Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/XpH6Lj6-Ehe9swSP7wXX5RD71IU.roa
File: XpH6Lj6-Ehe9swSP7wXX5RD71IU.roa (raw, json)
Hash identifier: jVXxak2S/JzggZA+q5/tLUs/xzHZOPPPsADoGjbXK2E=
Subject key identifier: 5E:91:FA:2E:3E:BE:12:17:BD:B3:04:8F:EF:05:D7:E5:10:FB:D4:85
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01972ED055BBBF0E58032B2314CE9248BB7D
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/XpH6Lj6-Ehe9swSP7wXX5RD71IU.roa
Signing time: Mon 02 Jun 2025 04:04:54 +0000
ROA not before: Mon 02 Jun 2025 04:04:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:2ed0:45bd/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 02 Jun 2025 04:12:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2e:d0:55:bb:bf:0e:58:03:2b:23:14:ce:92:48:bb:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 2 04:04:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e91fa2e3ebe1217bdb3048fef05d7e510fbd485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:24:0f:c1:ff:1e:11:ce:b9:ca:c3:91:79:03:
e8:c3:fe:a2:1f:95:9e:79:9a:e3:4e:0b:0c:d0:8d:
3a:d9:b7:e5:aa:26:c0:d5:95:12:84:e9:54:57:2b:
e1:08:4a:e7:c0:36:6e:ac:5e:42:84:a5:84:c9:28:
f9:b4:dd:b3:ae:27:f4:e4:7c:2f:31:ec:68:b5:0b:
45:88:71:a6:a9:1a:20:10:8a:98:ae:23:37:5d:ce:
9a:a3:4f:47:d2:f7:54:ab:9d:9f:5c:d9:db:04:96:
ae:02:af:7a:da:3f:80:41:74:b1:64:54:08:1c:6b:
d1:60:cc:42:8f:e0:ff:2a:1b:4e:18:27:f5:02:70:
dc:7c:1c:c9:db:81:e4:2b:6e:4b:d4:52:c6:bb:9a:
ab:66:2d:ba:ab:b3:75:5b:8c:a8:95:32:b4:fc:d1:
c2:5d:f4:52:04:f8:27:96:6e:e9:67:71:40:e0:d4:
2e:68:86:e0:c1:4d:b9:96:fa:84:91:30:30:2c:b6:
1f:07:d5:dd:ce:8c:f3:f3:51:58:6b:e0:25:f2:05:
a8:7c:a1:fc:ad:48:05:44:75:ea:9c:4e:21:17:a9:
d3:59:69:25:5d:4d:43:d5:25:55:f0:06:2d:41:75:
d2:44:0c:29:56:46:b4:c5:a1:e3:6a:20:f3:f2:d1:
e2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:91:FA:2E:3E:BE:12:17:BD:B3:04:8F:EF:05:D7:E5:10:FB:D4:85
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/XpH6Lj6-Ehe9swSP7wXX5RD71IU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:2ed0:45bd/128
Signature Algorithm: sha256WithRSAEncryption
04:7c:aa:d5:b2:97:f2:80:63:70:87:e2:b9:0f:17:9d:91:6c:
a7:f5:46:e4:1b:55:80:30:bf:58:75:28:02:2d:ce:fd:1c:ad:
c8:87:10:b2:be:ae:bc:97:5d:5e:63:30:f9:dd:77:fb:b5:e4:
48:59:c4:61:10:8b:66:8e:d6:55:6f:a1:a3:44:94:42:be:bc:
9b:bc:0f:aa:e4:b5:ca:aa:26:36:47:cb:d0:dc:a0:0e:db:64:
f0:6d:46:74:ac:54:37:50:48:61:52:33:f3:ef:73:af:cd:8b:
dc:8d:6d:a7:9a:e7:6f:be:6d:a6:65:55:85:a5:49:dd:81:7d:
e4:e2:ac:71:9e:03:50:7f:01:3c:d2:54:63:25:38:bb:3b:c6:
9b:b3:cb:8c:03:84:ce:c7:22:87:40:ee:a7:fe:00:bb:3d:23:
53:0b:ce:3a:9c:73:73:17:31:9c:b1:1d:a3:9d:ce:a3:9b:24:
28:0a:be:2b:b8:93:64:03:43:09:37:1c:7f:8e:87:73:ed:a0:
8a:c1:8a:ab:b3:cb:77:40:44:26:c1:e2:cd:59:bd:29:21:22:
64:8d:99:36:d3:d5:d9:07:03:7e:e7:fc:20:5e:21:f9:ac:ce:
7f:e1:7d:01:db:6b:91:c8:49:42:a6:9b:b4:39:ee:8f:34:66:
97:ed:b3:f0
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZcu0FW7vw5YAysjFM6SSLt9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAyMDQwNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTkxZmEyZTNlYmUxMjE3YmRiMzA0OGZlZjA1ZDdlNTEwZmJkNDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiQPwf8eEc65ysOReQPow/6iH5We
eZrjTgsM0I062bflqibA1ZUShOlUVyvhCErnwDZurF5ChKWEySj5tN2zrif05Hwv
MexotQtFiHGmqRogEIqYriM3Xc6ao09H0vdUq52fXNnbBJauAq962j+AQXSxZFQI
HGvRYMxCj+D/KhtOGCf1AnDcfBzJ24HkK25L1FLGu5qrZi26q7N1W4yolTK0/NHC
XfRSBPgnlm7pZ3FA4NQuaIbgwU25lvqEkTAwLLYfB9Xdzozz81FYa+Al8gWofKH8
rUgFRHXqnE4hF6nTWWklXU1D1SVV8AYtQXXSRAwpVka0xaHjaiDz8tHiywIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFF6R+i4+vhIXvbMEj+8F1+UQ+9SFMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvWHBINkxqNi1FaGU5c3dTUDd3WFg1UkQ3MUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXLtBFvTANBgkqhkiG9w0BAQsFAAOCAQEABHyq1bKX8oBj
cIfiuQ8XnZFsp/VG5BtVgDC/WHUoAi3O/RytyIcQsr6uvJddXmMw+d13+7XkSFnE
YRCLZo7WVW+ho0SUQr68m7wPquS1yqomNkfL0NygDttk8G1GdKxUN1BIYVIz8+9z
r82L3I1tp5rnb75tpmVVhaVJ3YF95OKscZ4DUH8BPNJUYyU4uzvGm7PLjAOEzsci
h0Dup/4Auz0jUwvOOpxzcxcxnLEdo53Oo5skKAq+K7iTZANDCTccf46Hc+2gisGK
q7PLd0BEJsHizVm9KSEiZI2ZNtPV2QcDfuf8IF4h+azOf+F9AdtrkchJQqabtDnu
jzRml+2z8A==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:41:18 2025 by rpki-client