Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Y2SQZ-1uQUPldyVQ4z40vnW87QU.roa
File: Y2SQZ-1uQUPldyVQ4z40vnW87QU.roa (raw, json)
Hash identifier: TXPIsjUTSAECtUSa2txA8K3GXM4SSshgH49fpsSE3Lc=
Subject key identifier: 63:64:90:67:ED:6E:41:43:E5:77:25:50:E3:3E:34:BE:75:BC:ED:05
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196C687CB3AC85C64C0767A15847D268AE4
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Y2SQZ-1uQUPldyVQ4z40vnW87QU.roa
Signing time: Mon 12 May 2025 22:05:10 +0000
ROA not before: Mon 12 May 2025 22:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:c686:f3be/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 12 May 2025 22:14:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c6:87:cb:3a:c8:5c:64:c0:76:7a:15:84:7d:26:8a:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 12 22:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63649067ed6e4143e5772550e33e34be75bced05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fd:17:ec:ee:64:ed:db:3d:3a:68:99:2f:cd:
29:9d:3b:03:d6:da:52:67:61:7a:6d:e8:50:f8:42:
ba:58:58:37:3c:f7:ca:41:f1:d5:e2:a6:95:1f:a8:
38:50:44:44:4a:e4:0d:54:d7:95:fd:46:34:c0:83:
42:09:eb:c2:a8:c3:e8:5a:b9:aa:82:9d:0a:6c:72:
9e:5d:29:88:29:94:31:e7:46:f8:24:22:9d:f1:34:
80:75:a6:79:d3:e4:fd:7c:50:6b:f1:f6:b4:00:91:
b3:39:81:c8:9c:b9:99:41:5f:a2:76:64:c0:7c:5f:
5d:2d:95:99:37:1d:2d:51:04:0c:8b:a7:a3:78:0e:
5f:6e:8b:ff:f0:99:9a:a3:d4:9c:a9:4f:b0:d4:95:
2f:08:2f:0d:e3:0a:91:bb:e8:0a:9d:54:01:a7:81:
a8:bb:04:4f:9a:5a:aa:c2:c9:2e:0b:10:63:f7:27:
6d:eb:cf:45:30:b0:24:0f:20:f8:d9:a7:99:f4:68:
be:3d:7f:c9:d5:3e:cf:ff:40:0d:f2:20:f0:b5:62:
84:55:8d:68:a6:2d:df:59:38:47:c9:6a:33:92:21:
5e:47:fa:de:20:04:e1:6d:0f:32:bf:03:f7:fd:89:
32:41:c6:2d:1d:5d:36:34:b2:a9:4f:77:27:8d:7a:
8d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:64:90:67:ED:6E:41:43:E5:77:25:50:E3:3E:34:BE:75:BC:ED:05
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Y2SQZ-1uQUPldyVQ4z40vnW87QU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:c686:f3be/128
Signature Algorithm: sha256WithRSAEncryption
48:13:c0:70:17:7a:82:f2:c4:97:e1:06:f7:ee:b8:1e:d0:b4:
c5:45:97:87:d3:4f:90:44:f8:a4:a8:98:7e:a0:9c:88:52:8c:
6e:29:3c:6a:84:82:53:f9:b2:6d:79:fc:b2:23:e8:25:31:65:
96:65:99:a2:56:e0:03:b9:61:1c:16:c0:30:51:e7:23:38:ae:
23:a8:e7:3a:36:8c:d3:fd:41:64:75:ac:cc:fa:51:ae:43:e9:
0a:2d:19:3d:e7:9b:bb:5a:6b:93:89:df:bd:0c:20:0d:f6:bf:
bc:ea:71:98:8e:f4:b1:67:4d:3a:2d:db:88:58:e0:76:04:e7:
b5:f6:f4:de:c2:b7:e2:7a:00:29:24:de:09:3e:90:af:e4:f6:
20:fa:9b:94:fe:82:f0:0b:da:86:61:4e:a5:c0:f5:5f:36:0a:
b1:09:8b:2c:13:6c:d0:f0:e2:ba:6e:b5:26:27:fc:cb:2e:67:
41:2f:5a:e6:9e:c1:1b:3a:e4:c4:52:cd:6a:ec:72:77:a4:93:
22:87:33:50:cf:fb:35:74:51:30:28:24:44:95:d9:8b:d0:55:
73:af:17:1c:87:43:e6:5d:20:1a:4c:7b:5e:6f:b8:d8:63:8d:
af:ed:50:92:ff:cc:1c:8c:39:8f:6f:58:8f:8f:78:26:a5:c2:
84:2f:a3:45
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbGh8s6yFxkwHZ6FYR9JorkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTEyMjIwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzY0OTA2N2VkNmU0MTQzZTU3NzI1NTBlMzNlMzRiZTc1YmNlZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApP0X7O5k7ds9OmiZL80pnTsD1tpS
Z2F6behQ+EK6WFg3PPfKQfHV4qaVH6g4UERESuQNVNeV/UY0wINCCevCqMPoWrmq
gp0KbHKeXSmIKZQx50b4JCKd8TSAdaZ50+T9fFBr8fa0AJGzOYHInLmZQV+idmTA
fF9dLZWZNx0tUQQMi6ejeA5fbov/8Jmao9ScqU+w1JUvCC8N4wqRu+gKnVQBp4Go
uwRPmlqqwskuCxBj9ydt689FMLAkDyD42aeZ9Gi+PX/J1T7P/0AN8iDwtWKEVY1o
pi3fWThHyWozkiFeR/reIAThbQ8yvwP3/YkyQcYtHV02NLKpT3cnjXqN3wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGNkkGftbkFD5XclUOM+NL51vO0FMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvWTJTUVotMXVRVVBsZHlWUTR6NDB2blc4N1FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWxobzvjANBgkqhkiG9w0BAQsFAAOCAQEASBPAcBd6gvLEl+EG9+64HtC0
xUWXh9NPkET4pKiYfqCciFKMbik8aoSCU/mybXn8siPoJTFllmWZolbgA7lhHBbA
MFHnIziuI6jnOjaM0/1BZHWszPpRrkPpCi0ZPeebu1prk4nfvQwgDfa/vOpxmI70
sWdNOi3biFjgdgTntfb03sK34noAKSTeCT6Qr+T2IPqblP6C8AvahmFOpcD1XzYK
sQmLLBNs0PDium61Jif8yy5nQS9a5p7BGzrkxFLNauxyd6STIoczUM/7NXRRMCgk
RJXZi9BVc68XHIdD5l0gGkx7Xm+42GONr+1Qkv/MHIw5j29Yj494JqXChC+jRQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:26:30 2025 by rpki-client