Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Fosh7qBkZoLbupLnYnQGAMb2VoY.roa
File: Fosh7qBkZoLbupLnYnQGAMb2VoY.roa (raw, json)
Hash identifier: uI/pDXTomZQis2hfe5JTUukLafDO9bOIT2/Sxi3mUVU=
Subject key identifier: 16:8B:21:EE:A0:64:66:82:DB:BA:92:E7:62:74:06:00:C6:F6:56:86
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01970124230791B9B77C8EA68E44BDEF977B
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Fosh7qBkZoLbupLnYnQGAMb2VoY.roa
Signing time: Sat 24 May 2025 07:13:54 +0000
ROA not before: Sat 24 May 2025 07:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 24 May 2025 08:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:01:24:23:07:91:b9:b7:7c:8e:a6:8e:44:bd:ef:97:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 24 07:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=168b21eea0646682dbba92e762740600c6f65686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:8c:af:b9:2b:6d:4f:6e:3d:c1:42:de:5d:98:
ce:05:ee:56:df:55:09:f8:d0:a4:b5:7d:35:de:47:
d9:36:bc:ea:5c:5c:69:21:24:6d:bc:bf:ac:71:ea:
6d:1a:a5:d2:1f:47:1d:a6:94:75:b9:6b:b4:ed:f7:
ae:b6:61:55:4b:2a:9a:74:c8:17:49:69:ba:4e:ca:
08:b7:4f:d1:61:e6:3d:ad:c5:e3:dd:52:26:46:ec:
9b:a7:29:02:ac:e1:08:01:64:d8:e7:85:32:da:e6:
56:11:3d:b7:75:d7:3a:08:99:cd:fa:3c:de:2f:7b:
e5:f0:42:c8:0f:59:d5:52:5f:25:53:16:b4:22:06:
41:ea:fb:de:65:28:bb:89:1b:39:b2:8d:bb:a2:82:
ff:0e:3b:82:b0:43:20:29:9a:3c:59:88:d0:2a:53:
37:d6:7b:4c:87:5e:6f:36:a1:70:b8:30:63:47:bb:
35:d2:a8:50:7e:d8:94:af:75:1e:45:6c:9f:23:5e:
19:56:0f:ca:98:7c:32:e2:73:ab:43:d5:dd:66:65:
72:4a:52:24:95:1e:a4:d6:c7:f2:0d:af:43:af:fa:
6d:c4:05:a8:08:d4:71:9c:18:35:bf:31:04:d4:8a:
2c:73:85:91:3d:3c:f8:e1:f6:d0:da:c4:b6:80:78:
04:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:8B:21:EE:A0:64:66:82:DB:BA:92:E7:62:74:06:00:C6:F6:56:86
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Fosh7qBkZoLbupLnYnQGAMb2VoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
88:6c:c2:be:f9:5d:50:59:46:de:4f:e3:89:67:56:42:30:c5:
60:d1:66:e4:4f:57:5a:11:b8:75:dc:42:65:ff:44:be:7c:6e:
ca:f7:53:3d:7d:f8:00:3f:74:53:85:6c:39:b6:0b:79:89:c0:
2a:de:e1:6d:74:a4:35:cf:5b:73:84:5b:1b:23:5a:6f:24:7b:
88:87:27:85:59:28:32:fe:e7:07:4f:91:18:eb:8b:ff:35:ea:
95:3b:13:9c:22:f1:e4:aa:90:2c:51:0b:89:3c:bc:f0:6a:2d:
ee:b2:03:5f:5a:04:f9:bc:7d:1d:af:5f:a3:db:42:f3:4a:30:
a1:9c:8e:54:9e:0c:00:47:14:95:23:52:a0:cf:91:48:90:89:
2f:87:4f:31:02:df:ff:9e:59:12:67:02:60:c3:57:af:87:1f:
a8:72:26:ba:02:55:91:94:d5:c4:1f:96:e8:3d:85:95:1a:9b:
0b:74:ac:77:c8:8a:88:f6:ec:14:94:86:1b:41:bd:4f:6a:42:
a6:b7:2c:d4:03:ee:dd:7f:7f:6b:b0:53:47:f0:03:c6:aa:79:
76:d0:5d:57:ed:f2:9b:71:6b:38:fe:97:55:f2:66:cd:b5:e0:
d2:82:ec:ad:5a:d1:9f:d6:1e:11:75:bc:ad:f1:f1:f8:a7:1e:
5b:aa:aa:24
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZcBJCMHkbm3fI6mjkS975d7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI0MDcxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjhiMjFlZWEwNjQ2NjgyZGJiYTkyZTc2Mjc0MDYwMGM2ZjY1Njg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7IyvuSttT249wULeXZjOBe5W31UJ
+NCktX013kfZNrzqXFxpISRtvL+sceptGqXSH0cdppR1uWu07feutmFVSyqadMgX
SWm6TsoIt0/RYeY9rcXj3VImRuybpykCrOEIAWTY54Uy2uZWET23ddc6CJnN+jze
L3vl8ELID1nVUl8lUxa0IgZB6vveZSi7iRs5so27ooL/DjuCsEMgKZo8WYjQKlM3
1ntMh15vNqFwuDBjR7s10qhQftiUr3UeRWyfI14ZVg/KmHwy4nOrQ9XdZmVySlIk
lR6k1sfyDa9Dr/ptxAWoCNRxnBg1vzEE1Iosc4WRPTz44fbQ2sS2gHgEawIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFBaLIe6gZGaC27qS52J0BgDG9laGMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvRm9zaDdxQmtab0xidXBMblluUUdBTWIyVm9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAiGzCvvldUFlG3k/jiWdWQjDF
YNFm5E9XWhG4ddxCZf9EvnxuyvdTPX34AD90U4VsObYLeYnAKt7hbXSkNc9bc4Rb
GyNabyR7iIcnhVkoMv7nB0+RGOuL/zXqlTsTnCLx5KqQLFELiTy88Got7rIDX1oE
+bx9Ha9fo9tC80owoZyOVJ4MAEcUlSNSoM+RSJCJL4dPMQLf/55ZEmcCYMNXr4cf
qHImugJVkZTVxB+W6D2FlRqbC3Ssd8iKiPbsFJSGG0G9T2pCprcs1APu3X9/a7BT
R/ADxqp5dtBdV+3ym3FrOP6XVfJmzbXg0oLsrVrRn9YeEXW8rfHx+KceW6qqJA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:03:35 2025 by rpki-client