Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/MBhiZniTZ1Clu0Plel95kySqvQ8.roa
File: MBhiZniTZ1Clu0Plel95kySqvQ8.roa (raw, json)
Hash identifier: m7G1rPmnN5KVts2YkBQgT+R46vXX1r09d3/w3znwLm4=
Subject key identifier: 30:18:62:66:78:93:67:50:A5:BB:43:E5:7A:5F:79:93:24:AA:BD:0F
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01963AD6617E2F6F9D4EABA1C9E363AB0CC6
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/MBhiZniTZ1Clu0Plel95kySqvQ8.roa
Signing time: Tue 15 Apr 2025 19:04:10 +0000
ROA not before: Tue 15 Apr 2025 19:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:3ad6:52de/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 15 Apr 2025 19:15:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3a:d6:61:7e:2f:6f:9d:4e:ab:a1:c9:e3:63:ab:0c:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 15 19:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3018626678936750a5bb43e57a5f799324aabd0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ab:62:1b:de:12:73:b3:5e:73:7a:44:04:3c:
b8:93:e7:38:18:62:a4:fc:91:07:97:6b:eb:52:b8:
25:05:24:f7:c6:08:6e:fc:4e:a8:ce:f5:d0:b5:cf:
93:00:91:f4:99:0d:97:89:a4:ab:6d:a2:7e:7c:00:
cb:6e:bd:93:4c:8c:da:f5:61:92:d1:74:88:0d:d1:
48:88:c7:6b:61:43:55:73:b7:b4:6b:05:2c:67:87:
80:af:16:61:e3:c4:33:1a:be:14:2a:af:6f:9b:72:
1e:2b:f6:5a:93:ba:65:fb:4a:d6:cf:18:7b:0e:f0:
89:0a:cf:2d:d2:d0:44:15:da:29:73:c5:33:06:ea:
88:92:6a:5e:0b:ab:a5:38:e3:e6:eb:78:12:08:70:
df:bd:65:94:82:46:dc:b0:15:eb:10:1d:73:ce:a0:
47:1a:a1:a8:bc:0a:b6:5b:62:a7:44:fe:5a:16:87:
89:02:ff:c7:48:c0:44:8b:01:ea:95:48:98:f5:17:
e7:7f:4d:45:0f:e7:59:e8:4a:b6:4a:75:d3:ae:e6:
12:8d:7d:82:b5:5e:33:0c:68:cc:55:0f:02:74:0e:
ec:cb:84:05:c2:0a:d1:d6:03:aa:3a:ec:fa:c2:c5:
22:dc:71:45:c0:ce:31:52:3a:55:39:7e:0a:74:f1:
6e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:18:62:66:78:93:67:50:A5:BB:43:E5:7A:5F:79:93:24:AA:BD:0F
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/MBhiZniTZ1Clu0Plel95kySqvQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:3ad6:52de/128
Signature Algorithm: sha256WithRSAEncryption
49:10:9c:ce:84:3b:90:c3:25:fb:ae:76:03:b0:a4:4d:40:97:
1f:85:43:e6:3c:9f:22:58:00:1c:97:e1:3f:06:a8:de:07:a4:
48:92:91:f2:4d:fc:ad:28:5f:ee:96:d7:72:25:40:08:7d:bb:
3d:b7:9c:70:b8:71:92:d9:a5:e7:1d:d9:0e:d4:ae:5a:36:42:
57:bb:f7:26:54:1f:5d:a2:5a:0a:bb:73:c5:d6:a3:d7:50:8f:
3f:b1:bc:f1:ab:d6:e0:dc:cf:e1:5a:07:ca:b9:aa:c5:b7:af:
d1:dd:94:53:92:d3:c7:ef:9f:08:32:43:b7:2f:5e:cb:fc:cd:
e5:3a:2c:24:ce:bb:6b:60:16:a6:3c:7e:eb:0a:a9:97:ff:eb:
33:6d:0b:83:34:eb:9d:79:9d:a8:61:9f:78:00:9a:6a:d1:a2:
b8:b3:83:0a:ef:a6:01:24:59:3d:38:87:51:a8:c9:a6:43:54:
b7:be:f0:9a:f5:a4:e8:07:43:c9:53:f3:40:2d:2b:93:50:5e:
b0:2e:22:7e:1a:43:1f:7f:a5:7d:43:92:37:a9:7a:91:26:0a:
6c:dc:26:e3:70:20:6f:17:b5:9e:43:b6:97:f8:a5:53:48:43:
ad:b2:49:5e:75:3c:00:91:ad:e0:6f:25:8d:56:1d:19:ce:18:
42:c8:64:38
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZY61mF+L2+dTquhyeNjqwzGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDE1MTkwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDE4NjI2Njc4OTM2NzUwYTViYjQzZTU3YTVmNzk5MzI0YWFiZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAratiG94Sc7Nec3pEBDy4k+c4GGKk
/JEHl2vrUrglBST3xghu/E6ozvXQtc+TAJH0mQ2XiaSrbaJ+fADLbr2TTIza9WGS
0XSIDdFIiMdrYUNVc7e0awUsZ4eArxZh48QzGr4UKq9vm3IeK/Zak7pl+0rWzxh7
DvCJCs8t0tBEFdopc8UzBuqIkmpeC6ulOOPm63gSCHDfvWWUgkbcsBXrEB1zzqBH
GqGovAq2W2KnRP5aFoeJAv/HSMBEiwHqlUiY9Rfnf01FD+dZ6Eq2SnXTruYSjX2C
tV4zDGjMVQ8CdA7sy4QFwgrR1gOqOuz6wsUi3HFFwM4xUjpVOX4KdPFuKwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDAYYmZ4k2dQpbtD5XpfeZMkqr0PMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvTUJoaVpuaVRaMUNsdTBQbGVsOTVreVNxdlE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWOtZS3jANBgkqhkiG9w0BAQsFAAOCAQEASRCczoQ7kMMl+652A7CkTUCX
H4VD5jyfIlgAHJfhPwao3gekSJKR8k38rShf7pbXciVACH27PbeccLhxktml5x3Z
DtSuWjZCV7v3JlQfXaJaCrtzxdaj11CPP7G88avW4NzP4VoHyrmqxbev0d2UU5LT
x++fCDJDty9ey/zN5TosJM67a2AWpjx+6wqpl//rM20LgzTrnXmdqGGfeACaatGi
uLODCu+mASRZPTiHUajJpkNUt77wmvWk6AdDyVPzQC0rk1BesC4ifhpDH3+lfUOS
N6l6kSYKbNwm43Agbxe1nkO2l/ilU0hDrbJJXnU8AJGt4G8ljVYdGc4YQshkOA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:58:59 2025 by rpki-client