Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/F7D8vxXrISvvnohQKSZtbQyc3Lk.roa
File: F7D8vxXrISvvnohQKSZtbQyc3Lk.roa (raw, json)
Hash identifier: UN3H0IvWHKfV7m5vTFS+Ss1sP3wTpNnGGnoEHTqSHXo=
Subject key identifier: 17:B0:FC:BF:15:EB:21:2B:EF:9E:88:50:29:26:6D:6D:0C:9C:DC:B9
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196496DBC9657F8D77B0F96353EB8BB5BC8
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/F7D8vxXrISvvnohQKSZtbQyc3Lk.roa
Signing time: Fri 18 Apr 2025 15:04:10 +0000
ROA not before: Fri 18 Apr 2025 15:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:496d:b5b9/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 18 Apr 2025 15:16:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:49:6d:bc:96:57:f8:d7:7b:0f:96:35:3e:b8:bb:5b:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 18 15:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17b0fcbf15eb212bef9e885029266d6d0c9cdcb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:21:5b:10:bf:1e:2d:e7:4b:bf:9c:cb:d7:46:
e5:59:a7:6d:db:6a:17:d4:7c:10:db:3b:4d:79:cb:
4d:c4:36:c4:bb:0c:5e:d0:4c:c4:8b:35:ff:33:24:
32:e5:c1:cf:1e:e3:41:7f:87:c0:c3:29:0c:cf:52:
d6:1b:06:10:c8:c3:52:e8:1b:d3:5a:ed:cc:c8:a4:
d7:75:d0:4c:cd:0d:b4:30:f1:05:43:33:14:2d:e5:
e8:a0:07:21:4b:78:be:2f:0f:e7:bc:77:f0:86:a9:
62:1b:2d:1b:79:35:7a:2c:5f:73:68:58:2b:a4:ee:
66:13:83:b8:4b:15:07:96:8f:83:2b:3e:0e:52:73:
0a:ca:f1:49:5b:da:48:ec:38:70:7f:a9:9c:9e:1a:
b8:3b:55:ba:92:e3:32:81:60:fb:15:dd:a5:3d:10:
e0:b9:12:96:1e:22:c6:bc:e8:02:1c:4b:5c:29:4b:
b6:4d:59:3a:f1:59:75:4c:42:61:c8:27:1e:08:9d:
b5:f5:8e:36:ed:67:40:a9:2e:b2:a3:ab:a5:0e:bb:
38:09:e2:6e:bf:fc:56:57:fc:ff:7b:e0:a3:19:b8:
18:3d:63:f2:25:3d:43:66:11:5e:68:cb:35:66:26:
02:e4:61:4f:5d:06:68:bc:69:21:cc:d8:70:0a:19:
12:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B0:FC:BF:15:EB:21:2B:EF:9E:88:50:29:26:6D:6D:0C:9C:DC:B9
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/F7D8vxXrISvvnohQKSZtbQyc3Lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:496d:b5b9/128
Signature Algorithm: sha256WithRSAEncryption
8f:d6:a7:10:ad:13:4c:b3:d6:be:c5:0c:fd:a4:3b:8e:2d:4e:
6d:f9:a6:97:ec:bf:0d:12:ce:62:73:91:3e:b9:f6:ff:c3:2d:
c2:3a:89:f4:fe:26:62:7a:22:6f:db:40:14:a8:8f:0f:95:20:
94:2c:ef:96:a9:d1:d3:1c:db:04:c1:70:79:57:a8:9c:79:cf:
14:22:c7:9a:24:89:5b:91:cf:84:a3:1f:8f:be:c8:a2:e5:26:
15:c6:2f:4f:f7:f2:fe:6d:4c:12:e4:47:5b:60:c6:1d:8f:bb:
de:f7:b6:eb:92:b3:52:23:9c:22:4e:f4:07:f0:70:d2:00:f9:
1a:ae:2a:41:7b:76:6f:d9:37:ab:a4:12:ec:2f:b0:0f:0b:f4:
33:62:7f:b0:23:91:39:8f:1a:67:53:96:3e:51:fa:22:1e:cf:
8e:f3:5f:48:fb:c9:74:84:ef:ab:ce:1a:aa:b9:bc:83:81:8a:
6b:56:79:98:c1:67:50:08:6a:c0:23:fa:fb:64:3a:8e:9e:b2:
0d:39:48:51:62:35:3e:54:26:01:56:c3:61:37:26:e3:75:9d:
79:fb:b2:ae:26:7f:79:37:d8:3a:1a:be:9c:16:50:71:95:2e:
48:2a:4d:3b:ca:06:87:fb:c4:a2:d2:18:aa:cc:ed:27:5d:26:
06:0a:78:94
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZZJbbyWV/jXew+WNT64u1vIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDE4MTUwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2IwZmNiZjE1ZWIyMTJiZWY5ZTg4NTAyOTI2NmQ2ZDBjOWNkY2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyFbEL8eLedLv5zL10blWadt22oX
1HwQ2ztNectNxDbEuwxe0EzEizX/MyQy5cHPHuNBf4fAwykMz1LWGwYQyMNS6BvT
Wu3MyKTXddBMzQ20MPEFQzMULeXooAchS3i+Lw/nvHfwhqliGy0beTV6LF9zaFgr
pO5mE4O4SxUHlo+DKz4OUnMKyvFJW9pI7Dhwf6mcnhq4O1W6kuMygWD7Fd2lPRDg
uRKWHiLGvOgCHEtcKUu2TVk68Vl1TEJhyCceCJ219Y427WdAqS6yo6ulDrs4CeJu
v/xWV/z/e+CjGbgYPWPyJT1DZhFeaMs1ZiYC5GFPXQZovGkhzNhwChkS1QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFBew/L8V6yEr756IUCkmbW0MnNy5MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvRjdEOHZ4WHJJU3Z2bm9oUUtTWnRiUXljM0xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWSW21uTANBgkqhkiG9w0BAQsFAAOCAQEAj9anEK0TTLPWvsUM/aQ7ji1O
bfmml+y/DRLOYnORPrn2/8MtwjqJ9P4mYnoib9tAFKiPD5UglCzvlqnR0xzbBMFw
eVeonHnPFCLHmiSJW5HPhKMfj77IouUmFcYvT/fy/m1MEuRHW2DGHY+73ve265Kz
UiOcIk70B/Bw0gD5Gq4qQXt2b9k3q6QS7C+wDwv0M2J/sCOROY8aZ1OWPlH6Ih7P
jvNfSPvJdITvq84aqrm8g4GKa1Z5mMFnUAhqwCP6+2Q6jp6yDTlIUWI1PlQmAVbD
YTcm43WdefuyriZ/eTfYOhq+nBZQcZUuSCpNO8oGh/vEotIYqsztJ10mBgp4lA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:50:54 2025 by rpki-client