Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Pd0U3AecrOY9OY7-ncLLKonf93g.roa
File: Pd0U3AecrOY9OY7-ncLLKonf93g.roa (raw, json)
Hash identifier: uBJ+9vH9uh7wtgvtCGgoRgc+INQ3TZEvRQEpg7ltSRU=
Subject key identifier: 3D:DD:14:DC:07:9C:AC:E6:3D:39:8E:FE:9D:C2:CB:2A:89:DF:F7:78
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196F2F8CE5D541EE93101FA1D8C6FD8FDDA
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Pd0U3AecrOY9OY7-ncLLKonf93g.roa
Signing time: Wed 21 May 2025 13:11:54 +0000
ROA not before: Wed 21 May 2025 13:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 21 May 2025 14:04:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f2:f8:ce:5d:54:1e:e9:31:01:fa:1d:8c:6f:d8:fd:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 21 13:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ddd14dc079cace63d398efe9dc2cb2a89dff778
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:22:a8:9a:bc:c1:03:65:fe:d1:50:92:2e:99:
e1:08:b9:e9:c4:b8:ff:7a:b2:a0:60:1f:52:8e:54:
ed:60:b0:52:69:17:b8:67:ff:74:a2:d9:4e:39:42:
71:8e:62:80:1a:be:7c:f2:ab:11:22:f6:3c:0e:70:
3f:4b:1a:5f:82:42:e2:2d:c6:ff:03:be:2b:3a:b4:
d0:8b:69:88:40:4b:22:c8:61:f9:e1:8e:37:88:c3:
5c:69:77:2d:e0:be:91:79:34:fb:cb:e2:c4:ae:f5:
a0:c0:9e:19:bb:49:2a:5e:d0:7a:23:00:3c:ff:89:
6a:e5:d7:3b:ca:45:e8:cc:be:88:a2:f6:a3:bf:67:
57:2a:ab:b3:39:96:a9:27:8e:b1:e0:e7:79:5e:89:
a3:69:ee:65:6c:e6:5d:47:74:e9:5d:bc:fa:e2:8a:
0d:ab:9a:2f:ca:35:52:2b:5c:0b:31:9b:4d:7a:04:
e2:d1:80:92:bc:c5:d0:98:60:9e:eb:ac:0d:a4:6f:
d8:64:53:19:31:2a:31:1c:01:a7:4e:9b:31:3e:c9:
13:6c:87:8a:20:2f:ba:6e:5c:7d:d5:93:ab:bb:d7:
c5:01:bb:d4:78:80:e6:38:3e:50:49:fa:a6:5e:ff:
40:06:4c:8b:f5:09:9e:ea:44:eb:35:58:25:c5:ac:
f2:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:DD:14:DC:07:9C:AC:E6:3D:39:8E:FE:9D:C2:CB:2A:89:DF:F7:78
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Pd0U3AecrOY9OY7-ncLLKonf93g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
c2:68:b1:ad:86:ef:1a:6e:85:bf:1b:ec:3d:af:0f:41:3c:53:
66:bf:78:c8:99:6a:7f:2b:6f:3f:11:0b:a4:bc:65:ea:a2:4f:
39:a7:cf:52:6f:b8:96:7a:e7:84:c2:85:3d:00:33:58:36:fb:
93:a7:4c:79:04:fe:c9:34:f6:71:cc:4a:40:f7:01:0a:f8:6a:
5d:c6:e2:ba:86:65:50:7b:71:2c:58:1a:81:13:6f:83:e7:6d:
3c:20:6d:10:42:5e:73:c7:f4:74:1f:4a:d9:d2:db:c7:08:6f:
23:9b:95:90:4c:04:22:00:cb:ed:e3:93:42:c8:a9:09:aa:bf:
ad:1c:d1:b6:58:15:ca:eb:9b:eb:96:ea:d9:5d:a9:74:63:dc:
b1:81:e9:c6:35:62:8c:37:40:9c:bd:24:7f:e1:05:33:bd:c8:
b3:9c:e4:1e:b8:51:48:c1:97:f9:e6:cd:d2:bd:0c:4a:fc:a2:
99:8e:42:40:d7:34:05:a4:1b:29:03:0d:9b:1e:10:16:d3:9d:
39:ba:84:7d:26:a5:55:56:f1:20:14:25:df:04:32:d4:d3:66:
ff:eb:84:57:f9:78:e1:86:10:ec:5b:07:d6:61:f8:33:b8:40:
d3:a4:ec:af:ca:72:98:4e:6d:8c:8c:4f:70:ab:9d:51:9b:df:
c5:b7:05:29
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZby+M5dVB7pMQH6HYxv2P3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIxMTMxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGRkMTRkYzA3OWNhY2U2M2QzOThlZmU5ZGMyY2IyYTg5ZGZmNzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiKomrzBA2X+0VCSLpnhCLnpxLj/
erKgYB9SjlTtYLBSaRe4Z/90otlOOUJxjmKAGr588qsRIvY8DnA/SxpfgkLiLcb/
A74rOrTQi2mIQEsiyGH54Y43iMNcaXct4L6ReTT7y+LErvWgwJ4Zu0kqXtB6IwA8
/4lq5dc7ykXozL6Iovajv2dXKquzOZapJ46x4Od5Xomjae5lbOZdR3TpXbz64ooN
q5ovyjVSK1wLMZtNegTi0YCSvMXQmGCe66wNpG/YZFMZMSoxHAGnTpsxPskTbIeK
IC+6blx91ZOru9fFAbvUeIDmOD5QSfqmXv9ABkyL9Qme6kTrNVglxazyHQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFD3dFNwHnKzmPTmO/p3CyyqJ3/d4MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvUGQwVTNBZWNyT1k5T1k3LW5jTExLb25mOTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAwmixrYbvGm6FvxvsPa8PQTxT
Zr94yJlqfytvPxELpLxl6qJPOafPUm+4lnrnhMKFPQAzWDb7k6dMeQT+yTT2ccxK
QPcBCvhqXcbiuoZlUHtxLFgagRNvg+dtPCBtEEJec8f0dB9K2dLbxwhvI5uVkEwE
IgDL7eOTQsipCaq/rRzRtlgVyuub65bq2V2pdGPcsYHpxjVijDdAnL0kf+EFM73I
s5zkHrhRSMGX+ebN0r0MSvyimY5CQNc0BaQbKQMNmx4QFtOdObqEfSalVVbxIBQl
3wQy1NNm/+uEV/l44YYQ7FsH1mH4M7hA06Tsr8pymE5tjIxPcKudUZvfxbcFKQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:25:06 2025 by rpki-client