Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/TVsPVROJWb_rXSoKviZ3Cj3Z_9g.roa
File: TVsPVROJWb_rXSoKviZ3Cj3Z_9g.roa (raw, json)
Hash identifier: 3VzfJLNQ2IDaZdCyfyJv5rtOkdZg/FVu711VJdPDZ1M=
Subject key identifier: 4D:5B:0F:55:13:89:59:BF:EB:5D:2A:0A:BE:26:77:0A:3D:D9:FF:D8
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197049220A2C6E18ABAB0C7348C9B4CDBF3
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/TVsPVROJWb_rXSoKviZ3Cj3Z_9g.roa
Signing time: Sat 24 May 2025 23:12:54 +0000
ROA not before: Sat 24 May 2025 23:12:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 25 May 2025 00:04:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:04:92:20:a2:c6:e1:8a:ba:b0:c7:34:8c:9b:4c:db:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 24 23:12:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d5b0f55138959bfeb5d2a0abe26770a3dd9ffd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:89:dc:15:da:5a:a8:32:bd:97:e4:c8:52:fa:
1b:92:b5:95:be:15:33:98:3d:cd:b1:7f:04:ba:d5:
ac:2c:ec:9a:a5:9f:fc:57:33:af:23:e5:84:bc:1e:
a0:66:ec:17:46:3e:8f:a4:c6:0c:fc:94:eb:da:2e:
4a:44:63:9a:1c:30:8b:e6:ab:52:68:f7:1c:fc:7c:
bf:26:fd:78:cf:da:ee:5c:60:aa:f9:71:3c:b5:92:
e0:e7:13:3a:20:2e:97:ce:84:90:32:e0:65:fc:b6:
f1:a0:c2:70:43:3b:11:73:01:3f:0c:12:f3:84:94:
76:da:ce:0d:dc:40:3b:67:ea:c1:75:50:af:fc:f5:
e4:52:9f:6b:38:b4:a8:df:a9:5f:1a:97:5f:46:23:
a8:d3:8d:84:2f:60:43:d0:ec:ca:0b:48:e1:b6:f7:
90:b7:da:e2:bb:4a:76:e7:b7:e8:1a:b9:e6:5c:a3:
28:23:b5:46:be:16:ed:d9:42:39:11:c7:cb:03:cd:
d6:b7:11:71:61:71:5a:dd:1e:26:5c:41:a6:f9:4c:
59:fd:70:dc:c8:c5:f4:3d:a5:e4:cb:7f:4d:ff:c8:
da:7d:bd:29:9f:69:94:19:cb:af:47:ea:ce:72:37:
b8:2c:9a:fd:d5:66:c3:e5:51:9d:6f:d0:cd:b5:be:
ac:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:5B:0F:55:13:89:59:BF:EB:5D:2A:0A:BE:26:77:0A:3D:D9:FF:D8
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/TVsPVROJWb_rXSoKviZ3Cj3Z_9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
a0:9f:40:14:bb:3c:1d:64:32:ed:7e:fe:f0:d1:90:6f:cf:a0:
b6:cd:0e:96:0b:f9:b6:c3:31:84:2c:5f:b5:0e:a1:cd:c9:be:
0d:df:c9:5a:6b:5f:d8:35:0c:83:c0:a5:1b:b6:a0:59:0f:8c:
95:0e:a6:3f:08:6c:6f:b7:a0:e3:9b:aa:ba:ef:a2:69:22:56:
79:86:29:7a:95:b9:3b:a6:9e:9e:b4:3b:7e:a9:66:f8:8e:95:
db:f6:ec:87:83:7a:2c:ae:c8:70:df:13:97:8d:26:04:58:0e:
f1:98:f7:fb:55:95:91:46:37:3c:27:0f:d2:66:da:07:33:8c:
23:58:ef:e8:aa:60:3f:1e:60:ad:40:f2:1b:12:b8:09:43:02:
ba:dc:76:e9:b8:06:8a:74:d7:89:ef:2d:51:4e:19:cf:94:70:
99:54:c9:aa:28:ab:46:f3:a8:72:df:5c:6c:26:09:69:cb:fb:
17:05:35:7e:03:f5:a4:a8:91:aa:fb:71:86:2a:02:6b:ac:96:
bc:8e:69:8d:1c:c9:bf:01:07:64:3d:73:5e:aa:06:c2:9e:35:
a8:0d:c9:82:b2:d7:58:a3:e8:d1:f0:69:d4:f4:6f:60:d7:99:
a5:f3:85:67:82:ea:70:25:51:d2:d1:61:89:4b:a4:e4:81:d2:
df:7e:dc:4b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZcEkiCixuGKurDHNIybTNvzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI0MjMxMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDViMGY1NTEzODk1OWJmZWI1ZDJhMGFiZTI2NzcwYTNkZDlmZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oncFdpaqDK9l+TIUvobkrWVvhUz
mD3NsX8EutWsLOyapZ/8VzOvI+WEvB6gZuwXRj6PpMYM/JTr2i5KRGOaHDCL5qtS
aPcc/Hy/Jv14z9ruXGCq+XE8tZLg5xM6IC6XzoSQMuBl/LbxoMJwQzsRcwE/DBLz
hJR22s4N3EA7Z+rBdVCv/PXkUp9rOLSo36lfGpdfRiOo042EL2BD0OzKC0jhtveQ
t9riu0p257foGrnmXKMoI7VGvhbt2UI5EcfLA83WtxFxYXFa3R4mXEGm+UxZ/XDc
yMX0PaXky39N/8jafb0pn2mUGcuvR+rOcje4LJr91WbD5VGdb9DNtb6sowIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFE1bD1UTiVm/610qCr4mdwo92f/YMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvVFZzUFZST0pXYl9yWFNvS3ZpWjNDajNaXzlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAoJ9AFLs8HWQy7X7+8NGQb8+g
ts0Olgv5tsMxhCxftQ6hzcm+Dd/JWmtf2DUMg8ClG7agWQ+MlQ6mPwhsb7eg45uq
uu+iaSJWeYYpepW5O6aenrQ7fqlm+I6V2/bsh4N6LK7IcN8Tl40mBFgO8Zj3+1WV
kUY3PCcP0mbaBzOMI1jv6KpgPx5grUDyGxK4CUMCutx26bgGinTXie8tUU4Zz5Rw
mVTJqiirRvOoct9cbCYJacv7FwU1fgP1pKiRqvtxhioCa6yWvI5pjRzJvwEHZD1z
XqoGwp41qA3JgrLXWKPo0fBp1PRvYNeZpfOFZ4LqcCVR0tFhiUuk5IHS337cSw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:03:30 2025 by rpki-client