Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Nte0WSTtnD-8F7bd8ivKKXUbjxQ.roa
File: Nte0WSTtnD-8F7bd8ivKKXUbjxQ.roa (raw, json)
Hash identifier: FfLS/CIXsQmpbJNlnS7LcIEATgpP/4xBcSFACrf23co=
Subject key identifier: 36:D7:B4:59:24:ED:9C:3F:BC:17:B6:DD:F2:2B:CA:29:75:1B:8F:14
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196FAEC08A2F2387DFB4AB9A98151243841
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Nte0WSTtnD-8F7bd8ivKKXUbjxQ.roa
Signing time: Fri 23 May 2025 02:14:54 +0000
ROA not before: Fri 23 May 2025 02:14:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 23 May 2025 03:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fa:ec:08:a2:f2:38:7d:fb:4a:b9:a9:81:51:24:38:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 23 02:14:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36d7b45924ed9c3fbc17b6ddf22bca29751b8f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:63:dc:91:06:55:f5:77:8e:4e:4a:5d:7a:1c:
e3:95:25:b5:c6:ae:5c:11:b9:9a:10:30:79:6e:a0:
eb:2e:72:34:b4:c9:79:10:8e:9b:45:3c:de:54:06:
f8:0f:2c:94:98:7d:5e:62:a1:9b:40:d0:f4:b4:a6:
05:3d:e4:45:39:b4:b0:db:31:07:a9:32:b3:5e:94:
c9:45:1d:16:b4:70:ed:f4:b7:16:65:39:d4:ed:4d:
6c:e6:03:fe:17:59:67:99:c4:71:02:06:d1:fa:69:
e4:09:32:be:7a:01:9b:c5:b9:95:b4:a5:9f:cc:e0:
16:0f:5c:61:5e:fa:9e:88:ca:72:d9:08:0c:3b:30:
c8:dc:98:63:81:e3:1e:c8:3e:2f:28:d7:5d:6e:99:
31:ad:0c:5a:25:fe:4f:7a:f7:6a:f3:4e:25:d2:94:
57:48:a4:d1:5a:91:43:bd:5d:34:2e:38:04:7e:d4:
48:24:f5:dd:86:b3:36:70:67:42:e8:69:c2:71:41:
7b:54:59:a4:30:93:93:2a:95:c3:b5:74:1c:d2:b7:
7c:fe:3d:ca:c6:de:d6:f6:9e:ad:03:8f:a6:09:23:
3f:93:f1:ca:6b:c5:22:82:28:fd:b0:73:e5:07:13:
d1:77:1f:6b:3c:3c:52:ed:48:02:7f:20:54:5e:0b:
7a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D7:B4:59:24:ED:9C:3F:BC:17:B6:DD:F2:2B:CA:29:75:1B:8F:14
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Nte0WSTtnD-8F7bd8ivKKXUbjxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
73:13:56:dc:af:fb:0c:94:08:00:ab:12:a6:d2:84:b1:0b:db:
94:32:f8:53:03:79:a9:41:a9:e2:6e:2f:7b:61:48:4c:e3:ec:
24:9d:fe:1e:69:7b:3b:cf:d3:66:40:ae:f2:d3:ad:0a:5d:0f:
90:0b:da:c3:e0:8a:40:f6:1f:b6:ed:d3:15:d7:9f:2d:70:f5:
ba:70:b4:0f:c1:e7:4f:da:90:e0:f9:99:be:cd:4a:2a:0e:39:
c2:5f:12:eb:ca:7e:af:4c:01:99:b9:35:f0:bf:0c:bf:cd:bf:
71:44:70:3b:01:d2:97:37:aa:72:6c:23:5d:90:9c:ae:f5:70:
ff:60:21:f9:e1:de:65:2c:e8:bc:8b:aa:5b:46:86:5a:9a:eb:
3c:65:0f:ff:a9:4c:19:16:d1:fd:1c:6c:05:b9:4b:41:7c:9c:
ec:a8:9d:f3:35:be:d8:e1:c1:d0:2b:55:06:24:d6:ef:0c:20:
71:6e:b5:ef:76:0e:93:b0:ea:ee:c1:fb:5e:52:2e:3a:26:66:
57:13:04:31:c2:54:b2:ed:cb:61:0e:79:9a:a9:2c:70:f1:bf:
2d:0d:e9:2f:8c:e0:73:0f:43:21:db:ef:c0:b2:68:81:01:10:
3e:a9:6b:87:e6:9e:13:de:4e:ba:6f:46:29:1f:62:ba:9f:cb:
a2:b7:a5:f4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb67Aii8jh9+0q5qYFRJDhBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIzMDIxNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQ3YjQ1OTI0ZWQ5YzNmYmMxN2I2ZGRmMjJiY2EyOTc1MWI4ZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGPckQZV9XeOTkpdehzjlSW1xq5c
EbmaEDB5bqDrLnI0tMl5EI6bRTzeVAb4DyyUmH1eYqGbQND0tKYFPeRFObSw2zEH
qTKzXpTJRR0WtHDt9LcWZTnU7U1s5gP+F1lnmcRxAgbR+mnkCTK+egGbxbmVtKWf
zOAWD1xhXvqeiMpy2QgMOzDI3JhjgeMeyD4vKNddbpkxrQxaJf5Pevdq804l0pRX
SKTRWpFDvV00LjgEftRIJPXdhrM2cGdC6GnCcUF7VFmkMJOTKpXDtXQc0rd8/j3K
xt7W9p6tA4+mCSM/k/HKa8Uigij9sHPlBxPRdx9rPDxS7UgCfyBUXgt6wQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDbXtFkk7Zw/vBe23fIryil1G48UMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvTnRlMFdTVHRuRC04RjdiZDhpdktLWFVianhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAcxNW3K/7DJQIAKsSptKEsQvb
lDL4UwN5qUGp4m4ve2FITOPsJJ3+Hml7O8/TZkCu8tOtCl0PkAvaw+CKQPYftu3T
FdefLXD1unC0D8HnT9qQ4PmZvs1KKg45wl8S68p+r0wBmbk18L8Mv82/cURwOwHS
lzeqcmwjXZCcrvVw/2Ah+eHeZSzovIuqW0aGWprrPGUP/6lMGRbR/RxsBblLQXyc
7Kid8zW+2OHB0CtVBiTW7wwgcW6173YOk7Dq7sH7XlIuOiZmVxMEMcJUsu3LYQ55
mqkscPG/LQ3pL4zgcw9DIdvvwLJogQEQPqlrh+aeE95Oum9GKR9iup/Lorel9A==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:58:59 2025 by rpki-client