Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Hf3zDEjoVsc2Sv2tmGHk6B3cdv8.roa
File: Hf3zDEjoVsc2Sv2tmGHk6B3cdv8.roa (raw, json)
Hash identifier: 3L9v0Pr6NNlYpnevm60Hq/pC5H5e2aavg4Wy9s7Tszg=
Subject key identifier: 1D:FD:F3:0C:48:E8:56:C7:36:4A:FD:AD:98:61:E4:E8:1D:DC:76:FF
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01971B89A5873EF6C6B76C691B28F89CC53D
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Hf3zDEjoVsc2Sv2tmGHk6B3cdv8.roa
Signing time: Thu 29 May 2025 10:14:55 +0000
ROA not before: Thu 29 May 2025 10:14:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 29 May 2025 11:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1b:89:a5:87:3e:f6:c6:b7:6c:69:1b:28:f8:9c:c5:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 29 10:14:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dfdf30c48e856c7364afdad9861e4e81ddc76ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:97:ca:51:59:fe:91:cf:e5:24:0f:57:82:9c:
d1:80:b2:5e:f8:05:61:44:62:40:43:4c:7d:a0:4a:
d4:0c:93:3d:6a:15:15:9d:99:41:b7:3f:b5:e0:9b:
07:b8:33:02:1a:4d:25:9b:10:70:12:1d:07:85:9b:
d1:32:99:bb:56:c7:b8:75:0f:6e:9e:0b:75:c9:ab:
ef:d9:bb:c2:56:f7:1a:b0:73:65:66:6b:b1:ba:71:
b3:83:d5:52:f9:21:ed:a3:93:72:93:2c:be:ea:db:
5e:f6:e4:48:0c:c4:96:2a:ca:26:50:74:d9:7b:f4:
a5:26:2d:5f:69:b9:96:9c:ab:39:a5:92:85:65:9b:
7f:38:45:36:04:36:25:0e:c4:23:29:51:1e:65:ea:
1d:f3:0f:c5:12:b0:2a:30:62:8a:f0:9c:a6:35:b3:
00:97:06:69:38:c3:53:88:e6:e9:b6:f5:42:3b:a4:
ac:01:5e:64:3f:62:ee:42:7b:9d:8d:02:cd:88:78:
10:d5:8c:1c:bb:a1:48:4c:cb:d0:ab:d6:2d:a9:e5:
c4:63:ea:41:d5:57:94:61:45:fa:55:d6:7d:07:be:
b9:d5:cc:76:3b:f7:a5:ae:7c:a3:6d:b5:d5:8c:94:
41:e6:ce:5b:64:fd:40:77:61:55:2c:49:9b:ab:b8:
9f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:FD:F3:0C:48:E8:56:C7:36:4A:FD:AD:98:61:E4:E8:1D:DC:76:FF
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Hf3zDEjoVsc2Sv2tmGHk6B3cdv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
46:e9:94:c5:69:c5:92:e3:4e:f3:15:0a:ec:cb:6b:99:53:cd:
76:df:6a:6e:d1:9a:17:cc:e5:42:0a:d7:28:0d:cc:64:e9:b5:
fa:0f:9c:11:2e:61:43:11:09:9e:4b:61:3c:84:6b:3f:fd:06:
2b:76:35:df:78:5b:00:43:1b:2f:a1:4c:1a:da:97:41:8f:05:
ef:16:e6:92:9f:b4:82:05:8b:e5:d7:6b:b7:60:c5:c2:b2:c5:
29:23:57:9a:9b:c3:b9:a8:14:5b:a7:40:85:a7:c2:39:ee:b8:
99:f0:e9:51:97:19:bd:70:8d:e4:e4:9f:c1:78:83:6f:6d:2c:
0f:37:38:bf:9d:74:dd:90:bf:e1:72:f4:3d:01:08:01:2d:8e:
26:b2:55:cd:ed:fa:05:30:24:3c:59:d4:a5:6a:a5:3e:25:18:
a6:90:9a:0d:c5:d2:67:7c:7f:90:a4:6c:8c:37:eb:e0:da:d7:
59:36:64:43:33:02:37:a1:e7:60:b2:60:b6:07:6a:80:45:60:
72:03:8d:20:b4:5a:6d:32:7c:fc:cf:5c:a9:b7:f4:25:f3:98:
d2:cc:bb:ea:c0:82:1b:ca:e5:a5:9b:19:40:ca:aa:2f:97:58:
85:a0:6d:09:10:4d:8d:52:53:ab:8b:82:05:d3:90:2e:dc:0b:
e7:4a:4d:64
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcbiaWHPvbGt2xpGyj4nMU9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI5MTAxNDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGZkZjMwYzQ4ZTg1NmM3MzY0YWZkYWQ5ODYxZTRlODFkZGM3NmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpfKUVn+kc/lJA9XgpzRgLJe+AVh
RGJAQ0x9oErUDJM9ahUVnZlBtz+14JsHuDMCGk0lmxBwEh0HhZvRMpm7Vse4dQ9u
ngt1yavv2bvCVvcasHNlZmuxunGzg9VS+SHto5Nykyy+6tte9uRIDMSWKsomUHTZ
e/SlJi1fabmWnKs5pZKFZZt/OEU2BDYlDsQjKVEeZeod8w/FErAqMGKK8JymNbMA
lwZpOMNTiObptvVCO6SsAV5kP2LuQnudjQLNiHgQ1Ywcu6FITMvQq9YtqeXEY+pB
1VeUYUX6VdZ9B7651cx2O/elrnyjbbXVjJRB5s5bZP1Ad2FVLEmbq7ifzwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFB398wxI6FbHNkr9rZhh5Ogd3Hb/MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvSGYzekRFam9Wc2MyU3YydG1HSGs2QjNjZHY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQBG6ZTFacWS407zFQrsy2uZU81232pu0ZoXzOVC
CtcoDcxk6bX6D5wRLmFDEQmeS2E8hGs//QYrdjXfeFsAQxsvoUwa2pdBjwXvFuaS
n7SCBYvl12u3YMXCssUpI1eam8O5qBRbp0CFp8I57riZ8OlRlxm9cI3k5J/BeINv
bSwPNzi/nXTdkL/hcvQ9AQgBLY4mslXN7foFMCQ8WdSlaqU+JRimkJoNxdJnfH+Q
pGyMN+vg2tdZNmRDMwI3oedgsmC2B2qARWByA40gtFptMnz8z1ypt/Ql85jSzLvq
wIIbyuWlmxlAyqovl1iFoG0JEE2NUlOri4IF05Au3AvnSk1k
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:47:06 2025 by rpki-client