Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Yw6zTD_HNzl66lrCAelNWhmOCRU.roa
File: Yw6zTD_HNzl66lrCAelNWhmOCRU.roa (raw, json)
Hash identifier: ZkZpV2uvSiQKA+GyBoa6oGjYXM3teLemJWIM6+pqX/Y=
Subject key identifier: 63:0E:B3:4C:3F:C7:37:39:7A:EA:5A:C2:01:E9:4D:5A:19:8E:09:15
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01972A1E3F80E8EFDEC26984F91265C3E38F
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Yw6zTD_HNzl66lrCAelNWhmOCRU.roa
Signing time: Sun 01 Jun 2025 06:11:54 +0000
ROA not before: Sun 01 Jun 2025 06:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 01 Jun 2025 07:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2a:1e:3f:80:e8:ef:de:c2:69:84:f9:12:65:c3:e3:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 1 06:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=630eb34c3fc737397aea5ac201e94d5a198e0915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:cd:c7:35:3c:12:42:36:96:4a:8b:68:7f:d9:
0b:77:27:09:e8:ca:84:2c:88:31:18:17:23:d7:61:
bc:43:07:f3:76:23:5f:17:f1:42:36:5d:40:4d:e0:
c0:21:f2:98:ba:d7:d6:5b:95:1d:14:ed:b2:40:d3:
8f:4c:ac:f1:9f:e7:d6:c6:8b:12:9f:13:de:e1:c1:
02:21:c5:50:49:4f:1e:57:e8:6f:94:88:12:5e:e9:
6a:98:8f:ce:f4:07:6c:95:da:83:7d:be:2d:36:d4:
69:4e:88:3b:74:7b:8b:8c:76:77:97:06:db:87:48:
f9:f3:ae:f7:17:66:ec:6c:43:fc:03:e6:85:d5:f3:
00:c5:92:bd:fd:c4:d0:9b:a1:3e:aa:4a:3b:34:fe:
68:94:ca:b8:3b:76:ca:d4:cf:69:0d:c3:e1:19:a6:
8f:04:19:c5:2f:36:cf:2e:ff:69:99:dc:34:73:c5:
2c:b0:23:f7:9d:05:b2:0d:b1:e0:0a:98:a6:f5:3d:
d3:59:00:25:0e:49:cc:aa:0b:77:4d:d5:97:b0:97:
44:fc:aa:43:0f:c9:c3:a9:ac:66:cd:f8:62:6f:b6:
ae:2e:57:45:ff:e2:b2:cf:03:c1:b3:1a:98:6e:84:
06:93:11:b0:9d:4d:c1:97:eb:55:68:d5:79:33:91:
8a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:0E:B3:4C:3F:C7:37:39:7A:EA:5A:C2:01:E9:4D:5A:19:8E:09:15
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Yw6zTD_HNzl66lrCAelNWhmOCRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
6e:89:55:a5:26:42:41:51:d4:b4:0e:e7:70:5e:ba:3e:95:2c:
38:04:7c:e9:d0:aa:30:fb:bf:0b:c8:7c:b1:e2:a4:1b:eb:de:
eb:11:91:2f:9c:2b:05:08:4b:f3:63:02:74:c6:5c:7c:29:94:
ba:70:30:84:ec:1e:b8:63:16:4f:72:52:f9:fa:a6:d2:46:aa:
58:18:e0:26:ed:c2:52:69:b6:c1:c0:0a:1d:1d:1c:c6:d5:23:
4d:c2:f4:df:c6:17:05:01:85:2b:fb:98:f2:ba:45:47:d9:d2:
21:b8:76:d5:cd:dc:86:00:e5:cd:cd:89:5c:c9:62:3f:56:da:
bb:06:97:27:e0:50:64:3a:49:8f:b0:b6:f9:f2:39:86:5f:93:
86:c7:a5:c2:7b:d6:75:ba:62:e4:7d:aa:4a:bc:95:c1:82:f0:
4b:20:ab:9d:65:72:e7:fc:2f:0b:26:d8:37:64:76:11:e8:7a:
bd:68:00:3e:ca:0f:a6:f5:46:df:c7:3e:12:aa:83:52:01:8a:
01:cb:10:cd:56:8a:5c:7f:c6:de:71:db:28:ba:56:84:a5:bf:
29:12:f2:d4:0f:b9:28:22:58:06:23:5b:d4:41:c3:ed:54:da:
a4:9f:27:e0:56:83:b4:35:7e:88:dc:19:b3:74:ad:4b:6f:6d:
dc:54:fe:1e
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcqHj+A6O/ewmmE+RJlw+OPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAxMDYxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzBlYjM0YzNmYzczNzM5N2FlYTVhYzIwMWU5NGQ1YTE5OGUwOTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvM3HNTwSQjaWSotof9kLdycJ6MqE
LIgxGBcj12G8QwfzdiNfF/FCNl1ATeDAIfKYutfWW5UdFO2yQNOPTKzxn+fWxosS
nxPe4cECIcVQSU8eV+hvlIgSXulqmI/O9AdsldqDfb4tNtRpTog7dHuLjHZ3lwbb
h0j58673F2bsbEP8A+aF1fMAxZK9/cTQm6E+qko7NP5olMq4O3bK1M9pDcPhGaaP
BBnFLzbPLv9pmdw0c8UssCP3nQWyDbHgCpim9T3TWQAlDknMqgt3TdWXsJdE/KpD
D8nDqaxmzfhib7auLldF/+KyzwPBsxqYboQGkxGwnU3Bl+tVaNV5M5GKjQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFGMOs0w/xzc5eupawgHpTVoZjgkVMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvWXc2elREX0hOemw2NmxyQ0FlbE5XaG1PQ1JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQBuiVWlJkJBUdS0DudwXro+lSw4BHzp0Kow+78L
yHyx4qQb697rEZEvnCsFCEvzYwJ0xlx8KZS6cDCE7B64YxZPclL5+qbSRqpYGOAm
7cJSabbBwAodHRzG1SNNwvTfxhcFAYUr+5jyukVH2dIhuHbVzdyGAOXNzYlcyWI/
Vtq7Bpcn4FBkOkmPsLb58jmGX5OGx6XCe9Z1umLkfapKvJXBgvBLIKudZXLn/C8L
Jtg3ZHYR6Hq9aAA+yg+m9Ubfxz4SqoNSAYoByxDNVopcf8becdsoulaEpb8pEvLU
D7koIlgGI1vUQcPtVNqknyfgVoO0NX6I3BmzdK1Lb23cVP4e
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:24:09 2025 by rpki-client