Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/U9EVQ7iwAWpHUI42XUugBg_RCJs.roa
File: U9EVQ7iwAWpHUI42XUugBg_RCJs.roa (raw, json)
Hash identifier: ja7rf6tg8Gj9ILM3uD7HbfgX5JrYpkPR+lIMmR/fFM0=
Subject key identifier: 53:D1:15:43:B8:B0:01:6A:47:50:8E:36:5D:4B:A0:06:0F:D1:08:9B
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197350906CC1C396537C2C3F4FD30B7BA35
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/U9EVQ7iwAWpHUI42XUugBg_RCJs.roa
Signing time: Tue 03 Jun 2025 09:04:33 +0000
ROA not before: Tue 03 Jun 2025 09:04:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:3508:a12d/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 03 Jun 2025 09:13:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:09:06:cc:1c:39:65:37:c2:c3:f4:fd:30:b7:ba:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 3 09:04:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53d11543b8b0016a47508e365d4ba0060fd1089b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:50:7c:c1:53:ad:3f:c0:b8:1c:75:83:e1:c8:
6e:b9:5c:66:1d:32:2d:2b:70:85:a8:b3:b3:8f:9f:
99:56:ff:80:eb:7d:61:9b:93:ba:b8:3f:6b:a8:91:
15:90:0e:7d:0e:7f:45:bf:a6:7d:20:57:4a:08:c7:
f2:21:6f:ac:d0:a6:7f:3c:33:f0:d5:c3:8f:6f:e1:
12:b2:cd:c2:90:d4:e5:b0:cf:94:53:ba:66:6f:09:
b1:3d:16:69:85:57:91:72:9e:8d:f9:5f:02:00:2e:
49:da:2e:e5:1a:4a:0a:70:54:9f:2d:91:8f:a4:fe:
31:22:e2:06:13:46:43:61:bc:7b:0e:85:fa:97:3e:
9b:ac:ed:69:23:2f:a3:0f:d1:80:46:1c:4e:cc:cc:
d8:e6:5b:c5:0d:96:3d:7c:99:5d:dd:32:a4:08:2b:
64:2e:6b:bd:23:4e:ff:56:6b:a4:53:cb:4f:e4:1d:
72:38:a9:67:d5:58:15:dc:3c:cf:22:b6:7a:3a:9b:
16:f7:8e:d5:18:75:27:a2:bc:69:f9:cd:52:9f:aa:
62:e1:eb:9b:40:58:ac:f9:f4:d9:92:74:84:b4:da:
a1:e5:7d:d5:5e:84:25:74:0c:ce:45:d9:13:19:e6:
a8:5f:f2:ff:6c:0a:8b:b8:26:af:c6:6d:58:2d:f3:
1d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D1:15:43:B8:B0:01:6A:47:50:8E:36:5D:4B:A0:06:0F:D1:08:9B
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/U9EVQ7iwAWpHUI42XUugBg_RCJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:3508:a12d/128
Signature Algorithm: sha256WithRSAEncryption
6d:4f:04:a9:11:e8:75:c1:76:bb:f0:cd:4a:87:27:89:19:a2:
4f:dd:53:58:d6:44:11:49:96:32:ec:ff:9b:c1:07:04:37:32:
7f:eb:33:55:0d:50:27:2b:5d:89:7c:9f:4c:6d:76:b6:3a:41:
b5:52:76:2c:2e:30:74:55:4c:69:35:4a:73:06:2d:55:13:6c:
ba:0c:01:05:d1:a2:76:a2:4d:01:a1:db:14:06:ae:8d:45:c2:
c6:2a:49:aa:fb:98:dc:f1:7d:a9:41:a9:30:0f:01:87:94:6d:
c6:ba:05:6b:b7:86:7d:6f:64:64:9d:8d:aa:6e:51:2c:a3:e4:
68:53:42:72:49:cb:40:d7:f8:b2:db:27:cf:0b:e6:b5:ca:f4:
a0:75:70:9d:26:ca:10:65:95:9b:06:8a:97:41:89:d6:05:42:
fe:b8:e1:03:99:19:2a:80:b2:81:cb:94:b9:5e:19:66:4e:cf:
a3:71:e2:0f:ae:9c:1a:da:50:21:92:f7:9e:5c:5c:44:aa:e2:
01:71:2f:95:7b:3b:a0:ee:f6:2b:5e:32:a2:89:af:89:c0:2e:
d1:69:63:18:81:f3:ce:81:47:b2:93:c9:fe:d1:6d:fb:7e:19:
ee:4b:c3:7f:16:f7:f6:22:d8:46:26:08:29:4f:12:c3:39:bc:
b9:23:4b:95
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc1CQbMHDllN8LD9P0wt7o1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAzMDkwNDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2QxMTU0M2I4YjAwMTZhNDc1MDhlMzY1ZDRiYTAwNjBmZDEwODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVB8wVOtP8C4HHWD4chuuVxmHTIt
K3CFqLOzj5+ZVv+A631hm5O6uD9rqJEVkA59Dn9Fv6Z9IFdKCMfyIW+s0KZ/PDPw
1cOPb+ESss3CkNTlsM+UU7pmbwmxPRZphVeRcp6N+V8CAC5J2i7lGkoKcFSfLZGP
pP4xIuIGE0ZDYbx7DoX6lz6brO1pIy+jD9GARhxOzMzY5lvFDZY9fJld3TKkCCtk
Lmu9I07/VmukU8tP5B1yOKln1VgV3DzPIrZ6OpsW947VGHUnorxp+c1Sn6pi4eub
QFis+fTZknSEtNqh5X3VXoQldAzORdkTGeaoX/L/bAqLuCavxm1YLfMdCwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFFPRFUO4sAFqR1CONl1LoAYP0QibMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvVTlFVlE3aXdBV3BIVUk0MlhVdWdCZ19SQ0pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNQihLTANBgkqhkiG9w0BAQsFAAOCAQEAbU8EqRHodcF2
u/DNSocniRmiT91TWNZEEUmWMuz/m8EHBDcyf+szVQ1QJytdiXyfTG12tjpBtVJ2
LC4wdFVMaTVKcwYtVRNsugwBBdGidqJNAaHbFAaujUXCxipJqvuY3PF9qUGpMA8B
h5RtxroFa7eGfW9kZJ2Nqm5RLKPkaFNCcknLQNf4stsnzwvmtcr0oHVwnSbKEGWV
mwaKl0GJ1gVC/rjhA5kZKoCygcuUuV4ZZk7Po3HiD66cGtpQIZL3nlxcRKriAXEv
lXs7oO72K14yoomvicAu0WljGIHzzoFHspPJ/tFt+34Z7kvDfxb39iLYRiYIKU8S
wzm8uSNLlQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:01:26 2025 by rpki-client