Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Kg5TocPmp_PruIVXkd9R5Gvc3Ro.roa
File: Kg5TocPmp_PruIVXkd9R5Gvc3Ro.roa (raw, json)
Hash identifier: 1yYMe1tj5MQ+vKjvvztaXEwkpgfpfuFiEEYnuHhQays=
Subject key identifier: 2A:0E:53:A1:C3:E6:A7:F3:EB:B8:85:57:91:DF:51:E4:6B:DC:DD:1A
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196E1C81CC7C88CA36E15570EF96DBB8174
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Kg5TocPmp_PruIVXkd9R5Gvc3Ro.roa
Signing time: Sun 18 May 2025 05:05:10 +0000
ROA not before: Sun 18 May 2025 05:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:e1c7:6d74/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 18 May 2025 05:15:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e1:c8:1c:c7:c8:8c:a3:6e:15:57:0e:f9:6d:bb:81:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 18 05:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a0e53a1c3e6a7f3ebb8855791df51e46bdcdd1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f0:9b:d0:76:58:71:6d:39:bf:fc:d8:df:6d:
6f:98:3a:6c:f8:6a:34:4e:8a:79:03:a4:f5:11:d3:
5a:53:6e:e3:98:a0:13:2e:ef:f3:09:4c:05:88:30:
b9:f3:3e:6c:f0:77:03:17:61:f0:40:6f:18:dd:f1:
f2:db:74:51:65:6b:f0:38:ee:75:15:4b:aa:ea:96:
3b:53:13:13:27:6b:ff:10:bc:cb:13:86:e0:e2:01:
9c:74:6a:ab:d2:47:c1:6d:24:32:0c:c2:fd:35:38:
a7:8c:c2:72:1e:56:49:0e:43:2a:49:08:41:ad:23:
4f:65:92:cc:d3:83:72:dd:49:ea:44:09:72:16:2f:
4f:10:be:67:a3:b6:51:b1:cf:34:e3:28:14:1d:3f:
95:be:b0:62:1b:d3:96:44:d3:3f:fd:a2:6b:f4:ac:
7d:89:f7:f8:1f:f6:21:d2:99:70:d8:ab:0c:fe:38:
40:99:5b:eb:8b:f2:20:ef:36:02:86:5c:6e:94:36:
32:c9:6e:3f:7a:9a:90:0d:40:f2:1a:45:57:1e:cc:
46:41:a8:d3:d6:a8:11:55:36:ca:75:c0:b8:b8:c1:
b5:b1:3b:4f:e6:6e:f3:78:cf:cb:83:ad:62:0e:7d:
a6:7d:3e:0a:99:a6:34:20:f1:52:7b:e0:79:b6:07:
c8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0E:53:A1:C3:E6:A7:F3:EB:B8:85:57:91:DF:51:E4:6B:DC:DD:1A
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Kg5TocPmp_PruIVXkd9R5Gvc3Ro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:e1c7:6d74/128
Signature Algorithm: sha256WithRSAEncryption
0a:6b:87:0a:61:97:49:c2:c2:a8:38:f9:95:0b:45:80:e0:f1:
df:75:3b:8f:48:a1:ff:82:e7:4f:cf:4b:18:e8:14:80:65:76:
f9:eb:45:2a:fe:65:6e:79:a8:2f:ae:80:f0:4d:86:e9:b3:d0:
78:41:10:9a:47:de:58:42:c5:50:33:0b:37:1a:9e:ee:fc:d6:
af:e0:a6:ce:0b:a7:f7:83:0a:d6:6a:27:c6:4c:d1:b1:e5:50:
28:4a:31:9f:bf:bc:7f:f2:ab:69:53:df:11:2a:df:5e:48:d3:
82:7b:f4:b6:f5:fd:42:96:ee:5f:23:45:dd:e3:9c:06:96:9c:
4f:75:ca:5d:30:d3:7c:e6:ac:c6:dc:70:f6:57:bc:67:24:84:
41:f7:51:e4:dc:71:4b:25:6d:99:f5:6a:98:db:9f:eb:57:a1:
3c:e6:2c:5f:9f:e9:78:1d:82:cd:b9:c2:d2:f9:83:ec:2f:90:
0e:87:94:40:57:4c:65:bd:55:60:b5:db:25:68:19:fa:98:6a:
1b:cf:16:e5:b7:38:25:86:2e:b7:2e:b8:3d:40:2e:9f:b9:47:
28:84:7a:69:15:70:c8:ed:13:80:3a:29:3d:a2:3b:a3:3f:0e:
7a:e1:ae:98:29:4c:3a:12:0b:e2:ac:0e:c9:08:1c:fd:fe:cd:
db:9a:ca:a6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbhyBzHyIyjbhVXDvltu4F0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTE4MDUwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTBlNTNhMWMzZTZhN2YzZWJiODg1NTc5MWRmNTFlNDZiZGNkZDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovCb0HZYcW05v/zY321vmDps+Go0
Top5A6T1EdNaU27jmKATLu/zCUwFiDC58z5s8HcDF2HwQG8Y3fHy23RRZWvwOO51
FUuq6pY7UxMTJ2v/ELzLE4bg4gGcdGqr0kfBbSQyDML9NTinjMJyHlZJDkMqSQhB
rSNPZZLM04Ny3UnqRAlyFi9PEL5no7ZRsc804ygUHT+VvrBiG9OWRNM//aJr9Kx9
iff4H/Yh0plw2KsM/jhAmVvri/Ig7zYChlxulDYyyW4/epqQDUDyGkVXHsxGQajT
1qgRVTbKdcC4uMG1sTtP5m7zeM/Lg61iDn2mfT4KmaY0IPFSe+B5tgfIcwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCoOU6HD5qfz67iFV5HfUeRr3N0aMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvS2c1VG9jUG1wX1BydUlWWGtkOVI1R3ZjM1JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW4cdtdDANBgkqhkiG9w0BAQsFAAOCAQEACmuHCmGXScLCqDj5lQtFgODx
33U7j0ih/4LnT89LGOgUgGV2+etFKv5lbnmoL66A8E2G6bPQeEEQmkfeWELFUDML
Nxqe7vzWr+Cmzgun94MK1monxkzRseVQKEoxn7+8f/KraVPfESrfXkjTgnv0tvX9
QpbuXyNF3eOcBpacT3XKXTDTfOasxtxw9le8ZySEQfdR5NxxSyVtmfVqmNuf61eh
POYsX5/peB2CzbnC0vmD7C+QDoeUQFdMZb1VYLXbJWgZ+phqG88W5bc4JYYuty64
PUAun7lHKIR6aRVwyO0TgDopPaI7oz8OeuGumClMOhIL4qwOyQgc/f7N25rKpg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:14:08 2025 by rpki-client