Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/TFHIk1e3_Jb5mQ__yeXvSQn5Rng.roa
File: TFHIk1e3_Jb5mQ__yeXvSQn5Rng.roa (raw, json)
Hash identifier: KHpxhb6D6F1kAeuEYd9gwmi44kU2z9cOnmQ+BZF67Ck=
Subject key identifier: 4C:51:C8:93:57:B7:FC:96:F9:99:0F:FF:C9:E5:EF:49:09:F9:46:78
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01973CC9A71291E419C3DDC589A1033EA28D
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/TFHIk1e3_Jb5mQ__yeXvSQn5Rng.roa
Signing time: Wed 04 Jun 2025 21:12:17 +0000
ROA not before: Wed 04 Jun 2025 21:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 04 Jun 2025 22:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3c:c9:a7:12:91:e4:19:c3:dd:c5:89:a1:03:3e:a2:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 4 21:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c51c89357b7fc96f9990fffc9e5ef4909f94678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ca:95:cc:cb:27:bf:54:9b:c0:73:f0:39:ab:
7a:a5:71:56:70:c7:c6:96:58:68:c3:c5:3b:ae:2a:
50:36:8f:9d:94:c0:76:89:99:33:ba:88:ee:0b:c2:
1b:8d:e6:30:0f:ff:50:ec:07:54:65:7f:c5:f2:cd:
12:d1:b1:06:61:9c:10:c9:ff:b7:e5:f4:4f:ab:52:
8e:b8:1c:94:92:35:66:76:65:d1:6f:4f:99:03:a6:
2f:31:67:5d:01:ee:7c:ec:91:a5:97:02:0a:e9:f1:
8f:23:b0:b7:1d:7f:b0:f2:94:21:4b:52:23:34:15:
38:2a:e4:42:2d:7f:b3:e5:a4:b1:2f:78:d6:54:4a:
ed:b7:a0:bb:4e:15:75:56:00:33:45:de:23:a5:43:
51:01:99:5c:b6:d7:29:df:48:86:93:bb:09:30:dd:
de:81:65:5f:1e:ca:2a:f8:e8:14:6f:7b:b8:7c:48:
6b:13:4b:2e:6b:cb:3c:d3:2c:6e:c5:bd:52:e4:d4:
ce:f3:c2:a0:68:de:3f:ba:dd:16:74:7f:91:f4:22:
a7:ba:37:f3:b1:12:3b:7d:20:e0:8e:e1:39:b8:55:
3e:3b:e1:fb:15:0a:2c:0f:5c:6b:26:03:73:5d:61:
a4:39:89:d3:83:e7:48:2c:bd:a8:d8:7f:22:a4:e6:
e1:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:51:C8:93:57:B7:FC:96:F9:99:0F:FF:C9:E5:EF:49:09:F9:46:78
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/TFHIk1e3_Jb5mQ__yeXvSQn5Rng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
3b:09:9e:d7:c1:33:02:d8:d2:d0:e4:bb:e5:78:ed:1c:30:fa:
d8:cb:8d:f7:ec:c9:c4:48:6e:8e:30:8c:5d:75:1e:a1:bb:f7:
9a:36:84:c2:d4:dc:18:53:f9:67:45:b3:34:bc:7e:b7:b6:41:
dc:5b:4d:8f:98:c3:87:70:1e:1a:6a:3f:8a:c8:d6:7d:ae:a7:
16:9e:7e:6d:11:eb:bc:49:f4:56:34:00:c2:c2:d8:c7:b7:a6:
16:9c:08:63:61:67:f0:b3:fc:91:57:14:7b:b8:f5:40:f7:c8:
15:1d:e8:80:cb:26:2f:3d:6b:5f:78:c1:2a:d3:b7:1b:c8:62:
cf:bd:79:b5:a3:c6:34:56:71:41:ed:e0:f0:5b:e0:f3:83:35:
c4:b8:c1:b3:48:de:65:58:f9:df:c7:23:37:9f:d0:22:3b:5c:
ed:ce:bb:c7:d9:65:30:9c:de:e3:c0:4d:1e:b7:8f:3b:09:65:
ea:e5:0c:c7:a1:90:b9:b4:05:01:92:7e:be:ac:69:d0:e7:fb:
ec:fa:1d:1e:b6:cd:cf:64:e3:70:eb:49:67:d4:d3:c9:3c:fc:
15:d6:20:0a:f2:17:d9:28:b4:89:26:36:13:bb:ec:d3:82:cc:
ce:32:ab:78:65:0b:b9:c8:ae:c2:be:74:a4:f4:14:e9:d3:63:
74:5d:da:ec
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc8yacSkeQZw93FiaEDPqKNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA0MjExMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzUxYzg5MzU3YjdmYzk2Zjk5OTBmZmZjOWU1ZWY0OTA5Zjk0Njc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8qVzMsnv1SbwHPwOat6pXFWcMfG
llhow8U7ripQNo+dlMB2iZkzuojuC8IbjeYwD/9Q7AdUZX/F8s0S0bEGYZwQyf+3
5fRPq1KOuByUkjVmdmXRb0+ZA6YvMWddAe587JGllwIK6fGPI7C3HX+w8pQhS1Ij
NBU4KuRCLX+z5aSxL3jWVErtt6C7ThV1VgAzRd4jpUNRAZlcttcp30iGk7sJMN3e
gWVfHsoq+OgUb3u4fEhrE0sua8s80yxuxb1S5NTO88KgaN4/ut0WdH+R9CKnujfz
sRI7fSDgjuE5uFU+O+H7FQosD1xrJgNzXWGkOYnTg+dILL2o2H8ipObhvwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFExRyJNXt/yW+ZkP/8nl70kJ+UZ4MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvVEZISWsxZTNfSmI1bVFfX3llWHZTUW41Um5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAOwme18EzAtjS
0OS75XjtHDD62MuN9+zJxEhujjCMXXUeobv3mjaEwtTcGFP5Z0WzNLx+t7ZB3FtN
j5jDh3AeGmo/isjWfa6nFp5+bRHrvEn0VjQAwsLYx7emFpwIY2Fn8LP8kVcUe7j1
QPfIFR3ogMsmLz1rX3jBKtO3G8hiz715taPGNFZxQe3g8Fvg84M1xLjBs0jeZVj5
38cjN5/QIjtc7c67x9llMJze48BNHrePOwll6uUMx6GQubQFAZJ+vqxp0Of77Pod
HrbNz2TjcOtJZ9TTyTz8FdYgCvIX2Si0iSY2E7vs04LMzjKreGULuciuwr50pPQU
6dNjdF3a7A==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:50:46 2025 by rpki-client