Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/NTUPDxav-DBId9-iUjuXFIivQGE.roa
File: NTUPDxav-DBId9-iUjuXFIivQGE.roa (raw, json)
Hash identifier: 4tiRWmUg08Vjdpmt9loJTJ4sjd+pCM3Qc+4Q11QKRPA=
Subject key identifier: 35:35:0F:0F:16:AF:F8:30:48:77:DF:A2:52:3B:97:14:88:AF:40:61
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01972FE2FDF99B84AEBE9CBF26817A3FDE30
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/NTUPDxav-DBId9-iUjuXFIivQGE.roa
Signing time: Mon 02 Jun 2025 09:04:54 +0000
ROA not before: Mon 02 Jun 2025 09:04:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:2fe2:45ae/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 02 Jun 2025 09:13:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2f:e2:fd:f9:9b:84:ae:be:9c:bf:26:81:7a:3f:de:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 2 09:04:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35350f0f16aff8304877dfa2523b971488af4061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:01:6d:ff:bf:59:26:ee:3a:82:24:20:7f:5f:
f7:34:e3:c7:7d:61:ee:c9:58:b3:5d:0c:2b:1c:c2:
a0:46:76:61:5b:8b:0c:af:6a:e5:59:62:0e:2e:54:
7d:39:10:83:8e:df:23:af:34:3c:16:69:7b:ca:f1:
e8:08:a2:87:bb:e9:c8:bb:46:f7:4b:ad:ac:aa:35:
19:01:0c:25:51:05:60:ae:f7:54:80:a0:62:3e:2a:
94:e9:a8:a5:d4:e2:eb:37:47:b6:d4:be:1e:1d:fc:
40:c0:8c:5f:bb:ea:f7:75:b3:5b:82:d0:bd:49:af:
80:f7:bc:a1:87:e3:f1:7d:e2:20:af:58:b4:20:d4:
c3:02:e4:07:02:04:14:6d:76:3d:d6:01:cd:b5:02:
1e:f3:5a:19:61:dc:d5:03:c2:7e:1c:59:41:14:3e:
aa:88:b7:3a:cf:d4:98:7d:5a:13:4a:01:e4:86:60:
64:1f:fc:bf:01:cc:d1:b0:dc:d8:a3:d2:03:c8:d0:
ee:6d:c1:83:66:0e:fc:6d:3c:93:9c:95:6e:5a:34:
b7:96:b3:72:a8:84:f5:9e:6e:c4:22:8b:d1:9e:ce:
32:7d:45:82:7d:2d:26:9f:87:c1:b5:29:c7:1f:20:
f4:8d:c4:97:83:38:ef:30:dc:df:b8:bf:51:83:f9:
24:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:35:0F:0F:16:AF:F8:30:48:77:DF:A2:52:3B:97:14:88:AF:40:61
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/NTUPDxav-DBId9-iUjuXFIivQGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:2fe2:45ae/128
Signature Algorithm: sha256WithRSAEncryption
34:b6:aa:82:0b:86:f1:d3:33:28:ee:5b:a2:68:d2:0a:89:19:
30:53:9f:67:6f:bd:ac:2f:a5:e2:18:df:6b:55:02:57:83:19:
8d:21:e2:5f:6a:9d:cc:5d:ec:1a:01:eb:48:80:3c:53:76:0e:
ea:34:ed:a4:50:4c:dc:17:03:be:0a:bf:1d:d7:bc:c9:48:c8:
1b:c4:c7:a0:ff:b4:85:66:9b:a3:e8:1e:e1:cf:b6:92:1d:2e:
1b:3e:64:1d:5a:ec:51:f9:63:c7:4c:a9:bc:e5:c1:74:60:de:
63:8e:3c:f2:40:60:0f:cc:c5:1c:cc:f4:58:c5:27:8e:4f:ef:
df:1d:76:91:28:e8:9f:36:8a:48:10:0d:60:6b:a2:2e:e0:b8:
d9:1d:42:26:4b:a2:50:06:03:b9:5a:c9:b7:dd:12:20:8c:50:
20:ce:d9:bc:85:d9:b8:f9:00:78:85:5a:7c:7c:00:22:a4:97:
c2:68:b6:82:49:27:a4:94:06:e5:d0:c2:3e:59:f9:0b:47:a9:
a2:e2:ec:f8:c7:ae:58:6d:d6:87:5f:08:ba:67:3b:55:fe:ae:
4c:f9:d4:f4:bd:27:f2:f2:0f:a8:d7:67:88:d8:21:85:82:29:
a0:ec:dd:e7:b7:0c:ac:ea:92:c2:a8:36:62:6d:85:e9:1d:a6:
34:a0:1c:a6
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZcv4v35m4Suvpy/JoF6P94wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAyMDkwNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTM1MGYwZjE2YWZmODMwNDg3N2RmYTI1MjNiOTcxNDg4YWY0MDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowFt/79ZJu46giQgf1/3NOPHfWHu
yVizXQwrHMKgRnZhW4sMr2rlWWIOLlR9ORCDjt8jrzQ8Fml7yvHoCKKHu+nIu0b3
S62sqjUZAQwlUQVgrvdUgKBiPiqU6ail1OLrN0e21L4eHfxAwIxfu+r3dbNbgtC9
Sa+A97yhh+PxfeIgr1i0INTDAuQHAgQUbXY91gHNtQIe81oZYdzVA8J+HFlBFD6q
iLc6z9SYfVoTSgHkhmBkH/y/AczRsNzYo9IDyNDubcGDZg78bTyTnJVuWjS3lrNy
qIT1nm7EIovRns4yfUWCfS0mn4fBtSnHHyD0jcSXgzjvMNzfuL9Rg/kkxQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFDU1Dw8Wr/gwSHffolI7lxSIr0BhMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvTlRVUER4YXYtREJJZDktaVVqdVhGSWl2UUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXL+JFrjANBgkqhkiG9w0BAQsFAAOCAQEANLaqgguG8dMz
KO5bomjSCokZMFOfZ2+9rC+l4hjfa1UCV4MZjSHiX2qdzF3sGgHrSIA8U3YO6jTt
pFBM3BcDvgq/Hde8yUjIG8THoP+0hWabo+ge4c+2kh0uGz5kHVrsUfljx0ypvOXB
dGDeY4488kBgD8zFHMz0WMUnjk/v3x12kSjonzaKSBANYGuiLuC42R1CJkuiUAYD
uVrJt90SIIxQIM7ZvIXZuPkAeIVafHwAIqSXwmi2gkknpJQG5dDCPln5C0epouLs
+MeuWG3Wh18Iumc7Vf6uTPnU9L0n8vIPqNdniNghhYIpoOzd57cMrOqSwqg2Ym2F
6R2mNKAcpg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:57:20 2025 by rpki-client