Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/ShQPDcqWA3oNIX7xChd2Ysf_dNw.roa
File: ShQPDcqWA3oNIX7xChd2Ysf_dNw.roa (raw, json)
Hash identifier: e9KkhFVSohmxGo7DranuhGdUJVh2OpQWdHzikTLQ0oE=
Subject key identifier: 4A:14:0F:0D:CA:96:03:7A:0D:21:7E:F1:0A:17:76:62:C7:FF:74:DC
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01971172066318EEA1BE63B21FBAF00B59D3
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/ShQPDcqWA3oNIX7xChd2Ysf_dNw.roa
Signing time: Tue 27 May 2025 11:12:54 +0000
ROA not before: Tue 27 May 2025 11:12:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 27 May 2025 12:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:11:72:06:63:18:ee:a1:be:63:b2:1f:ba:f0:0b:59:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 27 11:12:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a140f0dca96037a0d217ef10a177662c7ff74dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:83:c8:30:63:ab:4f:7b:9f:e7:9e:73:53:63:
1a:48:83:43:9f:3b:c2:29:80:fa:09:67:f1:44:e2:
31:4f:51:e4:62:36:4d:90:cc:4d:87:28:d9:84:17:
a2:12:30:7f:8a:21:56:b9:40:13:92:0e:01:6d:60:
fd:24:52:b2:a6:e8:02:29:a4:fa:d1:30:34:7f:32:
62:36:12:b3:5a:ca:0d:f3:2c:63:5f:a0:16:23:cb:
ea:e6:bb:f7:ca:22:70:42:bc:67:61:05:be:57:f1:
bb:fb:25:83:ee:f4:ab:ed:a0:0c:5b:d4:bf:59:65:
0d:d4:59:f1:c9:25:66:ee:2b:64:4d:d6:04:41:da:
c0:28:e3:4b:0a:33:08:50:4c:fc:c9:5f:7a:e9:85:
8b:b8:bd:f8:b9:c5:ed:80:38:30:b2:af:48:e8:61:
26:3b:a0:fd:f5:bf:c8:d7:08:81:ab:4a:cf:5a:c5:
34:74:de:60:29:96:45:b3:60:a4:a5:bc:16:2e:cf:
11:fa:f6:70:2a:39:9e:6d:2e:79:65:d8:27:2e:5c:
90:0a:2b:8c:26:fc:5c:55:66:4f:92:e9:29:9a:7c:
43:1b:74:ad:a2:7f:28:0b:d6:fa:79:20:e4:f7:b0:
c1:3b:7a:b5:99:59:73:3a:fc:de:72:cc:c4:40:31:
ac:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:14:0F:0D:CA:96:03:7A:0D:21:7E:F1:0A:17:76:62:C7:FF:74:DC
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/ShQPDcqWA3oNIX7xChd2Ysf_dNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
Signature Algorithm: sha256WithRSAEncryption
16:da:f4:8c:26:56:28:3f:a7:59:23:01:03:bc:6e:42:c9:42:
36:ae:e0:73:96:7a:d6:11:03:46:84:9d:cc:4b:c1:f2:32:c9:
78:14:2a:43:36:9b:6c:7f:a0:d3:07:5f:7a:7c:d2:ca:1d:6f:
07:b7:a8:59:a3:00:8c:5a:9c:11:f6:31:e7:d1:4c:ee:4c:08:
41:8a:d4:72:26:75:2b:8e:7e:32:cf:70:74:48:c6:32:0d:13:
d3:53:bf:cc:0c:f6:c7:2b:88:f1:70:fb:8d:8e:5d:ae:0b:be:
bd:e4:c5:64:db:ab:24:ae:d2:a5:52:72:7b:c3:21:83:e8:a9:
9b:7a:42:9a:05:2c:1b:75:3e:52:3b:8f:0f:0a:8e:c3:63:bc:
b0:40:e5:a4:41:f4:51:70:a4:79:f1:0f:fc:bd:96:9e:f1:cc:
6e:ae:8c:31:9e:79:46:b6:20:9c:54:16:fa:9c:f7:07:a0:ea:
1e:66:e1:c4:88:f0:75:5c:8c:57:78:45:87:b9:86:3e:4e:94:
d3:2a:9f:70:88:43:3d:43:24:02:ba:20:38:d2:bb:f9:ee:07:
0d:5b:f7:c9:5c:51:a5:c5:7a:20:da:c9:17:c0:54:7f:d1:a9:
e2:02:02:ac:ef:df:ec:68:e9:9f:cf:66:b3:e3:92:15:84:0d:
3b:e4:d0:d1
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZcRcgZjGO6hvmOyH7rwC1nTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI3MTExMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTE0MGYwZGNhOTYwMzdhMGQyMTdlZjEwYTE3NzY2MmM3ZmY3NGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6oPIMGOrT3uf555zU2MaSINDnzvC
KYD6CWfxROIxT1HkYjZNkMxNhyjZhBeiEjB/iiFWuUATkg4BbWD9JFKypugCKaT6
0TA0fzJiNhKzWsoN8yxjX6AWI8vq5rv3yiJwQrxnYQW+V/G7+yWD7vSr7aAMW9S/
WWUN1FnxySVm7itkTdYEQdrAKONLCjMIUEz8yV966YWLuL34ucXtgDgwsq9I6GEm
O6D99b/I1wiBq0rPWsU0dN5gKZZFs2CkpbwWLs8R+vZwKjmebS55ZdgnLlyQCiuM
JvxcVWZPkukpmnxDG3Ston8oC9b6eSDk97DBO3q1mVlzOvzecszEQDGsYQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEoUDw3KlgN6DSF+8QoXdmLH/3TcMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvU2hRUERjcVdBM29OSVg3eENoZDJZc2ZfZE53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4wDQYJKoZIhvcNAQELBQADggEB
ABba9IwmVig/p1kjAQO8bkLJQjau4HOWetYRA0aEncxLwfIyyXgUKkM2m2x/oNMH
X3p80sodbwe3qFmjAIxanBH2MefRTO5MCEGK1HImdSuOfjLPcHRIxjINE9NTv8wM
9scriPFw+42OXa4Lvr3kxWTbqySu0qVScnvDIYPoqZt6QpoFLBt1PlI7jw8KjsNj
vLBA5aRB9FFwpHnxD/y9lp7xzG6ujDGeeUa2IJxUFvqc9weg6h5m4cSI8HVcjFd4
RYe5hj5OlNMqn3CIQz1DJAK6IDjSu/nuBw1b98lcUaXFeiDayRfAVH/RqeICAqzv
3+xo6Z/PZrPjkhWEDTvk0NE=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:11:44 2025 by rpki-client