Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/X1gUxG5E1WfcBzWKcOIqqDP4aA8.roa
File: X1gUxG5E1WfcBzWKcOIqqDP4aA8.roa (raw, json)
Hash identifier: sIzJhvvEGi29BEOjlmaHriJWAh2//ZbTlaK9VJLozcU=
Subject key identifier: 5F:58:14:C4:6E:44:D5:67:DC:07:35:8A:70:E2:2A:A8:33:F8:68:0F
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019733C01E04EC3B2C5986941800E1A2F77F
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/X1gUxG5E1WfcBzWKcOIqqDP4aA8.roa
Signing time: Tue 03 Jun 2025 03:05:18 +0000
ROA not before: Tue 03 Jun 2025 03:05:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:33bf:c0c2/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 03 Jun 2025 03:15:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:33:c0:1e:04:ec:3b:2c:59:86:94:18:00:e1:a2:f7:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 3 03:05:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f5814c46e44d567dc07358a70e22aa833f8680f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:dd:b4:28:43:fe:f7:ce:43:15:b6:37:0a:19:
73:78:e6:74:1e:ae:e0:70:62:60:c9:9d:9a:61:c3:
67:3d:7b:1b:7b:f2:f2:ba:b4:7a:fc:11:29:41:96:
bc:45:11:2b:38:c5:15:1f:81:53:cc:6b:4b:e7:39:
9b:1a:a6:48:01:4e:c2:23:fd:2e:b0:53:b5:a1:31:
ea:24:ec:a1:aa:54:b9:4c:5a:85:c3:5c:da:02:13:
72:71:59:a3:81:db:1e:48:da:29:39:60:4b:fa:0f:
4b:25:63:1d:f9:33:8f:b9:30:43:55:c6:cb:1a:2d:
88:c7:56:7e:e8:77:62:23:66:e0:aa:16:e1:07:9e:
a5:68:08:ad:15:9a:58:85:34:14:3c:70:2c:22:b7:
76:c3:2b:f4:05:8a:f3:1d:61:6d:9c:02:06:b8:f5:
6a:2e:18:de:15:27:03:a3:fd:7e:c6:e2:e1:4c:2d:
06:9f:79:1b:60:1e:b0:0a:67:ba:d9:8b:57:06:42:
56:eb:31:fb:a9:21:e5:80:ca:92:aa:b2:18:d8:62:
3e:f6:15:e1:6a:2a:20:ba:ce:a6:f7:ab:7e:d0:ef:
a7:d8:99:26:d9:9c:0a:d3:36:39:45:67:fa:7e:ff:
4b:c6:29:05:7e:54:14:eb:82:66:29:8c:d3:b8:c8:
12:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:58:14:C4:6E:44:D5:67:DC:07:35:8A:70:E2:2A:A8:33:F8:68:0F
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/X1gUxG5E1WfcBzWKcOIqqDP4aA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:33bf:c0c2/128
Signature Algorithm: sha256WithRSAEncryption
91:d3:77:81:84:ff:20:ba:81:15:4d:59:55:b8:d2:7b:e5:59:
d0:10:28:2c:dd:4b:f0:9e:d2:c0:32:1d:a2:e1:dc:4c:1a:20:
9d:2e:07:bc:85:71:fd:ca:3a:66:89:5e:20:1f:71:0e:60:cb:
76:02:93:86:b1:a4:f3:0b:4e:f4:8a:15:b1:99:0f:96:cb:c4:
b6:b2:9b:5b:30:51:98:0d:72:15:b6:21:92:ea:50:9e:83:16:
75:41:e2:47:4c:c6:9b:49:de:ec:18:8e:36:82:6b:71:9c:cb:
32:c1:70:0f:f0:22:bd:a4:7f:74:55:08:3f:af:13:35:6f:d4:
10:b9:f6:d1:46:97:ef:20:b6:a0:0f:12:29:0d:82:82:3a:c7:
ce:49:69:4c:f0:b1:2a:92:6b:0f:4e:2f:b1:4d:2d:ec:3f:8c:
a7:8c:8f:d4:7d:16:c5:1e:e0:20:67:26:1d:5a:c6:70:e5:26:
71:fb:20:2e:a9:6d:db:a5:f6:a5:ef:15:5e:54:fb:83:58:c5:
c1:eb:cb:b0:e5:bc:6b:0c:b2:87:cc:76:ae:b9:5a:b1:8f:d2:
b3:f1:84:9a:0a:41:4b:87:03:79:8e:01:0a:52:4c:f7:2f:e9:
b8:2d:71:51:f7:03:4e:72:ee:7a:79:62:fe:75:60:b1:12:3e:
41:b5:36:3a
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZczwB4E7DssWYaUGADhovd/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAzMDMwNTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjU4MTRjNDZlNDRkNTY3ZGMwNzM1OGE3MGUyMmFhODMzZjg2ODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvN20KEP+985DFbY3ChlzeOZ0Hq7g
cGJgyZ2aYcNnPXsbe/LyurR6/BEpQZa8RRErOMUVH4FTzGtL5zmbGqZIAU7CI/0u
sFO1oTHqJOyhqlS5TFqFw1zaAhNycVmjgdseSNopOWBL+g9LJWMd+TOPuTBDVcbL
Gi2Ix1Z+6HdiI2bgqhbhB56laAitFZpYhTQUPHAsIrd2wyv0BYrzHWFtnAIGuPVq
LhjeFScDo/1+xuLhTC0Gn3kbYB6wCme62YtXBkJW6zH7qSHlgMqSqrIY2GI+9hXh
aiogus6m96t+0O+n2Jkm2ZwK0zY5RWf6fv9LxikFflQU64JmKYzTuMgSHwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFF9YFMRuRNVn3Ac1inDiKqgz+GgPMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvWDFnVXhHNUUxV2ZjQnpXS2NPSXFxRFA0YUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXM7/AwjANBgkqhkiG9w0BAQsFAAOCAQEAkdN3gYT/ILqB
FU1ZVbjSe+VZ0BAoLN1L8J7SwDIdouHcTBognS4HvIVx/co6ZoleIB9xDmDLdgKT
hrGk8wtO9IoVsZkPlsvEtrKbWzBRmA1yFbYhkupQnoMWdUHiR0zGm0ne7BiONoJr
cZzLMsFwD/AivaR/dFUIP68TNW/UELn20UaX7yC2oA8SKQ2CgjrHzklpTPCxKpJr
D04vsU0t7D+Mp4yP1H0WxR7gIGcmHVrGcOUmcfsgLqlt26X2pe8VXlT7g1jFwevL
sOW8awyyh8x2rrlasY/Ss/GEmgpBS4cDeY4BClJM9y/puC1xUfcDTnLuenli/nVg
sRI+QbU2Og==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:01:21 2025 by rpki-client