Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/U9oA9lmrVcXGJtuIbyyeH_kGBzQ.roa
File: U9oA9lmrVcXGJtuIbyyeH_kGBzQ.roa (raw, json)
Hash identifier: pa6wUx6bEXYzpeFRFkg4WUa3+MgJhZYxG4zqMZ3QpTs=
Subject key identifier: 53:DA:00:F6:59:AB:55:C5:C6:26:DB:88:6F:2C:9E:1F:F9:06:07:34
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019721BFE9F453B191B6C4B67E3E50C5FE07
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/U9oA9lmrVcXGJtuIbyyeH_kGBzQ.roa
Signing time: Fri 30 May 2025 15:11:54 +0000
ROA not before: Fri 30 May 2025 15:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 30 May 2025 16:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:21:bf:e9:f4:53:b1:91:b6:c4:b6:7e:3e:50:c5:fe:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 30 15:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53da00f659ab55c5c626db886f2c9e1ff9060734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:60:68:65:73:92:b9:cb:7f:05:75:52:63:06:
de:f3:ae:07:a1:ed:0e:c2:a0:f0:01:77:31:c4:5b:
7e:b2:58:cc:4d:e3:09:84:68:5a:08:00:75:8b:d5:
b1:47:41:e0:70:61:03:7f:36:77:1d:e2:e6:34:e2:
d3:12:41:42:33:c0:2b:f4:e3:a1:fe:c7:ed:e9:9c:
fe:23:35:7c:c9:3c:29:66:ab:96:eb:4d:2d:a1:9f:
4a:d7:1a:fa:71:3b:eb:e0:fa:e9:c2:8c:a1:7b:55:
90:d6:e7:2a:00:c0:c0:e6:53:a2:63:11:cd:b3:1e:
21:9a:d2:13:17:ae:b8:c2:8e:29:e2:99:6d:8d:60:
a9:59:61:e9:31:82:e8:83:d6:28:b0:00:74:3d:e0:
b6:41:1a:6c:60:0a:2e:65:a6:e7:46:61:de:bb:a5:
29:2b:b3:09:59:6c:1f:60:56:71:28:1a:54:c3:4f:
dd:b8:19:1c:43:15:23:68:eb:70:95:61:a4:c1:90:
4c:2c:dd:ab:c1:7f:2c:d4:18:98:5f:18:01:2d:55:
a4:08:01:67:65:04:7a:29:82:11:5f:30:18:e1:c1:
8b:73:c8:65:8a:ca:77:b9:c7:8a:33:78:e0:75:e8:
87:eb:98:2b:8b:28:1c:33:a7:70:66:06:c8:cd:ef:
47:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:DA:00:F6:59:AB:55:C5:C6:26:DB:88:6F:2C:9E:1F:F9:06:07:34
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/U9oA9lmrVcXGJtuIbyyeH_kGBzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
90:92:53:5f:e7:e3:aa:dc:3b:19:9b:54:17:bd:69:fc:05:d3:
27:cb:2e:0b:0c:1e:d4:49:b4:07:38:eb:fc:8b:fd:5e:e5:eb:
24:54:29:12:9b:95:5d:ea:e3:ee:be:0b:08:69:d2:a2:1a:f0:
61:bf:7c:6e:91:72:ed:e8:23:2c:64:77:1b:96:88:58:4e:53:
fc:67:9a:60:97:3a:4c:ac:93:53:6b:44:58:c3:77:05:d7:49:
f8:63:29:5b:71:11:85:fd:9d:59:45:ad:6b:c2:fe:0f:e2:7c:
d9:f5:bb:cb:15:a4:cf:b6:eb:c9:84:f3:ab:40:00:b4:a1:df:
68:4a:53:a8:b1:ae:3b:56:7c:7c:8a:f3:ce:bb:9e:e6:ca:a9:
5a:1c:c1:fc:10:fa:72:c9:a0:9f:5a:5b:9b:c4:0f:29:60:ba:
a9:8a:8e:c0:bb:16:d6:bb:9e:9e:c4:eb:7c:1b:4a:d8:41:fe:
30:a6:f0:16:97:92:85:dc:9a:6c:6a:e8:90:4d:f2:14:ad:c4:
bb:1a:e2:e2:e1:4e:4b:fc:b6:6a:13:64:f7:b8:cb:12:77:e4:
b4:e7:19:38:b6:b1:c3:ca:e2:38:b9:99:56:e2:15:9a:04:2b:
5f:09:25:21:9b:08:b8:71:99:b3:d2:84:2b:61:4b:96:43:1c:
e4:1a:14:a3
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZchv+n0U7GRtsS2fj5Qxf4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTMwMTUxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2RhMDBmNjU5YWI1NWM1YzYyNmRiODg2ZjJjOWUxZmY5MDYwNzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWBoZXOSuct/BXVSYwbe864Hoe0O
wqDwAXcxxFt+sljMTeMJhGhaCAB1i9WxR0HgcGEDfzZ3HeLmNOLTEkFCM8Ar9OOh
/sft6Zz+IzV8yTwpZquW600toZ9K1xr6cTvr4Prpwoyhe1WQ1ucqAMDA5lOiYxHN
sx4hmtITF664wo4p4pltjWCpWWHpMYLog9YosAB0PeC2QRpsYAouZabnRmHeu6Up
K7MJWWwfYFZxKBpUw0/duBkcQxUjaOtwlWGkwZBMLN2rwX8s1BiYXxgBLVWkCAFn
ZQR6KYIRXzAY4cGLc8hlisp3uceKM3jgdeiH65griygcM6dwZgbIze9H3QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFFPaAPZZq1XFxibbiG8snh/5Bgc0MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvVTlvQTlsbXJWY1hHSnR1SWJ5eWVIX2tHQnpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQCQklNf5+Oq3DsZm1QXvWn8BdMnyy4LDB7USbQH
OOv8i/1e5eskVCkSm5Vd6uPuvgsIadKiGvBhv3xukXLt6CMsZHcblohYTlP8Z5pg
lzpMrJNTa0RYw3cF10n4YylbcRGF/Z1ZRa1rwv4P4nzZ9bvLFaTPtuvJhPOrQAC0
od9oSlOosa47Vnx8ivPOu57myqlaHMH8EPpyyaCfWlubxA8pYLqpio7AuxbWu56e
xOt8G0rYQf4wpvAWl5KF3JpsauiQTfIUrcS7GuLi4U5L/LZqE2T3uMsSd+S05xk4
trHDyuI4uZlW4hWaBCtfCSUhmwi4cZmz0oQrYUuWQxzkGhSj
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:37:03 2025 by rpki-client