:4b:7b:0c:ca:dd:98:4b:28:ee:0d:7c:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 3 11:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=125609f2313566776b560833ef254f26f74e2f85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:90:c7:40:0f:35:13:14:7a:bb:f1:29:13:52:
07:73:ab:ad:70:f8:a4:f9:11:ff:8f:a3:42:dc:02:
33:3b:d6:7b:e4:ce:b9:d5:33:51:02:d8:f0:7a:23:
ac:79:98:7e:c9:82:02:3e:14:0d:be:cd:35:ff:94:
09:1a:43:e2:4d:ba:94:ea:6d:27:8c:f4:9c:13:a5:
d6:51:7e:45:99:aa:6d:97:5a:1d:64:5d:de:70:db:
73:e6:48:e8:89:5e:68:89:d8:2c:53:9a:cc:ca:59:
33:b5:f3:d3:87:2e:25:97:47:83:ca:7a:7b:b9:6c:
e9:1a:e7:65:98:20:95:5a:bf:b9:a9:62:74:f6:26:
94:c2:f7:99:f5:a0:c3:3f:e3:c9:a8:fd:d2:8f:e5:
69:78:31:d2:76:12:29:46:91:78:ef:a7:26:a5:de:
b6:35:2a:3d:c8:3a:56:ee:90:ef:87:ee:b0:36:b8:
f0:06:49:c2:4c:a7:b5:66:b5:42:50:71:91:6a:74:
0e:cb:e7:ae:09:e6:97:e5:b7:2c:81:c0:0c:36:15:
d4:b2:d8:a4:d9:c5:c1:4b:b4:f7:34:e1:d9:f7:bc:
c3:f8:04:65:00:59:e9:63:ba:6f:b6:54:e5:85:80:
43:47:f8:76:f5:cb:e4:dc:49:ba:3f:8b:38:51:82:
c2:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:56:09:F2:31:35:66:77:6B:56:08:33:EF:25:4F:26:F7:4E:2F:85
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/ElYJ8jE1ZndrVggz7yVPJvdOL4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
2d:2b:27:b5:f0:8b:21:e5:58:81:3b:eb:0b:63:84:aa:4b:d4:
0d:87:72:f7:99:1f:58:ff:7f:f4:d6:6f:51:63:0f:9b:64:ca:
77:d4:eb:ba:bd:fe:ac:23:b0:b3:1f:39:f1:c8:0c:6e:50:97:
38:62:d0:dc:a9:8f:56:9d:4c:ff:36:58:60:a2:9f:6f:a6:b3:
9e:bb:62:93:88:d5:79:17:88:8f:d0:6c:b2:c4:17:ce:ee:e5:
3a:75:0d:ed:13:ab:dc:a2:aa:c8:8a:c1:3e:cc:35:20:6c:d2:
1d:b6:51:84:24:a7:92:57:3d:da:a1:7c:be:9d:86:59:10:1d:
cd:bb:b4:58:46:d4:9f:29:84:46:4b:56:5e:03:68:21:0b:84:
5f:21:5c:08:44:b5:8c:4e:06:7c:cf:56:d4:f8:98:c2:78:48:
6b:53:c3:1c:46:df:50:23:17:04:69:fc:9e:b2:f2:ff:e2:f1:
fa:f8:b6:61:a2:ff:e6:95:e1:81:08:a4:dc:50:d8:44:0d:28:
9f:4d:8f:3b:8a:30:b4:a0:b2:67:61:ae:5a:52:2e:bd:f8:81:
57:26:b2:09:25:d7:8a:e6:46:1e:fc:a7:01:9d:af:cd:7b:99:
ce:c9:41:66:c6:87:d9:cc:48:97:37:ab:dd:0f:47:19:bb:6d:
c5:35:03:16
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc1ffm8S3sMyt2YSyjuDXyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAzMTExMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjU2MDlmMjMxMzU2Njc3NmI1NjA4MzNlZjI1NGYyNmY3NGUyZjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypDHQA81ExR6u/EpE1IHc6utcPik
+RH/j6NC3AIzO9Z75M651TNRAtjweiOseZh+yYICPhQNvs01/5QJGkPiTbqU6m0n
jPScE6XWUX5Fmaptl1odZF3ecNtz5kjoiV5oidgsU5rMylkztfPThy4ll0eDynp7
uWzpGudlmCCVWr+5qWJ09iaUwveZ9aDDP+PJqP3Sj+VpeDHSdhIpRpF476cmpd62
NSo9yDpW7pDvh+6wNrjwBknCTKe1ZrVCUHGRanQOy+euCeaX5bcsgcAMNhXUstik
2cXBS7T3NOHZ97zD+ARlAFnpY7pvtlTlhYBDR/h29cvk3Em6P4s4UYLCrwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFBJWCfIxNWZ3a1YIM+8lTyb3Ti+FMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvRWxZSjhqRTFabmRyVmdnejd5VlBKdmRPTDRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEALSsntfCLIeVY
gTvrC2OEqkvUDYdy95kfWP9/9NZvUWMPm2TKd9Trur3+rCOwsx858cgMblCXOGLQ
3KmPVp1M/zZYYKKfb6aznrtik4jVeReIj9BsssQXzu7lOnUN7ROr3KKqyIrBPsw1
IGzSHbZRhCSnklc92qF8vp2GWRAdzbu0WEbUnymERktWXgNoIQuEXyFcCES1jE4G
fM9W1PiYwnhIa1PDHEbfUCMXBGn8nrLy/+Lx+vi2YaL/5pXhgQik3FDYRA0on02P
O4owtKCyZ2GuWlIuvfiBVyayCSXXiuZGHvynAZ2vzXuZzslBZsaH2cxIlzer3Q9H
GbttxTUDFg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:51:31 2025 by rpki-client