Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/FthCTwCdQKPVGnKsqZEDJNI9Pn8.roa
File: FthCTwCdQKPVGnKsqZEDJNI9Pn8.roa (raw, json)
Hash identifier: Ung2aAFI1xIEkZzZBd12+1rsxEleeJnwKrYE6uUDQz4=
Subject key identifier: 16:D8:42:4F:00:9D:40:A3:D5:1A:72:AC:A9:91:03:24:D2:3D:3E:7F
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01971C64748C4C7B249E173C4D5642F8936E
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/FthCTwCdQKPVGnKsqZEDJNI9Pn8.roa
Signing time: Thu 29 May 2025 14:13:54 +0000
ROA not before: Thu 29 May 2025 14:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 29 May 2025 15:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1c:64:74:8c:4c:7b:24:9e:17:3c:4d:56:42:f8:93:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 29 14:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16d8424f009d40a3d51a72aca9910324d23d3e7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3c:ae:36:ac:11:46:54:2c:a9:18:77:03:cc:
99:eb:fc:c2:b0:44:1b:0b:e3:e1:5f:ae:35:93:a6:
35:9e:06:80:52:b8:4f:a5:c5:47:02:27:10:c1:83:
3a:b0:4f:6f:76:b6:cf:50:54:d5:15:9b:53:08:71:
7f:ec:55:e7:a6:cd:d9:95:bd:79:58:38:05:7e:64:
61:43:7e:a9:ab:07:a7:6d:ec:60:43:98:6c:4a:fb:
e7:66:b8:52:b2:56:9b:4f:08:fe:d9:33:bf:b5:a5:
0c:24:f2:b8:9e:b6:12:ec:a8:fc:85:db:93:32:34:
f0:55:45:3f:d0:1f:c7:8c:10:42:5e:77:77:87:48:
39:c5:37:81:e4:40:c2:f3:d2:d8:32:31:6c:da:e7:
27:2f:9d:14:04:c6:e1:31:04:7d:44:99:ee:b5:ff:
f5:d7:26:d4:ea:66:77:7d:c5:45:3f:69:b7:c0:79:
ee:3a:50:1a:a1:9b:47:07:03:dd:08:4c:78:e1:4e:
88:15:f6:d3:db:a3:e3:4e:de:76:80:3e:62:bc:77:
23:2d:27:59:cd:f8:0d:4e:5e:37:0c:09:fe:ab:77:
0c:e1:ed:e0:0c:76:c1:7f:15:08:ff:30:5a:20:c5:
33:4b:0b:ea:1c:76:97:84:a9:15:9b:00:56:e6:e0:
31:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:D8:42:4F:00:9D:40:A3:D5:1A:72:AC:A9:91:03:24:D2:3D:3E:7F
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/FthCTwCdQKPVGnKsqZEDJNI9Pn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
3c:41:76:60:da:0d:94:ea:c9:ca:37:24:a1:ba:0c:87:89:73:
82:ae:98:97:48:85:78:fc:22:cd:73:62:bd:d6:a8:fb:1b:27:
d4:5f:73:a6:ad:31:d2:b4:d2:db:52:d8:32:c2:7d:7b:98:0b:
24:d7:21:16:51:7d:b0:8e:cd:d1:e8:28:a6:81:cd:7c:78:e6:
16:25:dc:aa:3b:da:04:2a:d3:1e:3c:38:4b:76:b4:c0:9f:bc:
34:05:0b:10:f2:1d:60:4e:3e:90:b4:56:8a:62:83:76:08:21:
8e:71:ca:da:3d:73:94:a3:cc:00:6a:03:df:41:51:8c:b5:51:
6b:5a:b7:c5:53:5a:54:0f:85:a2:2b:83:32:03:4c:40:f5:e1:
80:87:d8:04:7a:0c:72:6d:4b:31:69:25:d4:2c:d5:a6:78:3c:
06:66:14:cf:4f:d9:57:b8:2d:77:1d:60:89:02:c0:a9:cf:6c:
3d:f4:b1:50:cb:e0:1a:8f:9f:e7:92:5f:6b:b6:3e:e3:6f:e9:
f6:26:74:14:61:45:ef:4e:ff:d0:04:37:47:25:f8:49:72:e1:
23:d3:49:d5:0b:88:b4:1d:af:0e:7b:42:e0:88:c9:94:fe:e5:
5f:a0:57:c9:82:4b:10:c7:0d:ef:41:b9:63:a2:42:02:93:be:
ac:09:50:1c
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZccZHSMTHsknhc8TVZC+JNuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI5MTQxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmQ4NDI0ZjAwOWQ0MGEzZDUxYTcyYWNhOTkxMDMyNGQyM2QzZTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzyuNqwRRlQsqRh3A8yZ6/zCsEQb
C+PhX641k6Y1ngaAUrhPpcVHAicQwYM6sE9vdrbPUFTVFZtTCHF/7FXnps3Zlb15
WDgFfmRhQ36pqwenbexgQ5hsSvvnZrhSslabTwj+2TO/taUMJPK4nrYS7Kj8hduT
MjTwVUU/0B/HjBBCXnd3h0g5xTeB5EDC89LYMjFs2ucnL50UBMbhMQR9RJnutf/1
1ybU6mZ3fcVFP2m3wHnuOlAaoZtHBwPdCEx44U6IFfbT26PjTt52gD5ivHcjLSdZ
zfgNTl43DAn+q3cM4e3gDHbBfxUI/zBaIMUzSwvqHHaXhKkVmwBW5uAx0QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFBbYQk8AnUCj1RpyrKmRAyTSPT5/MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvRnRoQ1R3Q2RRS1BWR25Lc3FaRURKTkk5UG44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQA8QXZg2g2U6snKNyShugyHiXOCrpiXSIV4/CLN
c2K91qj7GyfUX3OmrTHStNLbUtgywn17mAsk1yEWUX2wjs3R6Cimgc18eOYWJdyq
O9oEKtMePDhLdrTAn7w0BQsQ8h1gTj6QtFaKYoN2CCGOccraPXOUo8wAagPfQVGM
tVFrWrfFU1pUD4WiK4MyA0xA9eGAh9gEegxybUsxaSXULNWmeDwGZhTPT9lXuC13
HWCJAsCpz2w99LFQy+Aaj5/nkl9rtj7jb+n2JnQUYUXvTv/QBDdHJfhJcuEj00nV
C4i0Ha8Oe0LgiMmU/uVfoFfJgksQxw3vQbljokICk76sCVAc
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:44:04 2025 by rpki-client