Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/LTRqzKu-9khz1mqtBMsHX9qNep0.roa
File: LTRqzKu-9khz1mqtBMsHX9qNep0.roa (raw, json)
Hash identifier: /vzllsS7Tolc5kA8rX59O7km1DPiKm8kQY2k/F9Dl58=
Subject key identifier: 2D:34:6A:CC:AB:BE:F6:48:73:D6:6A:AD:04:CB:07:5F:DA:8D:7A:9D
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019738EFA100A7D4FF5D3635D6B853A622E3
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/LTRqzKu-9khz1mqtBMsHX9qNep0.roa
Signing time: Wed 04 Jun 2025 03:15:17 +0000
ROA not before: Wed 04 Jun 2025 03:15:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 04 Jun 2025 04:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:38:ef:a1:00:a7:d4:ff:5d:36:35:d6:b8:53:a6:22:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 4 03:15:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d346accabbef64873d66aad04cb075fda8d7a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:60:dd:06:ab:3c:7a:67:12:c7:eb:15:fd:a7:
08:8a:0d:83:3f:97:68:fa:29:68:e1:35:9a:24:a1:
cc:27:ef:5f:f8:a9:c5:4e:80:f1:ae:f8:9a:32:2c:
47:fd:f5:5d:94:6e:03:49:f4:fe:dd:34:fb:07:a9:
2f:6e:bd:03:b8:12:f1:b3:c7:d2:22:6f:9a:e7:e1:
cc:de:a4:7d:a6:3d:c0:fb:b6:14:6e:13:95:87:a4:
73:a3:84:8e:9e:fb:58:46:fe:e8:49:73:7f:94:ea:
14:e0:a6:44:c8:5b:c4:52:e4:b2:f5:11:f2:75:c0:
17:e3:74:d1:a0:82:6f:b2:7a:69:25:63:cb:f0:25:
b5:ec:21:bf:50:7e:c0:74:e0:87:13:39:c2:dc:88:
0d:79:3d:1c:c2:7d:34:3a:72:bf:a5:76:e8:f2:01:
44:24:bd:b6:71:ff:b1:d0:a5:ef:53:60:82:f4:09:
dd:be:04:f3:b6:e9:b5:13:25:11:21:d2:02:3d:09:
b9:ce:29:da:49:aa:5a:f9:aa:2d:a3:d6:8f:8e:43:
0d:63:19:16:7f:ab:86:b6:c4:0e:1d:61:c5:25:77:
0d:56:42:d8:ec:ce:28:08:bb:60:3f:a5:27:18:7a:
b5:3c:20:d0:b7:f7:84:2d:48:6f:90:15:93:f0:49:
32:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:34:6A:CC:AB:BE:F6:48:73:D6:6A:AD:04:CB:07:5F:DA:8D:7A:9D
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/LTRqzKu-9khz1mqtBMsHX9qNep0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
7f:11:95:a3:0b:68:a2:a7:22:bd:59:28:98:83:0b:ad:01:95:
d7:bf:c7:de:61:4a:fa:fa:02:c5:1f:44:36:1b:32:45:96:af:
ea:f6:fe:8e:23:ec:e0:13:07:55:70:8c:94:4b:d2:5e:b0:13:
da:8d:cc:63:8e:d2:b2:f8:60:76:da:6a:04:78:45:76:1a:4e:
bc:73:87:cc:98:68:f6:1e:48:7f:39:db:ce:a9:15:ca:18:c7:
2d:e7:e9:12:93:98:ef:12:e0:05:a9:6c:08:3a:c7:18:e7:84:
72:1c:05:23:2b:5a:d2:be:2b:47:58:08:9f:b9:0b:a0:25:3c:
7a:98:98:2e:59:37:ee:fc:33:44:38:a2:90:8b:ba:02:bd:fb:
1e:ec:ec:50:ad:ff:8c:1f:98:fe:24:46:0a:5b:b1:bc:84:33:
85:86:1b:1d:56:c0:50:e0:af:81:3e:39:d4:ab:9d:d1:54:4d:
ae:1b:69:58:84:58:03:20:ca:b0:e6:bc:ef:3a:95:a7:05:39:
66:e0:94:69:ec:3e:79:90:47:3c:1d:a2:f6:cd:ea:36:a2:35:
3a:f5:8f:54:e7:92:da:df:53:a4:9c:4a:0b:d9:fd:c4:6d:8a:
b0:96:18:78:9b:2e:83:76:14:7c:34:a6:d8:bf:1a:47:8d:e4:
33:88:97:03
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc476EAp9T/XTY11rhTpiLjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA0MDMxNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDM0NmFjY2FiYmVmNjQ4NzNkNjZhYWQwNGNiMDc1ZmRhOGQ3YTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWDdBqs8emcSx+sV/acIig2DP5do
+ilo4TWaJKHMJ+9f+KnFToDxrviaMixH/fVdlG4DSfT+3TT7B6kvbr0DuBLxs8fS
Im+a5+HM3qR9pj3A+7YUbhOVh6Rzo4SOnvtYRv7oSXN/lOoU4KZEyFvEUuSy9RHy
dcAX43TRoIJvsnppJWPL8CW17CG/UH7AdOCHEznC3IgNeT0cwn00OnK/pXbo8gFE
JL22cf+x0KXvU2CC9AndvgTztum1EyURIdICPQm5zinaSapa+aoto9aPjkMNYxkW
f6uGtsQOHWHFJXcNVkLY7M4oCLtgP6UnGHq1PCDQt/eELUhvkBWT8EkyQwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFC00asyrvvZIc9ZqrQTLB1/ajXqdMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvTFRScXpLdS05a2h6MW1xdEJNc0hYOXFOZXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAfxGVowtooqci
vVkomIMLrQGV17/H3mFK+voCxR9ENhsyRZav6vb+jiPs4BMHVXCMlEvSXrAT2o3M
Y47SsvhgdtpqBHhFdhpOvHOHzJho9h5IfznbzqkVyhjHLefpEpOY7xLgBalsCDrH
GOeEchwFIyta0r4rR1gIn7kLoCU8epiYLlk37vwzRDiikIu6Ar37HuzsUK3/jB+Y
/iRGCluxvIQzhYYbHVbAUOCvgT451Kud0VRNrhtpWIRYAyDKsOa87zqVpwU5ZuCU
aew+eZBHPB2i9s3qNqI1OvWPVOeS2t9TpJxKC9n9xG2KsJYYeJsug3YUfDSm2L8a
R43kM4iXAw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:05:22 2025 by rpki-client