Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/XK_SZqJmD6o-XF9tVHd4pzYjWFc.roa
File: XK_SZqJmD6o-XF9tVHd4pzYjWFc.roa (raw, json)
Hash identifier: nB6g8zG3aS1uS881wiZCqnaV/s64lYcH7kSkWXY+RYM=
Subject key identifier: 5C:AF:D2:66:A2:66:0F:AA:3E:5C:5F:6D:54:77:78:A7:36:23:58:57
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196F55511405C187852559366B9977905FF
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/XK_SZqJmD6o-XF9tVHd4pzYjWFc.roa
Signing time: Thu 22 May 2025 00:11:54 +0000
ROA not before: Thu 22 May 2025 00:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 22 May 2025 01:05:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f5:55:11:40:5c:18:78:52:55:93:66:b9:97:79:05:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 22 00:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cafd266a2660faa3e5c5f6d547778a736235857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7e:69:5e:b4:c2:5b:b5:2d:3b:e8:45:8c:be:
f5:c2:2a:6d:bf:7e:e9:3e:29:47:42:5a:d3:41:ee:
87:8a:f3:d0:01:8c:97:a2:44:1c:16:f2:eb:9f:62:
c2:f7:8d:0c:ce:de:26:6d:97:4a:2a:d1:1a:38:8e:
ea:ee:c2:bf:69:8c:22:25:a7:ca:23:da:d3:d8:40:
9d:ac:4f:6f:b4:19:11:e5:d0:87:0a:27:86:73:6c:
0c:0a:9f:9f:b5:06:0b:7f:3a:2d:b8:df:a2:4c:f9:
ed:fe:85:7b:2e:af:c5:98:42:9d:d2:97:94:ed:c4:
06:59:3e:e3:f9:48:a8:bf:8d:1a:8d:18:5f:f0:c7:
98:bf:7c:e7:fa:af:5e:2e:9e:5e:4e:b4:b0:9f:5f:
fe:79:e3:b1:68:36:e6:e9:07:1d:67:a9:98:67:c1:
74:5a:72:42:ab:96:29:d0:f3:45:5b:30:fb:de:79:
bb:12:cf:64:16:a7:32:79:0f:33:4e:62:97:8c:b6:
a4:4a:0b:6b:73:64:dd:37:41:58:16:15:f2:66:13:
21:bf:68:c9:49:8e:9d:e3:bf:44:5d:e3:24:76:0c:
72:3a:13:c2:d1:49:aa:1f:9e:0e:26:56:6a:e8:f3:
b1:96:36:58:94:14:aa:b2:3e:cf:57:fa:aa:1e:f7:
74:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:AF:D2:66:A2:66:0F:AA:3E:5C:5F:6D:54:77:78:A7:36:23:58:57
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/XK_SZqJmD6o-XF9tVHd4pzYjWFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
9b:ce:76:66:32:85:94:5d:7e:33:05:d6:73:8a:50:0e:87:80:
6e:1a:11:22:77:b9:31:1b:55:27:22:86:a3:13:30:2b:49:74:
9b:6c:77:cc:2a:5a:72:c2:4c:54:f2:1d:d0:9f:0e:e8:80:97:
96:f9:dd:79:ad:96:a7:ca:d9:67:fd:3f:ab:5a:47:f9:eb:94:
27:e5:df:d3:c5:1e:69:f8:56:51:24:4d:72:98:e1:4a:76:0b:
ac:34:2f:a5:40:5d:2a:c6:fe:99:d8:20:e4:a5:93:16:5e:55:
f2:cc:c2:59:ae:5c:62:22:0c:04:dc:ea:92:ac:1e:24:04:96:
64:1c:77:8b:40:5a:91:b1:6f:06:59:65:e3:83:25:e0:7d:93:
bb:1c:07:64:10:95:e6:0d:94:77:f3:5a:91:f2:5a:d8:76:c4:
77:a6:9c:07:80:cf:b1:2b:3e:7a:3c:98:20:f3:e9:8c:3c:e1:
3d:59:5e:9b:e7:52:c3:d9:c6:4d:48:8c:10:85:f3:d6:66:ad:
42:06:4a:7f:11:c2:bc:d5:40:a6:0a:5f:fa:91:e3:ba:10:ec:
30:db:b0:78:7d:fa:8b:1f:bb:02:d6:76:14:a6:7f:bf:04:6e:
4d:6e:a9:17:c1:02:43:82:8b:8c:9b:10:02:5e:89:da:49:bd:
69:7c:af:90
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb1VRFAXBh4UlWTZrmXeQX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIyMDAxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2FmZDI2NmEyNjYwZmFhM2U1YzVmNmQ1NDc3NzhhNzM2MjM1ODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX5pXrTCW7UtO+hFjL71wiptv37p
PilHQlrTQe6HivPQAYyXokQcFvLrn2LC940Mzt4mbZdKKtEaOI7q7sK/aYwiJafK
I9rT2ECdrE9vtBkR5dCHCieGc2wMCp+ftQYLfzotuN+iTPnt/oV7Lq/FmEKd0peU
7cQGWT7j+Uiov40ajRhf8MeYv3zn+q9eLp5eTrSwn1/+eeOxaDbm6QcdZ6mYZ8F0
WnJCq5Yp0PNFWzD73nm7Es9kFqcyeQ8zTmKXjLakSgtrc2TdN0FYFhXyZhMhv2jJ
SY6d479EXeMkdgxyOhPC0UmqH54OJlZq6POxljZYlBSqsj7PV/qqHvd0eQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFyv0maiZg+qPlxfbVR3eKc2I1hXMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvWEtfU1pxSm1ENm8tWEY5dFZIZDRwellqV0ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAm852ZjKFlF1+MwXWc4pQDoeA
bhoRIne5MRtVJyKGoxMwK0l0m2x3zCpacsJMVPId0J8O6ICXlvndea2Wp8rZZ/0/
q1pH+euUJ+Xf08UeafhWUSRNcpjhSnYLrDQvpUBdKsb+mdgg5KWTFl5V8szCWa5c
YiIMBNzqkqweJASWZBx3i0BakbFvBlll44Ml4H2TuxwHZBCV5g2Ud/NakfJa2HbE
d6acB4DPsSs+ejyYIPPpjDzhPVlem+dSw9nGTUiMEIXz1matQgZKfxHCvNVApgpf
+pHjuhDsMNuweH36ix+7AtZ2FKZ/vwRuTW6pF8ECQ4KLjJsQAl6J2km9aXyvkA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:18:17 2025 by rpki-client