Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/SH39UQm6MI0CbxRbtiNKDxqpB3I.roa
File: SH39UQm6MI0CbxRbtiNKDxqpB3I.roa (raw, json)
Hash identifier: dKex76QXWQEpSfLVsESecS+n82xBMPm/Ka+V+t0vr58=
Subject key identifier: 48:7D:FD:51:09:BA:30:8D:02:6F:14:5B:B6:23:4A:0F:1A:A9:07:72
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01972F46709158FA122963E88260D2607860
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/SH39UQm6MI0CbxRbtiNKDxqpB3I.roa
Signing time: Mon 02 Jun 2025 06:13:54 +0000
ROA not before: Mon 02 Jun 2025 06:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 02 Jun 2025 07:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2f:46:70:91:58:fa:12:29:63:e8:82:60:d2:60:78:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 2 06:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=487dfd5109ba308d026f145bb6234a0f1aa90772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:54:1f:32:55:7c:88:c2:89:f3:a3:8f:92:48:
ac:c2:47:f5:7c:2f:15:f4:ff:b0:cd:05:01:2c:4d:
97:71:35:3a:30:3c:7a:f7:44:ed:45:0e:6d:5e:be:
c7:fb:72:74:d7:72:63:78:fd:82:bc:c5:30:22:6e:
51:66:64:43:ab:5e:66:8a:a3:d6:52:1c:ae:01:24:
fd:9f:09:59:d6:e8:93:49:25:d8:ca:ea:b7:82:53:
9f:5c:f2:4c:21:5f:e1:9d:bf:25:52:b3:87:e0:e0:
83:29:cd:4b:cc:92:57:61:74:5f:26:5e:62:6a:62:
8f:70:48:3c:f9:ba:0f:55:6d:a7:ed:10:5b:ef:46:
3f:03:80:78:9b:e6:45:7f:8a:64:80:ea:5f:70:23:
9e:db:03:98:2f:c9:81:8a:c7:21:b9:e7:fc:2f:f3:
c3:d7:6e:f1:5a:3b:7b:96:dd:72:c4:80:85:0a:f7:
07:11:4e:7f:e6:ee:9f:fc:ca:0c:82:7e:7b:b1:0e:
ed:e6:0f:26:17:89:7c:1b:d9:f1:fb:36:14:0d:d0:
cc:d6:be:e9:d8:ae:d9:da:03:94:0d:95:61:c8:be:
f5:f6:7f:2a:69:a7:25:8b:ff:d4:1a:30:35:b2:d8:
6b:52:b8:9a:d9:43:2d:d5:7a:bd:ab:9f:b5:52:6c:
2f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:7D:FD:51:09:BA:30:8D:02:6F:14:5B:B6:23:4A:0F:1A:A9:07:72
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/SH39UQm6MI0CbxRbtiNKDxqpB3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
bb:96:fc:f1:79:9b:54:6b:41:5b:f3:04:00:e9:bf:f6:40:7d:
c1:8b:ee:5d:21:53:2c:c8:86:4a:d1:7b:0b:03:20:67:cd:0e:
57:f4:dc:fa:46:51:ca:13:2a:d2:d8:63:ca:d0:ce:47:e0:3e:
41:7c:95:bc:3e:81:4f:5a:04:30:e5:d3:91:57:4e:9a:bc:78:
db:82:69:a9:c0:3a:ba:e8:ed:9f:d3:84:38:8e:31:80:64:43:
d5:a3:ca:04:d1:c4:50:71:07:5a:a4:c3:44:27:1d:85:3e:23:
7d:19:d8:9e:1e:79:79:d8:7f:eb:3a:2f:ef:ca:b7:eb:a7:de:
a2:62:ea:c6:f5:7a:89:ea:b8:01:96:57:b5:e2:ff:92:50:65:
67:73:91:a2:a1:6a:55:a4:28:b0:e3:57:cd:04:7b:0d:ba:7a:
e6:6b:13:88:a8:58:e1:a4:cf:2f:7d:29:3d:f7:73:f8:37:c4:
32:63:a1:42:a8:c0:04:e6:8d:78:4e:b2:dc:e1:7c:b6:a0:9b:
15:ff:f9:f3:4e:63:a9:b5:2c:75:f3:52:2e:07:ad:0d:ab:7a:
e3:f3:27:88:56:b6:5d:15:16:e0:62:14:2a:15:c3:92:3a:a3:
7b:74:17:7d:50:93:bb:df:33:e2:2c:b0:f7:4c:2c:ac:dc:f1:
f5:b5:ed:8f
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcvRnCRWPoSKWPogmDSYHhgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAyMDYxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODdkZmQ1MTA5YmEzMDhkMDI2ZjE0NWJiNjIzNGEwZjFhYTkwNzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFQfMlV8iMKJ86OPkkiswkf1fC8V
9P+wzQUBLE2XcTU6MDx690TtRQ5tXr7H+3J013JjeP2CvMUwIm5RZmRDq15miqPW
UhyuAST9nwlZ1uiTSSXYyuq3glOfXPJMIV/hnb8lUrOH4OCDKc1LzJJXYXRfJl5i
amKPcEg8+boPVW2n7RBb70Y/A4B4m+ZFf4pkgOpfcCOe2wOYL8mBischuef8L/PD
127xWjt7lt1yxICFCvcHEU5/5u6f/MoMgn57sQ7t5g8mF4l8G9nx+zYUDdDM1r7p
2K7Z2gOUDZVhyL719n8qaacli//UGjA1sthrUria2UMt1Xq9q5+1UmwvAQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFEh9/VEJujCNAm8UW7YjSg8aqQdyMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvU0gzOVVRbTZNSTBDYnhSYnRpTktEeHFwQjNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQC7lvzxeZtUa0Fb8wQA6b/2QH3Bi+5dIVMsyIZK
0XsLAyBnzQ5X9Nz6RlHKEyrS2GPK0M5H4D5BfJW8PoFPWgQw5dORV06avHjbgmmp
wDq66O2f04Q4jjGAZEPVo8oE0cRQcQdapMNEJx2FPiN9GdieHnl52H/rOi/vyrfr
p96iYurG9XqJ6rgBlle14v+SUGVnc5GioWpVpCiw41fNBHsNunrmaxOIqFjhpM8v
fSk993P4N8QyY6FCqMAE5o14TrLc4Xy2oJsV//nzTmOptSx181IuB60Nq3rj8yeI
VrZdFRbgYhQqFcOSOqN7dBd9UJO73zPiLLD3TCys3PH1te2P
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:53:41 2025 by rpki-client