Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/TpQ7NryMjL8AqsNLm3591sksHMs.roa
File: TpQ7NryMjL8AqsNLm3591sksHMs.roa (raw, json)
Hash identifier: Ix7VbcPq56f17evS0W0NE+mbKZMR+LeohRPdFe8CujU=
Subject key identifier: 4E:94:3B:36:BC:8C:8C:BF:00:AA:C3:4B:9B:7E:7D:D6:C9:2C:1C:CB
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196F02E0729A999D06135A0F561C48E6E98
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/TpQ7NryMjL8AqsNLm3591sksHMs.roa
Signing time: Wed 21 May 2025 00:11:10 +0000
ROA not before: Wed 21 May 2025 00:11:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 21 May 2025 01:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f0:2e:07:29:a9:99:d0:61:35:a0:f5:61:c4:8e:6e:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 21 00:11:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e943b36bc8c8cbf00aac34b9b7e7dd6c92c1ccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5a:7e:04:2c:54:47:05:b9:aa:c3:8a:44:16:
fe:ef:26:8e:2a:6a:02:da:f5:d5:7e:b8:6a:4b:96:
68:aa:a5:1b:b3:3b:4c:14:26:7f:f4:00:5f:43:99:
eb:68:b8:b3:32:78:49:03:6c:13:f8:24:0f:ad:1e:
7c:a6:91:e1:ba:fb:50:7e:1b:fa:c9:59:ea:90:d5:
9d:1e:23:09:51:06:cd:75:81:44:80:d1:d5:b8:04:
8c:ae:34:f9:90:d4:a3:00:64:cf:0e:c8:02:5d:74:
05:96:3b:1c:e7:12:c1:2d:53:1e:85:38:19:fd:87:
79:ab:4d:92:24:23:83:e3:fd:09:42:9a:96:b1:41:
92:ae:2a:19:3d:45:a9:e3:e3:a9:5b:b2:7f:76:d5:
5b:14:7c:1f:93:30:94:59:a7:0a:d4:2b:a4:b6:c7:
1b:4b:97:5e:e7:fa:be:e7:e4:bf:42:ed:b9:4d:80:
94:45:a6:28:58:3c:6b:6e:b6:bd:02:07:fb:45:87:
23:00:90:99:0a:1b:ee:ea:05:7f:70:65:2e:54:55:
e4:38:01:80:29:55:10:53:ec:5b:ba:d7:76:91:14:
91:05:97:b9:68:83:8b:f2:3a:d4:a0:e1:3b:78:eb:
c5:1c:80:1f:6a:ea:e6:63:35:04:21:af:c4:cf:76:
b8:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:94:3B:36:BC:8C:8C:BF:00:AA:C3:4B:9B:7E:7D:D6:C9:2C:1C:CB
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/TpQ7NryMjL8AqsNLm3591sksHMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
4e:9e:2b:4e:82:7f:b7:79:f5:06:ea:f2:83:54:61:35:da:1b:
24:a9:f3:2e:54:0a:43:ca:4d:5d:5c:8d:dd:5d:f6:bd:25:f9:
09:dd:f1:b2:ad:f8:68:35:4f:f9:11:aa:2c:77:86:a7:f4:54:
1f:af:ac:e1:fa:ba:bb:55:9e:06:06:2b:b7:f2:99:0b:6a:59:
09:6f:01:9d:b6:31:7c:11:f5:10:bc:74:89:4b:dc:38:30:65:
a2:30:74:5f:8a:34:5b:25:e3:2d:7c:c1:ee:18:ed:13:f7:19:
8f:3d:91:6f:8e:ca:41:0f:37:0e:dc:56:f6:87:64:14:98:b4:
1d:06:11:7c:c9:2f:b5:45:fd:4b:5c:7f:80:17:1e:55:9a:a3:
d9:f0:5b:b4:e5:fd:bc:04:37:93:c6:43:6f:75:6a:4b:d2:90:
c4:f9:5e:65:c8:54:88:5f:d3:f4:d2:25:84:56:2a:fa:a6:a3:
6f:4d:32:f5:a3:b8:8f:e0:9b:b3:04:18:02:ec:5a:78:11:bd:
58:f3:b7:52:c8:b3:18:7c:93:99:be:c1:59:34:de:eb:81:5c:
d5:00:44:92:4c:39:29:be:59:34:16:53:fd:93:b6:bc:ac:1a:
0f:e8:76:3a:15:ec:29:b7:d1:85:17:2b:5b:98:da:5d:c3:bb:
c0:7b:b7:be
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbwLgcpqZnQYTWg9WHEjm6YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIxMDAxMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTk0M2IzNmJjOGM4Y2JmMDBhYWMzNGI5YjdlN2RkNmM5MmMxY2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1p+BCxURwW5qsOKRBb+7yaOKmoC
2vXVfrhqS5ZoqqUbsztMFCZ/9ABfQ5nraLizMnhJA2wT+CQPrR58ppHhuvtQfhv6
yVnqkNWdHiMJUQbNdYFEgNHVuASMrjT5kNSjAGTPDsgCXXQFljsc5xLBLVMehTgZ
/Yd5q02SJCOD4/0JQpqWsUGSrioZPUWp4+OpW7J/dtVbFHwfkzCUWacK1Cuktscb
S5de5/q+5+S/Qu25TYCURaYoWDxrbra9Agf7RYcjAJCZChvu6gV/cGUuVFXkOAGA
KVUQU+xbutd2kRSRBZe5aIOL8jrUoOE7eOvFHIAfaurmYzUEIa/Ez3a4JQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFE6UOza8jIy/AKrDS5t+fdbJLBzLMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvVHBRN05yeU1qTDhBcXNOTG0zNTkxc2tzSE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEATp4rToJ/t3n1Buryg1RhNdob
JKnzLlQKQ8pNXVyN3V32vSX5Cd3xsq34aDVP+RGqLHeGp/RUH6+s4fq6u1WeBgYr
t/KZC2pZCW8BnbYxfBH1ELx0iUvcODBlojB0X4o0WyXjLXzB7hjtE/cZjz2Rb47K
QQ83DtxW9odkFJi0HQYRfMkvtUX9S1x/gBceVZqj2fBbtOX9vAQ3k8ZDb3VqS9KQ
xPleZchUiF/T9NIlhFYq+qajb00y9aO4j+CbswQYAuxaeBG9WPO3UsizGHyTmb7B
WTTe64Fc1QBEkkw5Kb5ZNBZT/ZO2vKwaD+h2OhXsKbfRhRcrW5jaXcO7wHu3vg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:33:03 2025 by rpki-client