Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/NelXlHEuoB0VU3mA6t-9TV_lr3c.roa
File: NelXlHEuoB0VU3mA6t-9TV_lr3c.roa (raw, json)
Hash identifier: 13hmAjjpB8Tcem6m867TxSRXw18PF9L5sE/QTooHa6Y=
Subject key identifier: 35:E9:57:94:71:2E:A0:1D:15:53:79:80:EA:DF:BD:4D:5F:E5:AF:77
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196FAB3456F5253755748F2926EA4113923
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/NelXlHEuoB0VU3mA6t-9TV_lr3c.roa
Signing time: Fri 23 May 2025 01:12:54 +0000
ROA not before: Fri 23 May 2025 01:12:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 23 May 2025 02:04:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fa:b3:45:6f:52:53:75:57:48:f2:92:6e:a4:11:39:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 23 01:12:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35e95794712ea01d15537980eadfbd4d5fe5af77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:2d:fd:af:2e:bf:fc:c7:cf:b6:bd:2e:10:21:
a8:03:19:92:62:b4:bd:cf:ff:79:61:38:b4:d1:a5:
4a:70:f2:25:37:6e:00:2e:75:3e:48:e9:11:3e:e2:
81:1d:b4:b4:92:2f:64:cb:13:91:a4:23:b7:2d:b2:
78:d6:c8:e5:29:83:fb:45:ba:3e:00:f3:ac:f4:06:
5d:f2:ed:68:4c:c8:3e:98:86:ee:cd:14:52:17:a9:
bd:03:07:66:a2:4a:7e:20:68:58:c4:ae:4d:b2:91:
31:87:85:8a:b8:d4:f4:9a:88:35:80:fa:8d:82:d9:
61:be:0a:14:72:4a:44:dd:81:0f:2f:c1:4c:c2:3f:
61:8e:d6:55:b3:eb:31:bf:8a:5c:d8:f9:b2:19:4d:
2b:a9:77:76:4c:a5:af:8f:e6:8f:d1:a6:cf:5a:66:
d0:61:75:5a:e7:da:96:9c:1d:6a:2a:00:5b:eb:a9:
f7:51:85:de:c2:32:86:bf:aa:8c:da:98:04:52:41:
74:fa:06:55:77:01:9f:fc:dc:2c:99:6b:57:41:46:
7a:4d:9d:a3:be:c1:c6:7a:32:56:a1:57:2b:aa:7c:
cd:00:48:b7:05:aa:1d:d2:2b:70:a1:98:bc:65:a9:
87:49:5c:b4:8d:25:51:d6:e6:d4:e1:b2:06:4c:24:
ad:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:E9:57:94:71:2E:A0:1D:15:53:79:80:EA:DF:BD:4D:5F:E5:AF:77
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/NelXlHEuoB0VU3mA6t-9TV_lr3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
5f:e6:ba:6b:f0:90:a3:15:7c:6c:62:eb:bf:52:b2:c3:d5:22:
82:97:3b:bb:9b:4f:d6:b4:9a:f6:3f:11:f3:60:2e:be:29:a6:
e9:a9:27:4e:5d:52:d9:29:8c:8c:11:9e:86:45:d1:75:de:fd:
f2:77:0c:6d:e3:fb:2f:56:ed:a1:4a:54:0f:57:7d:b6:77:67:
5a:01:b3:a5:ad:9b:33:2b:ad:78:ce:e1:95:53:6c:f9:8f:df:
f9:92:ff:39:ba:92:fa:6c:00:9d:22:16:41:ab:12:b3:45:78:
98:c5:29:52:cb:fc:68:41:be:15:9f:28:15:ba:27:81:92:b1:
9f:48:38:45:15:32:ee:00:14:d6:e8:0c:18:2a:21:9b:2a:57:
a1:3b:2e:9a:5e:d5:7b:55:05:42:84:ad:1f:23:1d:52:b0:85:
c7:3b:b1:99:7c:8d:b1:41:4b:f3:06:36:a2:c2:a2:be:a8:7f:
db:3a:1e:c1:f6:1d:23:49:fb:b8:13:40:27:ce:63:eb:78:f2:
29:c9:3b:3f:94:f1:b1:df:56:9f:f9:29:51:0b:49:a9:1d:6d:
b4:29:c5:c5:24:6e:ab:75:7d:32:c2:90:5b:da:a4:c7:16:13:
e1:07:82:a4:d1:a2:0a:50:1a:d9:19:4e:ea:11:8c:83:01:e0:
9c:2f:14:ca
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb6s0VvUlN1V0jykm6kETkjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIzMDExMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWU5NTc5NDcxMmVhMDFkMTU1Mzc5ODBlYWRmYmQ0ZDVmZTVhZjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5y39ry6//MfPtr0uECGoAxmSYrS9
z/95YTi00aVKcPIlN24ALnU+SOkRPuKBHbS0ki9kyxORpCO3LbJ41sjlKYP7Rbo+
APOs9AZd8u1oTMg+mIbuzRRSF6m9Awdmokp+IGhYxK5NspExh4WKuNT0mog1gPqN
gtlhvgoUckpE3YEPL8FMwj9hjtZVs+sxv4pc2PmyGU0rqXd2TKWvj+aP0abPWmbQ
YXVa59qWnB1qKgBb66n3UYXewjKGv6qM2pgEUkF0+gZVdwGf/NwsmWtXQUZ6TZ2j
vsHGejJWoVcrqnzNAEi3Baod0itwoZi8ZamHSVy0jSVR1ubU4bIGTCStewIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDXpV5RxLqAdFVN5gOrfvU1f5a93MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvTmVsWGxIRXVvQjBWVTNtQTZ0LTlUVl9scjNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAX+a6a/CQoxV8bGLrv1Kyw9Ui
gpc7u5tP1rSa9j8R82Auvimm6aknTl1S2SmMjBGehkXRdd798ncMbeP7L1btoUpU
D1d9tndnWgGzpa2bMyuteM7hlVNs+Y/f+ZL/ObqS+mwAnSIWQasSs0V4mMUpUsv8
aEG+FZ8oFbongZKxn0g4RRUy7gAU1ugMGCohmypXoTsuml7Ve1UFQoStHyMdUrCF
xzuxmXyNsUFL8wY2osKivqh/2zoewfYdI0n7uBNAJ85j63jyKck7P5Txsd9Wn/kp
UQtJqR1ttCnFxSRuq3V9MsKQW9qkxxYT4QeCpNGiClAa2RlO6hGMgwHgnC8Uyg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:23:04 2025 by rpki-client