Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/K1bOGJDgL8crf_-YjfVdXo0zbuY.roa
File: K1bOGJDgL8crf_-YjfVdXo0zbuY.roa (raw, json)
Hash identifier: MmTvrDhgKJpI2b2tLhzhnDOutEKHN3f8wftVrUKrPZg=
Subject key identifier: 2B:56:CE:18:90:E0:2F:C7:2B:7F:FF:98:8D:F5:5D:5E:8D:33:6E:E6
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196805D265177F3A06C903207A6631EAFD4
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/K1bOGJDgL8crf_-YjfVdXo0zbuY.roa
Signing time: Tue 29 Apr 2025 07:05:10 +0000
ROA not before: Tue 29 Apr 2025 07:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:805c:58cc/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 29 Apr 2025 07:15:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:5d:26:51:77:f3:a0:6c:90:32:07:a6:63:1e:af:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 29 07:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b56ce1890e02fc72b7fff988df55d5e8d336ee6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:53:06:75:6a:73:39:d3:60:5d:07:51:5f:64:
da:08:d3:3b:88:5c:1a:43:ed:a5:ef:2f:f6:d5:2d:
5d:62:cb:0d:41:b1:fb:88:a8:0d:6e:a7:83:a1:58:
b2:89:58:5e:79:df:e4:8c:ca:e9:f2:e5:f8:64:3b:
14:ba:0d:a4:f7:77:45:dd:8a:65:aa:c6:22:70:a1:
de:37:64:29:86:da:a6:5f:2e:c2:b5:16:c0:a5:17:
ac:4b:e5:a9:41:6a:fd:16:1f:8b:b6:ad:c9:d4:ef:
50:be:84:7d:50:07:4b:e9:8e:6a:1b:c7:07:32:20:
bb:a1:13:20:a1:02:82:df:9b:d1:c5:96:ba:c7:71:
9d:9b:44:1c:ac:49:dd:b6:09:35:58:5e:06:55:9d:
80:f9:6a:0f:bf:6b:6c:00:86:5b:10:52:03:83:2e:
99:24:c9:af:0d:8b:29:56:ab:4b:d0:e3:7b:2c:bb:
7a:e8:10:df:6a:d5:02:aa:08:95:a9:f5:a5:77:42:
d6:80:5a:ba:46:02:23:06:8b:e6:cb:0b:17:45:2a:
35:9f:2f:9f:ca:a6:36:a9:07:18:20:74:cb:41:e2:
d5:ca:e5:2a:b0:65:91:9b:05:de:4e:1c:07:a8:27:
ab:e0:36:e0:75:6a:14:06:35:8b:7d:3e:c0:05:6a:
64:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:56:CE:18:90:E0:2F:C7:2B:7F:FF:98:8D:F5:5D:5E:8D:33:6E:E6
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/K1bOGJDgL8crf_-YjfVdXo0zbuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:805c:58cc/128
Signature Algorithm: sha256WithRSAEncryption
10:93:35:7c:0c:bf:31:49:32:67:a7:92:44:58:3c:2a:8c:bf:
9a:f4:2b:60:ca:c2:6b:dd:79:0d:0e:14:d4:ca:83:be:4f:59:
73:33:56:55:8b:ea:db:c0:26:dc:83:b9:70:af:b9:e7:5d:f0:
56:c9:17:fe:f9:62:bf:b2:b2:87:2b:89:21:ef:04:be:1b:45:
85:6b:16:80:ff:70:4d:14:2f:42:6f:c8:48:fc:17:4a:af:0e:
2a:77:04:99:1f:96:c9:cb:3d:be:1d:d8:73:1e:02:d9:bc:da:
b3:03:45:a1:c6:db:9d:8a:ea:7f:50:43:27:4a:53:2d:69:9f:
6b:87:5a:e9:39:69:3d:0f:c1:d6:d2:0a:61:16:32:02:4c:21:
3b:25:7e:f2:db:86:b6:c3:58:83:f8:ed:ee:1f:76:2a:25:4b:
a9:5f:29:c6:4e:ce:cf:30:44:59:24:4b:08:36:49:47:86:40:
b3:b9:96:24:0f:c2:31:23:64:7d:01:fc:ce:34:21:41:28:bc:
ec:56:b4:5a:b2:7a:e6:c8:eb:8d:f7:e1:04:f9:33:c2:b2:84:
17:50:72:d2:71:5a:c1:15:c7:32:67:31:14:85:27:8c:1c:33:
98:fb:e5:aa:d9:18:92:da:2d:46:50:68:06:52:79:34:63:ae:
9e:27:1e:cd
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZaAXSZRd/OgbJAyB6ZjHq/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDI5MDcwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjU2Y2UxODkwZTAyZmM3MmI3ZmZmOTg4ZGY1NWQ1ZThkMzM2ZWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVMGdWpzOdNgXQdRX2TaCNM7iFwa
Q+2l7y/21S1dYssNQbH7iKgNbqeDoViyiVheed/kjMrp8uX4ZDsUug2k93dF3Ypl
qsYicKHeN2QphtqmXy7CtRbApResS+WpQWr9Fh+Ltq3J1O9QvoR9UAdL6Y5qG8cH
MiC7oRMgoQKC35vRxZa6x3Gdm0QcrEndtgk1WF4GVZ2A+WoPv2tsAIZbEFIDgy6Z
JMmvDYspVqtL0ON7LLt66BDfatUCqgiVqfWld0LWgFq6RgIjBovmywsXRSo1ny+f
yqY2qQcYIHTLQeLVyuUqsGWRmwXeThwHqCer4DbgdWoUBjWLfT7ABWpkJwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCtWzhiQ4C/HK3//mI31XV6NM27mMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvSzFiT0dKRGdMOGNyZl8tWWpmVmRYbzB6YnVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWgFxYzDANBgkqhkiG9w0BAQsFAAOCAQEAEJM1fAy/MUkyZ6eSRFg8Koy/
mvQrYMrCa915DQ4U1MqDvk9ZczNWVYvq28Am3IO5cK+5513wVskX/vliv7KyhyuJ
Ie8EvhtFhWsWgP9wTRQvQm/ISPwXSq8OKncEmR+Wycs9vh3Ycx4C2bzaswNFocbb
nYrqf1BDJ0pTLWmfa4da6TlpPQ/B1tIKYRYyAkwhOyV+8tuGtsNYg/jt7h92KiVL
qV8pxk7OzzBEWSRLCDZJR4ZAs7mWJA/CMSNkfQH8zjQhQSi87Fa0WrJ65sjrjffh
BPkzwrKEF1By0nFawRXHMmcxFIUnjBwzmPvlqtkYktotRlBoBlJ5NGOunicezQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:57:10 2025 by rpki-client