Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/RpfG09zvzaAth6iik9d3fA2vP9c.roa
File: RpfG09zvzaAth6iik9d3fA2vP9c.roa (raw, json)
Hash identifier: SRGg5tksQHqOs4H/0z304xYq/C5/nBh0ugAQ+94bxcQ=
Subject key identifier: 46:97:C6:D3:DC:EF:CD:A0:2D:87:A8:A2:93:D7:77:7C:0D:AF:3F:D7
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01970C846DD35504F1F12D8E888D42142B8A
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/RpfG09zvzaAth6iik9d3fA2vP9c.roa
Signing time: Mon 26 May 2025 12:14:54 +0000
ROA not before: Mon 26 May 2025 12:14:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 26 May 2025 13:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0c:84:6d:d3:55:04:f1:f1:2d:8e:88:8d:42:14:2b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 26 12:14:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4697c6d3dcefcda02d87a8a293d7777c0daf3fd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:81:35:b2:a3:0e:1d:0d:af:61:f8:d0:90:b0:
07:b3:37:68:9c:62:a6:31:52:54:11:9a:82:a2:72:
d6:23:80:40:ce:16:d9:56:fb:91:26:71:69:73:7f:
d7:d7:e7:b6:40:06:24:4d:5f:1b:58:4e:d2:d4:71:
40:8c:80:12:14:c3:dc:02:99:66:ba:92:d7:4a:67:
c6:b1:00:cf:98:96:11:ec:8c:7d:6f:4d:40:8d:21:
27:2e:8a:13:51:f5:7a:16:5c:5d:ec:2b:00:ce:2e:
9b:8e:b9:09:9b:bb:a9:91:06:28:ba:f6:d8:b7:f8:
5a:c5:38:47:5a:77:05:a3:e6:67:4d:d8:d6:30:d4:
11:b3:00:ba:a6:80:1c:d8:27:84:e5:64:38:f2:0b:
f5:da:36:fc:de:0c:a2:09:00:c8:fc:36:3c:15:ac:
c8:53:d8:df:3f:4a:cd:00:3c:91:42:e3:0b:53:7f:
67:4d:b0:c9:4b:c6:d7:ca:31:a5:6c:72:73:7a:2e:
17:6c:95:b8:30:a8:de:41:aa:28:b7:53:6b:4a:97:
79:91:38:64:69:ae:cc:8c:fa:3b:71:25:54:c7:bb:
5e:44:fd:57:32:68:c6:64:92:be:2c:b7:85:fa:4e:
fd:0d:20:5a:70:0b:af:52:c7:1a:21:c1:af:54:ad:
88:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:97:C6:D3:DC:EF:CD:A0:2D:87:A8:A2:93:D7:77:7C:0D:AF:3F:D7
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/RpfG09zvzaAth6iik9d3fA2vP9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
b8:06:af:13:d6:0d:6c:7e:ff:82:c9:a8:5b:d3:32:80:25:7f:
cb:4e:a5:01:d5:dc:7f:60:36:4a:68:e5:a6:d5:e3:83:d7:56:
3a:6d:6e:b1:a6:56:57:97:ec:cb:59:0f:88:8b:60:66:2d:21:
d4:a6:cb:d7:eb:3f:6c:c7:8f:21:5a:76:3f:b9:7b:fb:2b:d1:
27:3c:5e:6d:3e:ef:f3:dc:23:43:1a:ff:f9:95:42:7e:85:90:
61:59:44:59:54:6b:69:41:cc:97:0f:c5:ce:d4:a2:25:94:5b:
e3:c3:8e:3d:c3:df:5f:3c:52:cb:76:1f:c6:5b:7f:15:5e:1b:
4a:45:70:e7:f6:2c:2d:ca:29:62:3a:bb:06:d7:16:c8:d5:15:
80:98:80:c1:9e:a3:bc:71:d2:33:4b:0b:05:6d:b8:52:f6:14:
ff:80:c1:e1:61:ac:d5:9e:3b:39:df:1c:78:b7:db:f5:c7:f1:
89:95:67:4c:2b:6f:10:f6:3f:e8:e8:c8:9f:f1:bf:e1:1a:20:
75:81:4a:f5:34:73:0c:db:77:f6:a6:cf:cf:b3:46:e3:7c:41:
d3:f6:15:8c:ee:ce:25:a2:aa:91:5f:21:29:cc:84:a6:95:58:
25:4f:48:d2:49:db:9f:76:98:f5:a8:69:de:18:ae:2b:d2:5f:
11:4c:b1:38
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZcMhG3TVQTx8S2OiI1CFCuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI2MTIxNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njk3YzZkM2RjZWZjZGEwMmQ4N2E4YTI5M2Q3Nzc3YzBkYWYzZmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIE1sqMOHQ2vYfjQkLAHszdonGKm
MVJUEZqConLWI4BAzhbZVvuRJnFpc3/X1+e2QAYkTV8bWE7S1HFAjIASFMPcAplm
upLXSmfGsQDPmJYR7Ix9b01AjSEnLooTUfV6Flxd7CsAzi6bjrkJm7upkQYouvbY
t/haxThHWncFo+ZnTdjWMNQRswC6poAc2CeE5WQ48gv12jb83gyiCQDI/DY8FazI
U9jfP0rNADyRQuMLU39nTbDJS8bXyjGlbHJzei4XbJW4MKjeQaoot1NrSpd5kThk
aa7MjPo7cSVUx7teRP1XMmjGZJK+LLeF+k79DSBacAuvUscaIcGvVK2I5wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEaXxtPc782gLYeoopPXd3wNrz/XMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvUnBmRzA5enZ6YUF0aDZpaWs5ZDNmQTJ2UDljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAuAavE9YNbH7/gsmoW9MygCV/
y06lAdXcf2A2SmjlptXjg9dWOm1usaZWV5fsy1kPiItgZi0h1KbL1+s/bMePIVp2
P7l7+yvRJzxebT7v89wjQxr/+ZVCfoWQYVlEWVRraUHMlw/FztSiJZRb48OOPcPf
XzxSy3Yfxlt/FV4bSkVw5/YsLcopYjq7BtcWyNUVgJiAwZ6jvHHSM0sLBW24UvYU
/4DB4WGs1Z47Od8ceLfb9cfxiZVnTCtvEPY/6OjIn/G/4RogdYFK9TRzDNt39qbP
z7NG43xB0/YVjO7OJaKqkV8hKcyEppVYJU9I0knbn3aY9ahp3hiuK9JfEUyxOA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:13:13 2025 by rpki-client