Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/OZUKtJPKIMQ6GXLXpk65pbxPGow.roa
File: OZUKtJPKIMQ6GXLXpk65pbxPGow.roa (raw, json)
Hash identifier: Bz23IglLACKro+igACC81T0FpBBSIa2UwRpRoWy25iI=
Subject key identifier: 39:95:0A:B4:93:CA:20:C4:3A:19:72:D7:A6:4E:B9:A5:BC:4F:1A:8C
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01971360690CEEF6F08FDA68DB208622E9E8
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/OZUKtJPKIMQ6GXLXpk65pbxPGow.roa
Signing time: Tue 27 May 2025 20:12:54 +0000
ROA not before: Tue 27 May 2025 20:12:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 27 May 2025 21:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:13:60:69:0c:ee:f6:f0:8f:da:68:db:20:86:22:e9:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 27 20:12:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39950ab493ca20c43a1972d7a64eb9a5bc4f1a8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a3:43:33:f4:38:c7:a5:4a:7b:38:2b:86:4e:
87:f5:fe:4f:f7:22:09:ac:bb:70:4c:91:e2:c5:1f:
08:1f:90:ef:3d:ef:71:b7:d5:17:b7:b3:cf:fc:ae:
c4:28:93:e7:3d:b6:28:25:93:9f:a0:28:32:b3:ce:
c3:4a:32:6e:cc:ac:0e:93:7b:45:d7:41:36:17:0c:
fa:b5:77:60:7b:8e:e7:ab:e2:d6:89:18:f2:4e:68:
48:37:d9:41:5e:b4:fd:0b:4c:0b:27:c1:d9:0b:b0:
e6:a2:68:cc:b4:10:2d:2f:a8:b6:79:7f:b8:b2:8f:
19:16:02:43:d9:1d:10:38:b2:fc:14:58:62:a5:d7:
aa:3f:db:55:46:7a:f2:55:8b:03:be:b9:05:79:72:
64:51:73:b1:4a:96:a7:91:c5:ef:70:3a:d4:5c:1e:
8c:16:32:07:f3:bb:3a:da:55:75:b3:c4:3b:6b:eb:
67:7e:5f:f7:b3:3b:9e:31:06:5f:f7:26:f0:4f:c7:
32:f4:97:89:8e:cd:d5:6e:aa:dd:13:52:c0:69:55:
0a:37:e8:43:44:e8:44:c9:6e:7b:c8:95:b0:4b:a0:
ff:ac:e6:3a:b3:2b:0b:93:e1:24:65:52:6f:2b:93:
13:46:63:29:6e:aa:8a:4b:bc:bf:7b:60:e4:4a:14:
a2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:95:0A:B4:93:CA:20:C4:3A:19:72:D7:A6:4E:B9:A5:BC:4F:1A:8C
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/OZUKtJPKIMQ6GXLXpk65pbxPGow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
Signature Algorithm: sha256WithRSAEncryption
b6:13:29:00:76:b3:a2:19:31:a7:c9:e3:ee:0e:bd:8a:52:35:
f8:3d:0d:43:1c:82:15:ae:83:11:6f:9b:b6:e0:87:25:cc:05:
f3:f9:8a:98:75:a5:7b:a5:c0:e5:98:ed:24:50:ff:d3:f3:0a:
7f:46:21:69:7b:93:78:74:6b:5a:cc:21:74:41:83:c2:bf:e8:
b4:b6:58:ee:6b:7f:ec:6d:da:c4:c4:09:ab:a6:6a:f4:42:6e:
8e:4d:f6:b9:ef:2a:97:f0:0d:9e:87:e6:9e:41:8d:46:2f:64:
8f:be:3f:aa:1c:e1:a6:09:e5:7b:e4:50:a1:13:9f:91:ce:7a:
6f:45:42:29:26:e4:01:f9:ff:6f:2c:7b:79:fd:82:29:e3:d9:
16:5e:04:c4:49:78:97:20:72:23:cf:51:5b:ed:df:37:ce:ab:
47:fd:34:44:97:c6:13:7d:69:04:fd:96:9b:3f:88:ea:d9:16:
c9:00:10:6e:7d:b9:e8:dc:c5:75:04:2f:39:ae:23:91:ee:48:
79:97:65:48:ac:7c:bf:af:8c:8a:98:60:a4:f8:df:72:71:30:
e3:03:5a:3d:4c:6b:82:81:8e:a3:af:d2:ba:71:cf:ed:2a:52:
d8:ea:93:63:1d:23:21:2a:e6:d6:08:6d:ca:16:92:22:c4:fd:
92:68:42:3f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZcTYGkM7vbwj9po2yCGIunoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI3MjAxMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTk1MGFiNDkzY2EyMGM0M2ExOTcyZDdhNjRlYjlhNWJjNGYxYThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6NDM/Q4x6VKezgrhk6H9f5P9yIJ
rLtwTJHixR8IH5DvPe9xt9UXt7PP/K7EKJPnPbYoJZOfoCgys87DSjJuzKwOk3tF
10E2Fwz6tXdge47nq+LWiRjyTmhIN9lBXrT9C0wLJ8HZC7DmomjMtBAtL6i2eX+4
so8ZFgJD2R0QOLL8FFhipdeqP9tVRnryVYsDvrkFeXJkUXOxSpankcXvcDrUXB6M
FjIH87s62lV1s8Q7a+tnfl/3szueMQZf9ybwT8cy9JeJjs3VbqrdE1LAaVUKN+hD
ROhEyW57yJWwS6D/rOY6sysLk+EkZVJvK5MTRmMpbqqKS7y/e2DkShSiLwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDmVCrSTyiDEOhly16ZOuaW8TxqMMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvT1pVS3RKUEtJTVE2R1hMWHBrNjVwYnhQR293LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4wDQYJKoZIhvcNAQELBQADggEB
ALYTKQB2s6IZMafJ4+4OvYpSNfg9DUMcghWugxFvm7bghyXMBfP5iph1pXulwOWY
7SRQ/9PzCn9GIWl7k3h0a1rMIXRBg8K/6LS2WO5rf+xt2sTECaumavRCbo5N9rnv
KpfwDZ6H5p5BjUYvZI++P6oc4aYJ5XvkUKETn5HOem9FQikm5AH5/28se3n9ginj
2RZeBMRJeJcgciPPUVvt3zfOq0f9NESXxhN9aQT9lps/iOrZFskAEG59uejcxXUE
LzmuI5HuSHmXZUisfL+vjIqYYKT433JxMOMDWj1Ma4KBjqOv0rpxz+0qUtjqk2Md
IyEq5tYIbcoWkiLE/ZJoQj8=
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:34:59 2025 by rpki-client