Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/YJmkOdVEE6WD5hCQATWTFm2SSWo.roa
File: YJmkOdVEE6WD5hCQATWTFm2SSWo.roa (raw, json)
Hash identifier: Ke7UOFiuJRk9MU21MztzeFjN60wAxBlXAGJsDzA3grI=
Subject key identifier: 60:99:A4:39:D5:44:13:A5:83:E6:10:90:01:35:93:16:6D:92:49:6A
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01971AE21A91BC0F7D5C88C47F26645999B9
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/YJmkOdVEE6WD5hCQATWTFm2SSWo.roa
Signing time: Thu 29 May 2025 07:11:54 +0000
ROA not before: Thu 29 May 2025 07:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 29 May 2025 08:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1a:e2:1a:91:bc:0f:7d:5c:88:c4:7f:26:64:59:99:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 29 07:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6099a439d54413a583e61090013593166d92496a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a7:ad:32:5f:40:a9:5f:56:77:c7:56:8f:6f:
75:22:97:bf:cb:1b:fc:ab:7f:6f:cf:99:87:7d:3b:
20:c9:7c:df:4c:44:34:30:52:f8:ce:61:4d:95:32:
51:44:e5:60:33:05:61:ab:ff:46:a6:c4:83:e1:4f:
b7:65:91:df:ed:b8:f3:14:ef:b5:e4:28:f9:4f:a3:
e6:a1:3f:33:de:6b:c2:a9:98:4c:6a:c1:0a:04:b1:
04:22:cc:3c:2a:8f:67:a7:a5:07:9a:14:3d:84:75:
b6:32:ee:e3:30:47:de:41:b0:f5:de:db:21:05:aa:
f0:31:6a:ae:83:09:31:74:13:c6:3a:5d:05:e0:4b:
ee:53:91:ba:19:ca:67:47:85:b8:eb:d7:92:e7:9b:
ea:71:cc:15:43:10:db:43:c8:f6:2f:0b:80:09:5a:
40:3d:48:86:77:cd:bd:e8:41:67:ac:d5:06:e5:d5:
1d:3b:89:19:d6:ac:f8:40:61:e3:b3:ef:eb:da:0a:
14:a4:b8:52:86:d9:09:7c:c5:08:ec:4f:30:62:2e:
98:20:ba:d7:56:75:d4:7b:42:77:61:39:c5:50:66:
2b:9b:b1:95:85:c6:f9:33:2e:64:7f:02:2b:e9:7a:
13:77:68:76:86:0d:95:4a:f1:3d:fb:fb:60:4c:a5:
11:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:99:A4:39:D5:44:13:A5:83:E6:10:90:01:35:93:16:6D:92:49:6A
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/YJmkOdVEE6WD5hCQATWTFm2SSWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
68:c3:88:e4:ad:60:16:5a:57:66:ab:43:9d:fe:c3:6b:7b:fa:
45:4d:62:d8:b5:af:14:b6:20:87:1f:43:cc:33:ba:2a:23:c5:
c2:1d:5f:c0:b8:9b:47:40:a8:3e:92:da:a9:cc:78:91:ad:e0:
35:8c:ad:55:ee:03:86:e8:38:91:f0:42:10:ae:75:d0:e7:bf:
f9:bc:c2:bf:e8:d1:38:9a:4e:af:43:54:22:6a:52:01:5e:e0:
bd:63:96:86:03:46:d3:26:52:74:0a:7f:0b:80:f1:02:f3:cf:
b2:ea:e3:3d:67:9b:fc:07:3d:f1:4b:cf:f0:7d:96:39:64:99:
84:c2:7b:30:17:6f:cc:f9:22:ec:4b:f0:15:16:f4:d5:8f:c8:
a2:c1:a5:75:7c:5b:0d:cb:29:85:13:af:c5:64:c7:ba:68:d4:
58:1f:5b:68:3c:76:c6:73:cc:8a:ed:8d:8b:4a:42:36:90:12:
ad:3a:a7:24:2b:26:5a:99:2a:c0:06:ed:85:bc:41:cb:60:53:
a9:7f:ba:86:d1:a4:68:28:b2:9d:18:c9:7f:d8:e2:c5:3b:d5:
21:ca:85:70:ce:73:37:f6:fa:29:ce:d0:ea:b9:03:9f:9b:22:
2e:d8:97:d6:aa:c7:35:e0:d5:e4:9f:c5:3b:2e:4c:8f:d5:4f:
5d:5d:ce:4f
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZca4hqRvA99XIjEfyZkWZm5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI5MDcxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDk5YTQzOWQ1NDQxM2E1ODNlNjEwOTAwMTM1OTMxNjZkOTI0OTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaetMl9AqV9Wd8dWj291Ipe/yxv8
q39vz5mHfTsgyXzfTEQ0MFL4zmFNlTJRROVgMwVhq/9GpsSD4U+3ZZHf7bjzFO+1
5Cj5T6PmoT8z3mvCqZhMasEKBLEEIsw8Ko9np6UHmhQ9hHW2Mu7jMEfeQbD13tsh
BarwMWqugwkxdBPGOl0F4EvuU5G6GcpnR4W469eS55vqccwVQxDbQ8j2LwuACVpA
PUiGd8296EFnrNUG5dUdO4kZ1qz4QGHjs+/r2goUpLhShtkJfMUI7E8wYi6YILrX
VnXUe0J3YTnFUGYrm7GVhcb5My5kfwIr6XoTd2h2hg2VSvE9+/tgTKUR0wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFGCZpDnVRBOlg+YQkAE1kxZtkklqMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvWUpta09kVkVFNldENWhDUUFUV1RGbTJTU1dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQBow4jkrWAWWldmq0Od/sNre/pFTWLYta8UtiCH
H0PMM7oqI8XCHV/AuJtHQKg+ktqpzHiRreA1jK1V7gOG6DiR8EIQrnXQ57/5vMK/
6NE4mk6vQ1QialIBXuC9Y5aGA0bTJlJ0Cn8LgPEC88+y6uM9Z5v8Bz3xS8/wfZY5
ZJmEwnswF2/M+SLsS/AVFvTVj8iiwaV1fFsNyymFE6/FZMe6aNRYH1toPHbGc8yK
7Y2LSkI2kBKtOqckKyZamSrABu2FvEHLYFOpf7qG0aRoKLKdGMl/2OLFO9UhyoVw
znM39vopztDquQOfmyIu2JfWqsc14NXkn8U7LkyP1U9dXc5P
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:20:39 2025 by rpki-client