Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Rnw2CqNO8IO_Pfs3CE72JuXq3Bc.roa
File: Rnw2CqNO8IO_Pfs3CE72JuXq3Bc.roa (raw, json)
Hash identifier: YnvOfVuXO2Y6JDqjqPXNUo/v/Hc2KSHPV2Gyb29nED0=
Subject key identifier: 46:7C:36:0A:A3:4E:F0:83:BF:3D:FB:37:08:4E:F6:26:E5:EA:DC:17
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01973C93A3268C87A81E69B7B1C991B9FF17
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Rnw2CqNO8IO_Pfs3CE72JuXq3Bc.roa
Signing time: Wed 04 Jun 2025 20:13:17 +0000
ROA not before: Wed 04 Jun 2025 20:13:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 04 Jun 2025 21:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3c:93:a3:26:8c:87:a8:1e:69:b7:b1:c9:91:b9:ff:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 4 20:13:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=467c360aa34ef083bf3dfb37084ef626e5eadc17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:30:91:0f:2f:1f:7b:06:2a:10:4c:4e:05:23:
dd:95:78:98:9b:16:a0:0b:cb:4e:93:52:81:d1:58:
db:ca:6c:dd:9e:c7:76:b4:03:b0:ed:77:95:ae:b0:
0a:be:6b:09:05:cb:ac:23:db:bf:16:79:b5:6c:72:
cc:05:98:ed:7d:e4:23:0d:5e:ff:ec:86:59:23:f9:
a8:d7:86:2a:88:84:3b:06:99:40:0d:27:d4:9a:b4:
03:5f:c7:69:3c:1e:4e:ef:ae:85:68:d9:a1:de:5a:
37:c9:92:b7:d3:ac:6a:66:cc:fd:71:4f:8e:1d:0b:
6b:f1:fa:5e:59:22:8b:41:15:b8:77:c0:90:81:26:
06:c5:a6:05:e9:33:7e:18:e1:50:6d:c5:3d:4f:88:
85:0a:67:13:98:51:62:ca:d6:3c:f8:70:47:8c:9d:
10:c3:86:55:6a:71:a3:51:9f:f2:81:b4:4c:3b:db:
83:ff:85:19:de:ea:7f:8d:61:da:40:53:c9:57:17:
bc:52:45:18:22:e8:7d:74:4c:f6:60:c7:c7:c8:bc:
2c:da:a0:03:16:d8:b9:37:92:1b:ef:3c:6b:38:8e:
ab:5b:f0:87:eb:b7:65:ae:d6:ad:2a:36:7a:bd:1e:
a9:3a:c9:29:68:90:6d:7b:5e:1f:cc:23:e2:1c:a5:
90:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:7C:36:0A:A3:4E:F0:83:BF:3D:FB:37:08:4E:F6:26:E5:EA:DC:17
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Rnw2CqNO8IO_Pfs3CE72JuXq3Bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
4b:a2:ef:48:f9:48:99:aa:04:67:91:53:95:72:ce:c8:55:6c:
da:cb:31:fa:4b:14:72:1a:5f:14:f9:8e:2b:7e:28:99:8f:d3:
dc:31:a4:53:75:d0:44:56:e1:54:84:d7:64:cd:c3:c9:e4:cd:
65:f3:cf:63:50:48:12:84:26:7f:73:43:0f:4a:61:db:e4:81:
94:00:e3:3b:7b:9f:61:a7:1f:6d:cf:83:45:af:2b:7c:80:5c:
98:55:0d:a2:76:83:f1:c1:f4:9b:29:d5:b7:e2:24:c2:06:7e:
ee:7e:ef:90:06:1e:f9:0e:1d:cb:09:b0:33:51:96:bf:45:d3:
9a:bd:f3:89:36:02:00:c0:4f:16:1c:8f:d2:26:9b:78:5b:bb:
e5:d8:98:73:19:cf:c4:be:ec:f4:9b:89:25:00:ff:7f:05:85:
21:c8:b6:86:82:a9:2a:85:48:58:f2:94:78:bf:76:e6:fb:86:
26:c0:9e:b5:3f:e9:18:4f:a8:1a:4e:38:37:cb:4d:2c:69:4c:
7e:72:e9:80:a9:a8:06:22:00:00:bb:04:8a:46:57:89:73:2c:
89:ba:7a:95:4b:90:4f:ce:3e:b6:d6:da:f6:86:84:d2:48:6f:
04:dc:01:94:25:39:a7:fb:db:79:64:46:26:0f:75:18:46:4a:
54:99:be:50
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc8k6MmjIeoHmm3scmRuf8XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA0MjAxMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjdjMzYwYWEzNGVmMDgzYmYzZGZiMzcwODRlZjYyNmU1ZWFkYzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TCRDy8fewYqEExOBSPdlXiYmxag
C8tOk1KB0Vjbymzdnsd2tAOw7XeVrrAKvmsJBcusI9u/Fnm1bHLMBZjtfeQjDV7/
7IZZI/mo14YqiIQ7BplADSfUmrQDX8dpPB5O766FaNmh3lo3yZK306xqZsz9cU+O
HQtr8fpeWSKLQRW4d8CQgSYGxaYF6TN+GOFQbcU9T4iFCmcTmFFiytY8+HBHjJ0Q
w4ZVanGjUZ/ygbRMO9uD/4UZ3up/jWHaQFPJVxe8UkUYIuh9dEz2YMfHyLws2qAD
Fti5N5Ib7zxrOI6rW/CH67dlrtatKjZ6vR6pOskpaJBte14fzCPiHKWQPwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFEZ8NgqjTvCDvz37NwhO9ibl6twXMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvUm53MkNxTk84SU9fUGZzM0NFNzJKdVhxM0JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAS6LvSPlImaoE
Z5FTlXLOyFVs2ssx+ksUchpfFPmOK34omY/T3DGkU3XQRFbhVITXZM3DyeTNZfPP
Y1BIEoQmf3NDD0ph2+SBlADjO3ufYacfbc+DRa8rfIBcmFUNonaD8cH0mynVt+Ik
wgZ+7n7vkAYe+Q4dywmwM1GWv0XTmr3ziTYCAMBPFhyP0iabeFu75diYcxnPxL7s
9JuJJQD/fwWFIci2hoKpKoVIWPKUeL925vuGJsCetT/pGE+oGk44N8tNLGlMfnLp
gKmoBiIAALsEikZXiXMsibp6lUuQT84+ttba9oaE0khvBNwBlCU5p/vbeWRGJg91
GEZKVJm+UA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:06:47 2025 by rpki-client