Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/UtSHPu3CDg_Lf4wSQWD1585olNQ.roa
File: UtSHPu3CDg_Lf4wSQWD1585olNQ.roa (raw, json)
Hash identifier: 63oTmCW/TS//hOrxCAoSldPJaqmFgT6JVEd9/OCYj5g=
Subject key identifier: 52:D4:87:3E:ED:C2:0E:0F:CB:7F:8C:12:41:60:F5:E7:CE:68:94:D4
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01963EB411960BD84B052BF2A6D30D0EEA17
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/UtSHPu3CDg_Lf4wSQWD1585olNQ.roa
Signing time: Wed 16 Apr 2025 13:05:10 +0000
ROA not before: Wed 16 Apr 2025 13:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:3eb3:37ec/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 16 Apr 2025 13:15:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:b4:11:96:0b:d8:4b:05:2b:f2:a6:d3:0d:0e:ea:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 16 13:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52d4873eedc20e0fcb7f8c124160f5e7ce6894d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:7b:81:07:54:4f:17:92:3f:17:0c:2e:89:a3:
11:e4:96:78:3c:82:b5:f7:b6:25:ea:48:a4:4f:1c:
99:4b:63:fe:4f:e1:d8:55:45:10:56:f7:b4:de:70:
4e:39:14:cf:38:f7:e6:f8:25:52:06:87:1c:5e:3d:
76:cd:dd:6c:7a:fa:b1:5e:8e:5c:27:de:d4:66:02:
a7:94:4d:81:71:9c:ba:63:6f:a7:eb:73:05:ee:77:
1e:48:a9:57:6e:c6:3e:86:00:e6:55:b6:51:da:a8:
b7:07:60:a3:c3:90:f0:c8:33:60:91:62:6b:5b:8d:
23:f0:2c:b4:b9:03:b6:6d:0a:50:48:c5:16:53:e7:
26:73:08:27:85:72:a1:80:a7:ac:8e:9b:ba:45:dc:
e8:5c:66:4a:e9:37:4f:01:df:71:4d:cc:dc:32:f6:
83:80:4b:87:40:9e:3c:48:08:00:9a:e8:55:c4:61:
e9:8e:fc:1d:81:fe:a4:9f:e8:d7:04:a7:0f:be:3e:
2c:d0:7d:5a:e6:24:cc:89:45:34:08:11:48:95:d7:
7b:b4:5b:7e:bc:19:00:21:25:0f:66:a8:5f:cb:96:
1a:e2:4f:2c:c4:8c:fa:79:80:9a:3e:c5:f6:75:47:
94:07:f3:c8:0d:f7:a5:43:c0:33:01:61:9c:3a:d3:
84:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:D4:87:3E:ED:C2:0E:0F:CB:7F:8C:12:41:60:F5:E7:CE:68:94:D4
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/UtSHPu3CDg_Lf4wSQWD1585olNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:3eb3:37ec/128
Signature Algorithm: sha256WithRSAEncryption
46:45:0e:51:82:a1:c4:4f:da:25:27:81:7c:56:8b:fc:eb:8f:
55:d9:8c:ee:ae:c7:5f:5a:c8:1c:4f:bf:3e:aa:9d:e7:41:06:
71:d2:b2:15:5e:82:56:29:a7:5d:43:6d:2b:e1:21:84:f7:59:
87:cb:8c:fb:90:32:5b:5d:53:58:f1:0f:8d:0b:7f:29:9c:22:
95:92:43:c8:97:03:87:ed:60:0c:b2:ee:7a:7d:c1:a3:18:c4:
6d:75:02:76:b1:ce:1a:8b:ed:fa:91:59:ff:30:04:77:19:2a:
0f:dd:a0:53:7a:6b:d3:3d:7a:a5:dd:16:3c:53:39:5a:6f:09:
4c:1b:39:bc:fe:9d:50:de:e7:5b:8a:fe:20:b8:13:57:12:6c:
1d:0d:29:5d:93:8b:6e:ea:4b:34:9f:38:31:b0:79:b8:0e:5a:
73:3a:5c:9d:6b:b1:1f:f5:da:96:9d:4c:da:69:37:7b:c8:64:
1a:0d:8b:3e:0f:67:25:47:15:dd:44:2a:3b:17:66:af:51:b5:
a1:e8:45:5c:f9:42:1c:04:59:76:ae:6e:01:b3:48:6b:c6:ce:
96:de:21:a8:f2:dd:f1:fb:7a:2e:a5:5d:ab:97:69:eb:38:b5:
4e:98:b1:63:50:a2:a7:e1:c9:4f:ee:6c:08:a7:8b:e7:ea:7d:
34:12:49:f1
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZY+tBGWC9hLBSvyptMNDuoXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDE2MTMwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmQ0ODczZWVkYzIwZTBmY2I3ZjhjMTI0MTYwZjVlN2NlNjg5NGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6nuBB1RPF5I/FwwuiaMR5JZ4PIK1
97Yl6kikTxyZS2P+T+HYVUUQVve03nBOORTPOPfm+CVSBoccXj12zd1sevqxXo5c
J97UZgKnlE2BcZy6Y2+n63MF7nceSKlXbsY+hgDmVbZR2qi3B2Cjw5DwyDNgkWJr
W40j8Cy0uQO2bQpQSMUWU+cmcwgnhXKhgKesjpu6RdzoXGZK6TdPAd9xTczcMvaD
gEuHQJ48SAgAmuhVxGHpjvwdgf6kn+jXBKcPvj4s0H1a5iTMiUU0CBFIldd7tFt+
vBkAISUPZqhfy5Ya4k8sxIz6eYCaPsX2dUeUB/PIDfelQ8AzAWGcOtOEcwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFLUhz7twg4Py3+MEkFg9efOaJTUMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvVXRTSFB1M0NEZ19MZjR3U1FXRDE1ODVvbE5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWPrM37DANBgkqhkiG9w0BAQsFAAOCAQEARkUOUYKhxE/aJSeBfFaL/OuP
VdmM7q7HX1rIHE+/Pqqd50EGcdKyFV6CVimnXUNtK+EhhPdZh8uM+5AyW11TWPEP
jQt/KZwilZJDyJcDh+1gDLLuen3BoxjEbXUCdrHOGovt+pFZ/zAEdxkqD92gU3pr
0z16pd0WPFM5Wm8JTBs5vP6dUN7nW4r+ILgTVxJsHQ0pXZOLbupLNJ84MbB5uA5a
czpcnWuxH/Xalp1M2mk3e8hkGg2LPg9nJUcV3UQqOxdmr1G1oehFXPlCHARZdq5u
AbNIa8bOlt4hqPLd8ft6LqVdq5dp6zi1TpixY1Cip+HJT+5sCKeL5+p9NBJJ8Q==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:28:12 2025 by rpki-client