Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/V1DB8af6dLle9rDDkmY96JMZOaY.roa
File: V1DB8af6dLle9rDDkmY96JMZOaY.roa (raw, json)
Hash identifier: hx/t6RwSIT8RDhU8piCpXlWMPYFKGUg1d6oh1rMB4s4=
Subject key identifier: 57:50:C1:F1:A7:FA:74:B9:5E:F6:B0:C3:92:66:3D:E8:93:19:39:A6
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01973540A2DB005E29DD7A1BDAEB647E13E7
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/V1DB8af6dLle9rDDkmY96JMZOaY.roa
Signing time: Tue 03 Jun 2025 10:05:17 +0000
ROA not before: Tue 03 Jun 2025 10:05:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 03 Jun 2025 11:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:40:a2:db:00:5e:29:dd:7a:1b:da:eb:64:7e:13:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 3 10:05:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5750c1f1a7fa74b95ef6b0c392663de8931939a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:58:ca:68:8d:db:05:80:64:51:23:95:2e:0d:
5a:31:99:d0:3a:c7:7f:99:59:33:6b:bd:27:de:a4:
cb:9e:7f:2a:8e:12:a8:20:41:96:3b:64:4d:f2:a3:
4f:09:09:16:7e:d4:ab:5b:56:aa:6d:00:bf:de:c9:
00:fc:fe:7d:0f:6f:57:ae:be:43:7b:25:2b:7e:aa:
81:fc:51:c0:72:43:6d:1d:c1:b8:e4:f1:ad:4f:c4:
3a:29:5f:08:00:92:84:f0:ef:90:75:23:d3:ff:b8:
fc:98:e2:52:2d:74:e4:76:37:b7:bd:9e:ed:37:d0:
31:68:80:74:be:78:35:b0:47:d3:d5:b3:0a:46:de:
bd:d6:b9:23:21:4a:e6:dc:67:56:2a:47:72:62:31:
cb:db:2c:79:19:7c:4e:ff:8a:74:20:43:8a:d4:1a:
a2:22:2e:2e:6f:8a:bd:d5:d2:b6:68:65:f5:6c:17:
d1:92:c8:da:7b:8c:60:42:9e:fd:49:a8:f8:f2:da:
5c:e9:c1:7b:8e:71:a9:23:38:34:be:4f:5a:11:da:
96:6d:d4:38:11:a5:d0:3d:7b:2a:e3:f3:c0:a2:6d:
d0:77:71:65:47:3f:9f:e8:fb:e7:ac:6f:10:44:db:
18:7f:f6:5c:e4:97:8c:10:b7:8c:36:de:47:d1:13:
e2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:50:C1:F1:A7:FA:74:B9:5E:F6:B0:C3:92:66:3D:E8:93:19:39:A6
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/V1DB8af6dLle9rDDkmY96JMZOaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
06:f1:58:e5:b3:7d:fc:4e:b5:42:21:0f:4a:03:b5:55:3c:d2:
72:8b:d2:6d:65:2b:45:ef:e4:55:8c:77:5a:58:02:7e:6d:1e:
28:42:ad:d2:09:00:0b:1b:20:a2:a2:ce:b8:d9:f8:db:2e:33:
3f:92:d2:6f:bf:7e:7e:b0:58:27:1b:cf:d4:7c:33:df:bd:81:
9d:fa:43:9a:ec:b5:84:4f:57:c5:c2:5f:51:e8:7c:d5:11:1f:
58:29:e3:76:78:49:3c:17:c6:aa:3a:33:1d:55:b4:40:4c:79:
9e:12:ed:e3:b5:a5:e3:45:94:a4:31:ef:37:75:7a:20:fd:21:
0c:07:a8:35:4b:ee:e2:1c:8a:ae:44:c4:52:01:5b:4e:2c:3b:
b5:90:f3:8e:22:00:96:41:bb:bc:97:d7:5c:7c:0d:fc:12:f3:
f5:ce:b6:02:3b:59:c8:9e:d8:21:11:db:cd:14:d3:ec:2c:19:
3d:fb:e0:c9:90:f4:9c:1d:be:50:2d:3a:bf:08:8c:cc:73:b1:
23:56:bf:3b:89:28:cb:cd:5b:c1:d0:cb:db:ec:28:11:e2:bc:
2f:5e:59:3d:81:0c:a2:c1:2c:df:c1:bc:d0:6c:18:7e:7d:d3:
5b:24:7e:c6:d3:44:39:ee:14:df:1d:10:1c:13:fd:74:32:12:
d6:b4:ae:f3
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc1QKLbAF4p3Xob2utkfhPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAzMTAwNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzUwYzFmMWE3ZmE3NGI5NWVmNmIwYzM5MjY2M2RlODkzMTkzOWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7FjKaI3bBYBkUSOVLg1aMZnQOsd/
mVkza70n3qTLnn8qjhKoIEGWO2RN8qNPCQkWftSrW1aqbQC/3skA/P59D29Xrr5D
eyUrfqqB/FHAckNtHcG45PGtT8Q6KV8IAJKE8O+QdSPT/7j8mOJSLXTkdje3vZ7t
N9AxaIB0vng1sEfT1bMKRt691rkjIUrm3GdWKkdyYjHL2yx5GXxO/4p0IEOK1Bqi
Ii4ub4q91dK2aGX1bBfRksjae4xgQp79Saj48tpc6cF7jnGpIzg0vk9aEdqWbdQ4
EaXQPXsq4/PAom3Qd3FlRz+f6PvnrG8QRNsYf/Zc5JeMELeMNt5H0RPiAQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFFdQwfGn+nS5Xvaww5JmPeiTGTmmMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvVjFEQjhhZjZkTGxlOXJERGttWTk2Sk1aT2FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEABvFY5bN9/E61
QiEPSgO1VTzScovSbWUrRe/kVYx3WlgCfm0eKEKt0gkACxsgoqLOuNn42y4zP5LS
b79+frBYJxvP1Hwz372BnfpDmuy1hE9XxcJfUeh81REfWCnjdnhJPBfGqjozHVW0
QEx5nhLt47Wl40WUpDHvN3V6IP0hDAeoNUvu4hyKrkTEUgFbTiw7tZDzjiIAlkG7
vJfXXHwN/BLz9c62AjtZyJ7YIRHbzRTT7CwZPfvgyZD0nB2+UC06vwiMzHOxI1a/
O4koy81bwdDL2+woEeK8L15ZPYEMosEs38G80GwYfn3TWyR+xtNEOe4U3x0QHBP9
dDIS1rSu8w==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:28:49 2025 by rpki-client