Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Ic5G8hPEQ6jxgHHmJ1HCLrObcW4.roa
File: Ic5G8hPEQ6jxgHHmJ1HCLrObcW4.roa (raw, json)
Hash identifier: SKUJgU1/97HgsVBdKT0gKLkwri8m1tzVxApTPTiEITE=
Subject key identifier: 21:CE:46:F2:13:C4:43:A8:F1:80:71:E6:27:51:C2:2E:B3:9B:71:6E
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197444E1758D718EE449E199859D517F4BC
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Ic5G8hPEQ6jxgHHmJ1HCLrObcW4.roa
Signing time: Fri 06 Jun 2025 08:14:17 +0000
ROA not before: Fri 06 Jun 2025 08:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 06 Jun 2025 09:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:44:4e:17:58:d7:18:ee:44:9e:19:98:59:d5:17:f4:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 6 08:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21ce46f213c443a8f18071e62751c22eb39b716e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b0:cf:0e:be:ce:13:00:a1:da:4c:ab:fd:86:
b3:b3:02:e6:6a:e6:da:a4:c6:11:d2:ca:0b:82:d2:
5f:79:32:3d:0f:95:fe:9f:63:42:e7:0e:7b:94:df:
15:73:dc:52:95:b5:8d:4b:7d:88:8d:79:31:c8:6a:
7f:c1:63:51:ef:62:6c:df:f2:ec:e9:cc:47:40:eb:
4e:6b:7b:0c:6c:e8:b0:b5:6f:ba:67:a0:5f:4e:f2:
4b:c1:11:c3:d6:39:bb:15:0a:3f:04:11:35:b6:2f:
5b:5b:9c:06:4b:07:13:71:45:6a:9a:dc:d9:88:1e:
6a:58:69:01:b4:9f:29:11:98:7e:18:f2:99:1a:b5:
72:e8:3b:01:df:71:91:4f:41:81:d2:cd:a6:64:4e:
c8:d8:d9:a1:df:5a:f9:cc:10:09:f3:cc:bc:48:03:
70:31:e6:89:fa:89:51:8a:9f:4d:95:03:58:1a:df:
b4:a2:c0:99:a8:ef:9a:5e:e6:8c:bb:eb:5a:f5:4a:
38:4b:23:69:59:9d:d6:e9:55:5b:1c:6e:43:0d:a3:
30:4d:f8:d3:ef:1b:cd:74:0a:38:4c:1c:ad:b8:28:
b2:1f:f8:b9:75:0e:23:08:60:cb:02:f9:42:2c:49:
87:c6:9d:98:88:b9:4f:37:9e:3a:c7:38:d5:41:63:
ec:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:CE:46:F2:13:C4:43:A8:F1:80:71:E6:27:51:C2:2E:B3:9B:71:6E
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Ic5G8hPEQ6jxgHHmJ1HCLrObcW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
39:34:38:95:c0:57:d3:f4:06:9e:a1:b9:00:ce:41:2e:11:4d:
0d:51:d3:78:7e:02:bc:0c:d3:bd:c3:22:d9:92:82:f8:cb:2d:
46:7e:b0:5f:13:dd:21:a7:7d:1c:f1:13:e5:62:e5:02:4d:1b:
77:a7:30:84:4c:82:36:44:33:11:db:ec:ee:e3:3e:30:96:49:
24:49:0f:b5:42:66:e5:5d:c5:33:9c:e4:da:02:35:13:52:18:
e8:45:34:3a:1c:cd:a7:dd:3d:b7:6e:fa:2f:25:2c:79:ae:90:
fe:a8:f2:50:11:ff:ca:b9:45:2e:f4:ce:24:d2:e7:1f:1d:a7:
f9:3e:67:a2:5c:cd:60:92:bb:4c:6a:93:79:8c:b4:62:81:56:
aa:ec:03:fe:08:45:02:12:c4:4a:ec:b4:6e:e7:40:fc:46:e8:
0a:1d:36:d6:a5:cf:44:50:71:24:b2:40:7a:5c:be:f5:31:db:
5d:7a:2a:10:e1:32:63:b9:eb:32:d7:00:21:d3:b1:67:fe:0c:
12:c8:43:0d:e8:a7:91:57:88:d2:b2:e2:04:a5:01:bd:ab:a5:
4d:90:ce:8f:87:98:42:d4:d2:cd:49:4a:22:22:f2:75:48:60:
2b:fb:fc:e2:19:d9:4c:16:23:bd:8b:47:39:ab:15:4e:b0:93:
e6:34:d8:58
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZdEThdY1xjuRJ4ZmFnVF/S8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA2MDgxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWNlNDZmMjEzYzQ0M2E4ZjE4MDcxZTYyNzUxYzIyZWIzOWI3MTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLDPDr7OEwCh2kyr/YazswLmauba
pMYR0soLgtJfeTI9D5X+n2NC5w57lN8Vc9xSlbWNS32IjXkxyGp/wWNR72Js3/Ls
6cxHQOtOa3sMbOiwtW+6Z6BfTvJLwRHD1jm7FQo/BBE1ti9bW5wGSwcTcUVqmtzZ
iB5qWGkBtJ8pEZh+GPKZGrVy6DsB33GRT0GB0s2mZE7I2Nmh31r5zBAJ88y8SANw
MeaJ+olRip9NlQNYGt+0osCZqO+aXuaMu+ta9Uo4SyNpWZ3W6VVbHG5DDaMwTfjT
7xvNdAo4TBytuCiyH/i5dQ4jCGDLAvlCLEmHxp2YiLlPN546xzjVQWPsgQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFCHORvITxEOo8YBx5idRwi6zm3FuMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvSWM1RzhoUEVRNmp4Z0hIbUoxSENMck9iY1c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAOTQ4lcBX0/QG
nqG5AM5BLhFNDVHTeH4CvAzTvcMi2ZKC+MstRn6wXxPdIad9HPET5WLlAk0bd6cw
hEyCNkQzEdvs7uM+MJZJJEkPtUJm5V3FM5zk2gI1E1IY6EU0OhzNp909t276LyUs
ea6Q/qjyUBH/yrlFLvTOJNLnHx2n+T5nolzNYJK7TGqTeYy0YoFWquwD/ghFAhLE
Suy0budA/EboCh021qXPRFBxJLJAely+9THbXXoqEOEyY7nrMtcAIdOxZ/4MEshD
DeinkVeI0rLiBKUBvaulTZDOj4eYQtTSzUlKIiLydUhgK/v84hnZTBYjvYtHOasV
TrCT5jTYWA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:48:15 2025 by rpki-client