Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/VlE8lPNvZ2NfCDGcb-o30ZbXkMc.roa
File: VlE8lPNvZ2NfCDGcb-o30ZbXkMc.roa (raw, json)
Hash identifier: kCG6qojnkJXiL/iYXQcbuwnQaP3Xg9lQDwUK7gZEJfg=
Subject key identifier: 56:51:3C:94:F3:6F:67:63:5F:08:31:9C:6F:EA:37:D1:96:D7:90:C7
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01973EF0CD143D0FE90A5D390ADEC63A793F
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/VlE8lPNvZ2NfCDGcb-o30ZbXkMc.roa
Signing time: Thu 05 Jun 2025 07:14:17 +0000
ROA not before: Thu 05 Jun 2025 07:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 05 Jun 2025 08:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3e:f0:cd:14:3d:0f:e9:0a:5d:39:0a:de:c6:3a:79:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 5 07:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56513c94f36f67635f08319c6fea37d196d790c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:35:9c:2d:77:52:7b:31:e8:4d:c2:dc:9a:61:
94:a0:b1:fe:85:1a:17:56:44:e8:41:d7:5b:21:19:
81:30:46:65:4f:63:07:b8:77:58:d9:4c:37:f6:89:
2e:3f:d6:bd:57:8b:2f:f1:79:45:f2:08:40:56:8f:
1d:b3:35:5c:c8:14:c8:43:48:03:c3:c2:6e:58:1a:
19:58:b0:bf:11:e8:73:86:53:77:b6:a4:a9:c0:dd:
c8:06:db:a0:66:49:10:7e:66:90:57:18:ae:b8:29:
a4:9a:75:12:4a:40:23:24:34:52:ce:d5:84:16:ea:
20:67:29:27:5d:7c:e0:23:02:d0:b3:73:ce:d2:7a:
a6:66:bb:d7:18:4e:a8:5e:ee:98:e0:c2:a3:3f:b8:
6e:22:31:ff:c1:da:e5:75:33:f0:eb:41:bb:52:f9:
17:98:f3:37:bc:9d:b2:37:49:6b:d3:6c:dc:82:32:
e9:d2:e9:b2:ce:3f:23:b4:e1:34:39:1c:74:f6:20:
28:00:95:80:2a:ff:9c:a6:30:07:31:a6:28:49:89:
44:51:ee:50:69:36:75:93:d3:a2:6c:e5:34:2c:0f:
95:00:82:5a:f4:3e:16:30:57:75:cc:14:3b:22:e2:
99:4a:c6:a8:9a:88:62:c9:03:10:ee:62:84:97:19:
d5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:51:3C:94:F3:6F:67:63:5F:08:31:9C:6F:EA:37:D1:96:D7:90:C7
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/VlE8lPNvZ2NfCDGcb-o30ZbXkMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
50:b7:5f:7c:a6:2e:78:53:a9:1c:20:e2:d3:cd:ac:a4:06:21:
49:19:c4:81:50:a1:61:c4:5d:19:95:35:29:fa:7d:3a:f2:3b:
f5:d6:d5:60:5b:d3:e9:d2:89:20:4b:ae:11:d8:c2:1e:59:40:
81:1b:37:32:54:17:3a:29:26:7a:8c:db:f9:cb:20:72:3b:c9:
2e:a2:91:3b:43:f0:fa:7f:e1:1e:8c:5e:1f:14:d2:7d:03:26:
dc:0a:4e:40:ec:89:48:a6:fd:8b:80:08:1c:c1:01:d5:89:0e:
db:5d:fb:7a:1e:f8:4d:81:fc:08:9b:ae:09:93:01:8f:c1:3a:
6b:ec:e0:c3:b3:ca:4b:85:f7:b9:ba:9c:79:74:6d:ee:d9:64:
b2:6c:74:27:54:e8:b1:2f:06:47:45:2d:fb:7b:a1:14:f9:df:
6b:7d:c4:1a:7d:5e:02:35:46:29:96:e6:61:1e:74:36:c5:23:
5a:86:ca:e6:ce:94:8c:c6:79:61:68:26:72:43:49:e5:30:9e:
bd:b8:19:27:69:35:56:de:7f:33:18:9d:5e:36:8b:81:26:3f:
51:5c:fc:f4:ee:06:ad:5b:7c:ea:b1:76:a3:0f:e2:b2:d4:46:
ef:1d:b6:3a:bf:23:19:b8:12:d6:46:4b:55:82:dd:d3:00:3c:
8a:b4:5c:d9
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc+8M0UPQ/pCl05Ct7GOnk/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA1MDcxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjUxM2M5NGYzNmY2NzYzNWYwODMxOWM2ZmVhMzdkMTk2ZDc5MGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DWcLXdSezHoTcLcmmGUoLH+hRoX
VkToQddbIRmBMEZlT2MHuHdY2Uw39okuP9a9V4sv8XlF8ghAVo8dszVcyBTIQ0gD
w8JuWBoZWLC/EehzhlN3tqSpwN3IBtugZkkQfmaQVxiuuCmkmnUSSkAjJDRSztWE
FuogZyknXXzgIwLQs3PO0nqmZrvXGE6oXu6Y4MKjP7huIjH/wdrldTPw60G7UvkX
mPM3vJ2yN0lr02zcgjLp0umyzj8jtOE0ORx09iAoAJWAKv+cpjAHMaYoSYlEUe5Q
aTZ1k9OibOU0LA+VAIJa9D4WMFd1zBQ7IuKZSsaomohiyQMQ7mKElxnVyQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFFZRPJTzb2djXwgxnG/qN9GW15DHMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvVmxFOGxQTnZaMk5mQ0RHY2ItbzMwWmJYa01jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAULdffKYueFOp
HCDi082spAYhSRnEgVChYcRdGZU1Kfp9OvI79dbVYFvT6dKJIEuuEdjCHllAgRs3
MlQXOikmeozb+csgcjvJLqKRO0Pw+n/hHoxeHxTSfQMm3ApOQOyJSKb9i4AIHMEB
1YkO2137eh74TYH8CJuuCZMBj8E6a+zgw7PKS4X3ubqceXRt7tlksmx0J1TosS8G
R0Ut+3uhFPnfa33EGn1eAjVGKZbmYR50NsUjWobK5s6UjMZ5YWgmckNJ5TCevbgZ
J2k1Vt5/MxidXjaLgSY/UVz89O4GrVt86rF2ow/istRG7x22Or8jGbgS1kZLVYLd
0wA8irRc2Q==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:44:13 2025 by rpki-client