Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/U4xF1Ss1ZF-9fOSxJwqfBX6m2nU.roa
File: U4xF1Ss1ZF-9fOSxJwqfBX6m2nU.roa (raw, json)
Hash identifier: VSCms24lNfDXui8IKcCo4BcJJuZQtyv9JqQLSFLNJOg=
Subject key identifier: 53:8C:45:D5:2B:35:64:5F:BD:7C:E4:B1:27:0A:9F:05:7E:A6:DA:75
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196E1912EFCC9581470AAF1A365593EE431
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/U4xF1Ss1ZF-9fOSxJwqfBX6m2nU.roa
Signing time: Sun 18 May 2025 04:05:10 +0000
ROA not before: Sun 18 May 2025 04:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:e190:5ae2/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 18 May 2025 04:14:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e1:91:2e:fc:c9:58:14:70:aa:f1:a3:65:59:3e:e4:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 18 04:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=538c45d52b35645fbd7ce4b1270a9f057ea6da75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:08:35:3d:22:eb:7c:a7:5a:80:a9:64:32:1e:
2e:f9:3f:a3:6a:e7:df:be:cc:4a:e5:72:9f:04:7b:
79:20:b3:5d:78:ce:d0:60:6e:b1:f2:44:05:30:c7:
7b:7c:e2:b7:21:39:41:cc:bd:2a:d0:28:69:06:7e:
85:de:51:83:b3:3b:60:ab:a1:b5:6c:53:d9:c3:27:
a9:e9:70:62:c9:5d:e7:d7:62:21:c1:45:d0:55:13:
b6:94:51:8c:1a:b9:ca:e9:a4:d3:6a:6c:4e:7f:a7:
78:25:98:71:95:47:6a:90:3d:7c:00:c1:54:f7:05:
b6:6a:88:52:dd:04:79:6b:17:99:38:d8:fd:fa:21:
de:b6:67:be:4b:26:c5:ee:a7:f5:70:08:75:a9:0b:
d9:d2:12:fc:cd:b4:7e:13:f9:95:38:47:f8:9d:03:
c4:76:33:74:05:60:55:f6:78:d3:06:62:3c:2b:7b:
dd:2e:0f:f1:24:a3:4f:70:c5:c0:a6:4b:95:e2:00:
89:b5:1a:04:4f:ab:77:3d:d6:51:e0:d3:81:56:bb:
47:2d:bf:c1:7c:fd:9f:ca:75:9d:58:03:37:7d:36:
20:f2:f2:fc:2a:4c:ff:95:7d:e2:2f:f5:fd:d8:90:
cf:fa:5d:40:91:10:40:67:4a:e2:bc:f3:5f:18:db:
be:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:8C:45:D5:2B:35:64:5F:BD:7C:E4:B1:27:0A:9F:05:7E:A6:DA:75
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/U4xF1Ss1ZF-9fOSxJwqfBX6m2nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:e190:5ae2/128
Signature Algorithm: sha256WithRSAEncryption
6d:ea:7b:2a:6c:3f:b8:65:aa:19:e3:52:c9:dc:b6:9e:f3:24:
86:a8:a2:92:d8:7f:5f:28:03:6e:22:e6:6f:b0:74:90:c3:cc:
fc:72:35:dd:f0:2e:ea:8d:80:d6:8f:68:f6:06:bb:2b:e6:24:
2d:98:3a:a7:78:51:11:96:64:8d:70:7c:3e:3b:fa:9c:a5:5e:
e5:da:96:7f:dc:ba:32:7c:05:e3:00:3e:7f:96:5b:95:f0:8f:
c7:8c:78:dd:fd:21:2b:ad:1c:0a:c4:fc:27:06:a0:39:41:c6:
42:2e:1b:27:5b:60:cc:32:5b:e9:24:0b:ec:1d:e6:d6:7f:bf:
3f:24:5c:e9:e8:24:de:1e:2a:1d:70:8e:21:e8:ed:1e:2b:dc:
d7:2b:90:d6:44:2b:7f:40:20:8b:4e:cc:df:b2:08:5f:fa:84:
7d:4a:f7:0c:4b:f8:79:bf:0e:1e:60:5e:3e:90:48:f8:91:28:
73:c3:d2:8e:65:98:1b:c4:33:ac:55:12:12:12:32:7c:03:46:
48:ee:d8:a7:9a:62:26:cf:31:44:9c:e0:1e:4e:98:5e:6e:51:
83:36:d8:86:b3:94:06:48:a6:af:81:26:fe:03:82:ac:fe:c2:
14:08:87:18:18:82:b3:da:48:41:86:57:24:9c:bd:3f:21:21:
98:2d:1b:29
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbhkS78yVgUcKrxo2VZPuQxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTE4MDQwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzhjNDVkNTJiMzU2NDVmYmQ3Y2U0YjEyNzBhOWYwNTdlYTZkYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngg1PSLrfKdagKlkMh4u+T+jauff
vsxK5XKfBHt5ILNdeM7QYG6x8kQFMMd7fOK3ITlBzL0q0ChpBn6F3lGDsztgq6G1
bFPZwyep6XBiyV3n12IhwUXQVRO2lFGMGrnK6aTTamxOf6d4JZhxlUdqkD18AMFU
9wW2aohS3QR5axeZONj9+iHetme+SybF7qf1cAh1qQvZ0hL8zbR+E/mVOEf4nQPE
djN0BWBV9njTBmI8K3vdLg/xJKNPcMXApkuV4gCJtRoET6t3PdZR4NOBVrtHLb/B
fP2fynWdWAM3fTYg8vL8Kkz/lX3iL/X92JDP+l1AkRBAZ0rivPNfGNu+gwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFOMRdUrNWRfvXzksScKnwV+ptp1MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvVTR4RjFTczFaRi05Zk9TeEp3cWZCWDZtMm5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW4ZBa4jANBgkqhkiG9w0BAQsFAAOCAQEAbep7Kmw/uGWqGeNSydy2nvMk
hqiikth/XygDbiLmb7B0kMPM/HI13fAu6o2A1o9o9ga7K+YkLZg6p3hREZZkjXB8
Pjv6nKVe5dqWf9y6MnwF4wA+f5ZblfCPx4x43f0hK60cCsT8JwagOUHGQi4bJ1tg
zDJb6SQL7B3m1n+/PyRc6egk3h4qHXCOIejtHivc1yuQ1kQrf0Agi07M37IIX/qE
fUr3DEv4eb8OHmBePpBI+JEoc8PSjmWYG8QzrFUSEhIyfANGSO7Yp5piJs8xRJzg
Hk6YXm5RgzbYhrOUBkimr4Em/gOCrP7CFAiHGBiCs9pIQYZXJJy9PyEhmC0bKQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:44:37 2025 by rpki-client