Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/KsfgN3XutfyzPUglvqDhQCJv6r0.roa
File: KsfgN3XutfyzPUglvqDhQCJv6r0.roa (raw, json)
Hash identifier: AFav3zSTVjRfHKYr49NVSqYbmCiZOm61s4E1FDzKKfw=
Subject key identifier: 2A:C7:E0:37:75:EE:B5:FC:B3:3D:48:25:BE:A0:E1:40:22:6F:EA:BD
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019746DE85FF0EB956E03CBC14E8E991295F
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/KsfgN3XutfyzPUglvqDhQCJv6r0.roa
Signing time: Fri 06 Jun 2025 20:11:17 +0000
ROA not before: Fri 06 Jun 2025 20:11:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 06 Jun 2025 21:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:46:de:85:ff:0e:b9:56:e0:3c:bc:14:e8:e9:91:29:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 6 20:11:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ac7e03775eeb5fcb33d4825bea0e140226feabd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c3:9d:48:76:5b:8e:64:56:1a:25:9f:73:49:
fa:6d:1b:ff:9e:13:92:1e:d5:94:29:8c:cc:40:2c:
da:a3:b7:16:32:b0:df:b1:ad:b6:63:80:e9:f6:99:
ad:28:55:55:c8:41:9b:ad:dc:c4:ad:9d:24:fe:45:
cd:6f:b9:16:aa:54:35:e9:13:88:ac:60:ea:06:23:
fb:12:cb:92:cb:fb:26:8a:94:b3:68:86:76:ed:99:
d2:e1:b1:d1:8e:a0:72:d5:37:0d:be:08:ee:21:68:
20:a4:cb:4a:98:83:ba:4c:7e:e4:b3:7b:72:a1:03:
06:de:af:88:0a:cd:44:e0:47:d0:80:d8:8c:0e:fe:
f6:d2:41:7c:50:69:d6:9a:70:03:0b:d3:5d:d0:74:
af:ea:8b:17:4d:92:77:6e:a6:57:29:74:d0:27:60:
1f:b6:d0:ba:95:71:76:54:b7:aa:e0:5b:af:30:50:
5c:ca:e3:f2:7f:b9:ad:8a:1a:d5:43:43:bf:9b:90:
f2:af:fb:6b:5a:ba:09:d7:14:ff:6b:0d:2f:a0:0f:
3a:bb:51:2e:48:81:dd:2b:38:1b:06:36:cf:5a:0d:
6d:13:18:af:ab:13:a7:6b:c4:0b:5a:40:ec:67:4d:
96:96:80:8a:d2:14:58:62:7b:76:dc:e3:0a:1f:e3:
c3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:C7:E0:37:75:EE:B5:FC:B3:3D:48:25:BE:A0:E1:40:22:6F:EA:BD
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/KsfgN3XutfyzPUglvqDhQCJv6r0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
ad:08:94:43:29:6d:37:c5:0e:dd:1e:9b:9d:f3:25:d6:b5:2e:
55:cc:37:ae:30:71:4a:3f:cf:2b:5a:40:4b:e5:07:52:30:24:
92:fb:5b:31:0b:00:1b:53:4b:47:3f:ec:7c:0e:24:2d:ab:69:
37:41:ae:86:f9:9e:68:ae:03:ed:ce:9f:d0:2d:d0:55:9a:19:
45:8b:23:a4:5e:47:98:4c:d4:85:1d:d8:ee:a7:2e:3f:15:94:
7a:9c:62:85:05:99:f7:0c:fd:cb:47:4c:fd:6e:0d:92:50:46:
87:78:28:c1:91:dd:00:90:96:d0:f7:cc:3d:0c:18:bb:e8:38:
83:45:ea:2f:3d:60:72:44:4f:b0:3e:6a:ea:43:39:66:18:ff:
dd:43:67:22:83:cd:bc:30:35:04:0a:e9:1a:0d:7e:1e:c0:4b:
9a:93:51:aa:e0:e4:d3:e2:26:4b:66:c1:a3:9b:f5:22:be:c4:
01:e8:2d:f1:4a:1b:f7:e2:82:a2:4a:12:b0:67:e0:3c:d8:41:
9a:6e:73:95:37:17:ab:58:66:b5:db:76:87:2e:9f:09:c0:86:
a9:c4:c0:a6:e5:ea:6d:7c:40:f2:f6:25:6d:85:51:cf:73:0c:
14:22:6d:d5:46:88:6c:b9:d6:3b:71:95:df:b3:54:fe:64:cc:
68:be:14:d3
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZdG3oX/DrlW4Dy8FOjpkSlfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA2MjAxMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWM3ZTAzNzc1ZWViNWZjYjMzZDQ4MjViZWEwZTE0MDIyNmZlYWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMOdSHZbjmRWGiWfc0n6bRv/nhOS
HtWUKYzMQCzao7cWMrDfsa22Y4Dp9pmtKFVVyEGbrdzErZ0k/kXNb7kWqlQ16ROI
rGDqBiP7EsuSy/smipSzaIZ27ZnS4bHRjqBy1TcNvgjuIWggpMtKmIO6TH7ks3ty
oQMG3q+ICs1E4EfQgNiMDv720kF8UGnWmnADC9Nd0HSv6osXTZJ3bqZXKXTQJ2Af
ttC6lXF2VLeq4FuvMFBcyuPyf7mtihrVQ0O/m5Dyr/trWroJ1xT/aw0voA86u1Eu
SIHdKzgbBjbPWg1tExivqxOna8QLWkDsZ02WloCK0hRYYnt23OMKH+PD+QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFCrH4Dd17rX8sz1IJb6g4UAib+q9MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvS3NmZ04zWHV0Znl6UFVnbHZxRGhRQ0p2NnIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEArQiUQyltN8UO
3R6bnfMl1rUuVcw3rjBxSj/PK1pAS+UHUjAkkvtbMQsAG1NLRz/sfA4kLatpN0Gu
hvmeaK4D7c6f0C3QVZoZRYsjpF5HmEzUhR3Y7qcuPxWUepxihQWZ9wz9y0dM/W4N
klBGh3gowZHdAJCW0PfMPQwYu+g4g0XqLz1gckRPsD5q6kM5Zhj/3UNnIoPNvDA1
BArpGg1+HsBLmpNRquDk0+ImS2bBo5v1Ir7EAegt8Uob9+KCokoSsGfgPNhBmm5z
lTcXq1hmtdt2hy6fCcCGqcTApuXqbXxA8vYlbYVRz3MMFCJt1UaIbLnWO3GV37NU
/mTMaL4U0w==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:22:19 2025 by rpki-client