Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/JCrnMkR5FQCHdCQB62QKFh_Yd4k.roa
File: JCrnMkR5FQCHdCQB62QKFh_Yd4k.roa (raw, json)
Hash identifier: llsyGySYQR1F8YWqo9Ha367aKF8aBCWiFM2kvnH3sto=
Subject key identifier: 24:2A:E7:32:44:79:15:00:87:74:24:01:EB:64:0A:16:1F:D8:77:89
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01968E4FB5088FDBC6143C3067901CD1782D
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/JCrnMkR5FQCHdCQB62QKFh_Yd4k.roa
Signing time: Fri 02 May 2025 00:05:10 +0000
ROA not before: Fri 02 May 2025 00:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:8e4f:28fc/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 02 May 2025 00:13:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8e:4f:b5:08:8f:db:c6:14:3c:30:67:90:1c:d1:78:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 2 00:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=242ae7324479150087742401eb640a161fd87789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3b:18:5e:bd:a6:fa:29:34:91:70:9a:5b:78:
01:c3:0b:d3:37:ae:12:0a:49:9a:ec:03:f4:cd:91:
f0:10:2f:2a:8e:4f:4a:81:97:a6:b1:8f:55:5a:f2:
03:09:73:24:87:13:10:33:de:70:d7:3c:0b:4a:56:
a0:f7:87:21:20:a3:4e:2d:aa:a5:39:29:6c:b2:a8:
3d:b7:2c:11:7b:9f:76:58:27:15:18:fe:06:bd:de:
42:b2:87:a2:16:5c:96:e3:a8:82:c5:58:9e:f5:90:
1b:56:54:4b:fe:15:8a:16:18:9c:78:0e:82:8c:a8:
f6:0b:05:1c:d3:cd:ba:86:3b:a7:75:8a:9d:9a:81:
60:51:0f:e4:5e:c3:9b:73:f7:a7:f4:db:68:c7:e7:
b5:88:02:0e:64:7f:d9:3a:fa:77:4f:70:44:68:db:
ac:df:99:7c:ef:79:52:27:68:f4:ed:76:b1:c3:10:
12:7e:74:27:b1:ce:cb:15:64:b3:57:8f:98:f8:8a:
95:f5:c0:1b:9e:14:3b:86:de:a3:20:a9:4d:70:40:
9b:6a:70:0b:3d:aa:3b:a5:50:99:de:25:ec:ac:7d:
a7:9e:b5:af:a0:24:39:d2:f1:68:43:81:ce:da:07:
dd:f4:23:35:51:de:8e:b8:fc:29:97:b3:eb:3b:02:
7f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:2A:E7:32:44:79:15:00:87:74:24:01:EB:64:0A:16:1F:D8:77:89
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/JCrnMkR5FQCHdCQB62QKFh_Yd4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:8e4f:28fc/128
Signature Algorithm: sha256WithRSAEncryption
58:7c:bb:9a:fe:6d:6f:e9:78:e6:a2:78:69:17:1c:77:47:ec:
07:6e:5c:e5:d5:8d:22:92:a5:d2:3f:ae:7f:4c:b7:20:d1:04:
15:d4:e7:07:36:23:72:e9:cd:cf:a9:d7:9c:62:30:90:63:81:
53:af:af:5a:93:c9:a6:c3:c1:81:eb:1a:e4:51:b9:2f:b7:be:
32:d8:86:2b:4c:cb:ae:3c:8d:3d:08:9c:24:92:d9:f3:dc:81:
13:07:b8:da:b5:96:eb:e2:65:b2:10:ad:50:c5:55:b8:e8:46:
fe:5e:55:5b:29:d6:5b:1c:d4:ad:14:65:00:16:83:49:ac:94:
eb:de:47:6f:6b:1e:5d:36:1c:45:6c:0d:9c:60:9b:3a:28:51:
65:44:95:2f:f6:40:34:61:e2:ab:8f:e8:42:f1:5d:74:32:cf:
bb:e4:f8:7e:d8:e9:46:50:67:ac:05:6d:12:84:da:2d:98:e4:
74:ee:f9:04:7e:5c:80:60:bf:fe:49:bb:f4:7a:be:5c:c3:34:
ab:e2:bd:30:99:6b:28:61:dc:d4:f4:3a:75:40:b0:e1:fb:0c:
41:f2:8a:d7:3c:7a:d1:1f:67:ba:45:1b:b6:fb:a8:9c:bc:2a:
6b:b3:d7:c2:8d:ca:df:65:89:6d:4c:f9:68:bc:25:42:65:59:
0d:14:2c:fa
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZaOT7UIj9vGFDwwZ5Ac0XgtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTAyMDAwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDJhZTczMjQ0NzkxNTAwODc3NDI0MDFlYjY0MGExNjFmZDg3Nzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTsYXr2m+ik0kXCaW3gBwwvTN64S
Ckma7AP0zZHwEC8qjk9KgZemsY9VWvIDCXMkhxMQM95w1zwLSlag94chIKNOLaql
OSlssqg9tywRe592WCcVGP4Gvd5CsoeiFlyW46iCxVie9ZAbVlRL/hWKFhiceA6C
jKj2CwUc0826hjundYqdmoFgUQ/kXsObc/en9Ntox+e1iAIOZH/ZOvp3T3BEaNus
35l873lSJ2j07XaxwxASfnQnsc7LFWSzV4+Y+IqV9cAbnhQ7ht6jIKlNcECbanAL
Pao7pVCZ3iXsrH2nnrWvoCQ50vFoQ4HO2gfd9CM1Ud6OuPwpl7PrOwJ/KQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCQq5zJEeRUAh3QkAetkChYf2HeJMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvSkNybk1rUjVGUUNIZENRQjYyUUtGaF9ZZDRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWjk8o/DANBgkqhkiG9w0BAQsFAAOCAQEAWHy7mv5tb+l45qJ4aRccd0fs
B25c5dWNIpKl0j+uf0y3INEEFdTnBzYjcunNz6nXnGIwkGOBU6+vWpPJpsPBgesa
5FG5L7e+MtiGK0zLrjyNPQicJJLZ89yBEwe42rWW6+JlshCtUMVVuOhG/l5VWynW
WxzUrRRlABaDSayU695Hb2seXTYcRWwNnGCbOihRZUSVL/ZANGHiq4/oQvFddDLP
u+T4ftjpRlBnrAVtEoTaLZjkdO75BH5cgGC//km79Hq+XMM0q+K9MJlrKGHc1PQ6
dUCw4fsMQfKK1zx60R9nukUbtvuonLwqa7PXwo3K32WJbUz5aLwlQmVZDRQs+g==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:26:05 2025 by rpki-client