Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/LrzlgYAtluuV3Y4fOWc1wFSb_uI.roa
File: LrzlgYAtluuV3Y4fOWc1wFSb_uI.roa (raw, json)
Hash identifier: TyUhTl+YwX+1f2zaK42/RPYIjvuR57aFHU9G4azeHBw=
Subject key identifier: 2E:BC:E5:81:80:2D:96:EB:95:DD:8E:1F:39:67:35:C0:54:9B:FE:E2
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196FA473DEBD6BDF63FB52843D21984AABD
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/LrzlgYAtluuV3Y4fOWc1wFSb_uI.roa
Signing time: Thu 22 May 2025 23:14:54 +0000
ROA not before: Thu 22 May 2025 23:14:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 23 May 2025 00:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fa:47:3d:eb:d6:bd:f6:3f:b5:28:43:d2:19:84:aa:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 22 23:14:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ebce581802d96eb95dd8e1f396735c0549bfee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:40:f1:e5:17:ac:55:09:3c:ea:6c:d4:b1:1a:
5b:a4:c8:c5:25:a5:31:68:4f:bc:8d:75:a5:cb:2c:
8f:d1:da:73:4b:d2:ee:61:10:0d:ae:c7:0b:78:ba:
c6:cb:b0:64:8b:2f:07:17:a0:89:18:e4:ac:7e:9f:
2c:6c:f3:79:a1:19:7f:e8:7e:0c:14:fd:14:73:79:
80:aa:1f:7f:26:83:66:31:56:04:d4:75:e0:96:a2:
fd:ee:0e:13:4e:cb:ed:de:34:ef:46:e7:24:a1:80:
15:94:30:ba:34:f1:14:01:08:83:dc:8b:59:68:63:
29:88:d4:bc:06:c2:0f:ca:b9:f9:b4:d4:0f:48:26:
00:c0:f9:66:fa:b9:f1:6b:a8:34:de:67:0a:b9:7d:
f1:57:23:51:5d:6e:00:92:99:d8:13:c5:dd:3e:7a:
a0:eb:db:d3:a5:46:e2:8d:95:73:b0:35:52:27:00:
9e:bc:88:6d:3c:b6:76:78:1b:6e:cc:8b:4d:83:b2:
17:df:27:63:1d:d3:8f:1c:7d:e1:8c:17:6f:e9:e0:
06:30:7d:49:da:14:bd:c8:95:51:e6:22:a2:b9:52:
43:ec:45:b2:b4:f9:8a:9f:0e:27:7e:a5:13:9d:b7:
c8:28:c9:92:6f:9c:d0:73:94:fd:8e:17:a9:b6:f3:
19:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:BC:E5:81:80:2D:96:EB:95:DD:8E:1F:39:67:35:C0:54:9B:FE:E2
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/LrzlgYAtluuV3Y4fOWc1wFSb_uI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
9e:c2:e0:a0:b1:97:b4:28:ed:8a:bc:b3:f3:7f:e4:ac:08:ee:
3a:63:56:fa:85:b5:38:2d:3d:f6:2d:f9:60:1c:9a:77:ba:27:
99:50:84:29:f9:ed:f5:aa:79:2d:bf:d0:8d:14:6a:42:82:65:
ac:93:06:f3:19:5f:79:9e:a2:2c:af:c0:13:60:1a:98:b0:40:
5e:c6:eb:40:78:9b:c5:33:2d:7c:8c:8a:04:ff:89:d2:a9:1a:
8d:4d:a8:16:a3:a2:90:b4:c7:cd:fa:31:ad:79:35:51:94:a4:
07:7c:6f:8d:39:a1:73:ab:91:89:bb:37:56:a0:3d:bb:29:bf:
5e:27:b7:7e:77:5e:47:d7:ad:65:c8:b1:60:62:b7:ad:3c:73:
5d:02:26:a5:f4:bd:32:e3:1e:8e:bd:04:bf:15:bb:46:d0:6a:
46:85:23:28:d0:d0:be:d7:81:c9:32:27:3c:bb:16:15:e1:38:
46:97:35:8d:36:0a:fb:4f:59:fe:af:31:b5:00:dd:dd:e0:8a:
1e:e5:92:71:46:71:3d:75:0b:9b:b2:7e:80:df:f8:5c:6e:5f:
b5:1e:59:5f:46:73:46:9c:8f:48:d9:ce:db:80:72:38:48:a1:
09:ef:0a:a7:ed:ad:dc:f7:fa:b4:b8:f7:16:f7:e7:ca:ba:1d:
a8:d8:73:e0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb6Rz3r1r32P7UoQ9IZhKq9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIyMjMxNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWJjZTU4MTgwMmQ5NmViOTVkZDhlMWYzOTY3MzVjMDU0OWJmZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5EDx5ResVQk86mzUsRpbpMjFJaUx
aE+8jXWlyyyP0dpzS9LuYRANrscLeLrGy7Bkiy8HF6CJGOSsfp8sbPN5oRl/6H4M
FP0Uc3mAqh9/JoNmMVYE1HXglqL97g4TTsvt3jTvRuckoYAVlDC6NPEUAQiD3ItZ
aGMpiNS8BsIPyrn5tNQPSCYAwPlm+rnxa6g03mcKuX3xVyNRXW4AkpnYE8XdPnqg
69vTpUbijZVzsDVSJwCevIhtPLZ2eBtuzItNg7IX3ydjHdOPHH3hjBdv6eAGMH1J
2hS9yJVR5iKiuVJD7EWytPmKnw4nfqUTnbfIKMmSb5zQc5T9jheptvMZoQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFC685YGALZbrld2OHzlnNcBUm/7iMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvTHJ6bGdZQXRsdXVWM1k0Zk9XYzF3RlNiX3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAnsLgoLGXtCjtiryz83/krAju
OmNW+oW1OC099i35YByad7onmVCEKfnt9ap5Lb/QjRRqQoJlrJMG8xlfeZ6iLK/A
E2AamLBAXsbrQHibxTMtfIyKBP+J0qkajU2oFqOikLTHzfoxrXk1UZSkB3xvjTmh
c6uRibs3VqA9uym/Xie3fndeR9etZcixYGK3rTxzXQImpfS9MuMejr0EvxW7RtBq
RoUjKNDQvteByTInPLsWFeE4Rpc1jTYK+09Z/q8xtQDd3eCKHuWScUZxPXULm7J+
gN/4XG5ftR5ZX0ZzRpyPSNnO24ByOEihCe8Kp+2t3Pf6tLj3FvfnyrodqNhz4A==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:08:49 2025 by rpki-client