Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/I5lxcUaIsAsli5oxNFS0_LZJ5e0.roa
File: I5lxcUaIsAsli5oxNFS0_LZJ5e0.roa (raw, json)
Hash identifier: KBrw3rMRUSVg4fitIa9jNFosavDKtoBG1TwMDSVhtFs=
Subject key identifier: 23:99:71:71:46:88:B0:0B:25:8B:9A:31:34:54:B4:FC:B6:49:E5:ED
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196F7B4F9493ACD87C912477942E9C47F4C
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/I5lxcUaIsAsli5oxNFS0_LZJ5e0.roa
Signing time: Thu 22 May 2025 11:15:54 +0000
ROA not before: Thu 22 May 2025 11:15:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 22 May 2025 12:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f7:b4:f9:49:3a:cd:87:c9:12:47:79:42:e9:c4:7f:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 22 11:15:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=239971714688b00b258b9a313454b4fcb649e5ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:08:d3:d0:ff:cd:c2:c7:31:1c:1d:40:20:79:
59:91:fd:b1:3a:88:1b:0f:ff:72:3d:19:46:f3:cc:
bb:6a:8f:46:0e:73:f1:da:1c:11:93:be:27:6f:ac:
78:fc:af:2f:14:b4:8f:52:a3:2b:5f:3e:4a:d1:96:
c6:20:44:f0:ea:3d:45:8d:74:a0:ff:83:eb:9e:f6:
57:4a:f0:ee:37:a4:ea:9a:be:bf:4b:02:ed:b8:48:
98:39:1f:ef:ac:43:07:5d:2f:06:2b:ae:c0:da:10:
61:d0:ca:2b:25:e8:6b:34:7e:b5:47:ad:9e:8e:62:
d8:b6:64:ed:83:75:50:63:53:0b:4e:08:2b:2b:27:
a2:a9:67:60:f9:71:a3:8f:06:02:2c:e5:8d:c0:08:
fd:ac:67:db:06:1d:25:5a:3f:83:14:81:d4:51:c1:
40:a6:1a:a6:87:e7:8d:98:f9:ad:37:be:dc:f7:5e:
d6:bf:f7:ff:ba:b6:6e:4d:15:39:cd:2b:12:e7:8f:
21:a8:8e:57:e2:e3:23:e2:ce:28:18:79:af:0b:d9:
34:4e:fb:ba:d3:55:7d:ee:05:b3:b9:d0:c3:f3:e3:
c8:3a:ba:e7:7e:e8:4e:80:61:98:22:fd:ba:e0:54:
b5:f3:bc:e5:f6:2e:ba:76:cb:f2:a3:48:e8:ef:84:
e4:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:99:71:71:46:88:B0:0B:25:8B:9A:31:34:54:B4:FC:B6:49:E5:ED
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/I5lxcUaIsAsli5oxNFS0_LZJ5e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
23:34:f0:ef:01:09:f0:28:d7:a4:a3:69:9d:cd:98:29:48:e8:
f6:eb:8c:d5:68:c3:82:03:e5:49:a0:c5:1c:6d:7c:4d:63:31:
fa:13:58:64:ca:d0:61:fa:0e:42:18:9a:ea:0e:0d:a4:47:37:
9a:0b:7a:ce:6c:a5:a0:1b:72:f5:cc:dd:76:6e:ab:bf:3c:eb:
27:c0:04:a3:55:66:8b:d9:e2:ba:65:90:02:41:ad:eb:80:bc:
0e:90:46:aa:d0:1f:fd:62:11:f6:cf:09:bc:16:43:be:b4:c4:
98:c6:b5:1f:a5:e0:2a:ec:86:55:26:01:0b:ab:be:31:17:fe:
a7:e0:04:49:92:3a:4f:c9:62:a1:4a:ae:e7:53:ae:47:19:2b:
a3:a5:f3:72:cb:42:c2:23:6a:e5:af:0d:09:25:a8:85:9f:c3:
63:24:a9:67:a2:5e:ea:58:6e:cc:d7:e9:a4:83:c5:20:aa:7f:
ad:64:cd:13:42:b1:1c:44:0e:83:0c:f0:8e:e4:a9:ce:99:b3:
9a:a7:58:ee:d5:14:1a:67:e9:d7:53:22:c6:71:2f:57:a5:83:
e9:9e:a0:c4:b5:0d:a7:43:21:5d:fb:36:de:ef:3c:f7:8c:85:
48:52:92:a0:ac:07:ae:b7:5b:b0:d3:55:59:33:28:6b:01:00:
c2:f8:cc:9e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb3tPlJOs2HyRJHeULpxH9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIyMTExNTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzk5NzE3MTQ2ODhiMDBiMjU4YjlhMzEzNDU0YjRmY2I2NDllNWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQjT0P/NwscxHB1AIHlZkf2xOogb
D/9yPRlG88y7ao9GDnPx2hwRk74nb6x4/K8vFLSPUqMrXz5K0ZbGIETw6j1FjXSg
/4PrnvZXSvDuN6Tqmr6/SwLtuEiYOR/vrEMHXS8GK67A2hBh0MorJehrNH61R62e
jmLYtmTtg3VQY1MLTggrKyeiqWdg+XGjjwYCLOWNwAj9rGfbBh0lWj+DFIHUUcFA
phqmh+eNmPmtN77c917Wv/f/urZuTRU5zSsS548hqI5X4uMj4s4oGHmvC9k0Tvu6
01V97gWzudDD8+PIOrrnfuhOgGGYIv264FS187zl9i66dsvyo0jo74TklwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCOZcXFGiLALJYuaMTRUtPy2SeXtMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvSTVseGNVYUlzQXNsaTVveE5GUzBfTFpKNWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAIzTw7wEJ8CjXpKNpnc2YKUjo
9uuM1WjDggPlSaDFHG18TWMx+hNYZMrQYfoOQhia6g4NpEc3mgt6zmyloBty9czd
dm6rvzzrJ8AEo1Vmi9niumWQAkGt64C8DpBGqtAf/WIR9s8JvBZDvrTEmMa1H6Xg
KuyGVSYBC6u+MRf+p+AESZI6T8lioUqu51OuRxkro6XzcstCwiNq5a8NCSWohZ/D
YySpZ6Je6lhuzNfppIPFIKp/rWTNE0KxHEQOgwzwjuSpzpmzmqdY7tUUGmfp11Mi
xnEvV6WD6Z6gxLUNp0MhXfs23u8894yFSFKSoKwHrrdbsNNVWTMoawEAwvjMng==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:46:17 2025 by rpki-client