Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/_3KYKRZ9L-weQRXAqKG9qXbLiFE.roa
File: _3KYKRZ9L-weQRXAqKG9qXbLiFE.roa (raw, json)
Hash identifier: aQeQr4tMpH3WGXxgAbVdDaZ+OLOo/twbRng2zE1OSw0=
Subject key identifier: FF:72:98:29:16:7D:2F:EC:1E:41:15:C0:A8:A1:BD:A9:76:CB:88:51
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019749E07B7ADC264222627680DA0855437C
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/_3KYKRZ9L-weQRXAqKG9qXbLiFE.roa
Signing time: Sat 07 Jun 2025 10:12:17 +0000
ROA not before: Sat 07 Jun 2025 10:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 07 Jun 2025 11:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:49:e0:7b:7a:dc:26:42:22:62:76:80:da:08:55:43:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 7 10:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff729829167d2fec1e4115c0a8a1bda976cb8851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:75:c1:ee:9f:c2:12:17:18:ff:5d:eb:cf:1b:
a6:7c:05:61:ea:44:10:3b:61:40:24:f7:2e:fe:98:
34:eb:b7:4e:a9:0d:e0:8c:5e:4a:18:77:8f:ca:47:
97:61:e9:ec:fc:89:7b:f3:0b:7b:2b:b5:3a:c5:1f:
45:23:de:b3:94:2b:ee:ec:29:71:3f:72:1e:46:4e:
57:26:48:e0:97:19:b3:2a:63:c5:90:44:eb:ba:04:
48:ba:ff:2d:45:bb:49:74:36:b8:e1:36:1c:8e:93:
6a:69:fc:e5:69:b5:d9:51:2d:52:46:81:61:c0:ef:
db:37:ec:9a:ee:85:d6:b5:52:4e:b1:f0:cc:0b:2b:
a0:f8:9c:fd:05:b6:bb:d8:84:cd:3a:9b:10:bb:05:
28:78:f9:02:3f:27:1d:3a:21:32:14:3b:25:4a:8a:
d3:fd:0d:d8:ba:e6:3d:0b:82:dd:6d:a7:ab:8a:72:
5f:82:48:e8:b5:10:0d:a1:74:e8:4f:7a:83:62:fc:
61:64:7f:00:70:db:76:fa:6b:8e:12:df:8b:75:7f:
15:0d:96:67:65:06:62:1d:82:97:21:ff:fa:6d:c7:
5e:3e:51:77:05:0c:f3:8c:f7:41:15:c9:d8:ad:44:
70:8f:37:57:0d:3f:e5:16:08:e1:06:c2:17:b1:2a:
e3:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:72:98:29:16:7D:2F:EC:1E:41:15:C0:A8:A1:BD:A9:76:CB:88:51
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/_3KYKRZ9L-weQRXAqKG9qXbLiFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
13:6b:f7:9b:9a:1b:b6:29:1a:3a:05:c9:c9:f1:14:19:cf:7d:
70:e9:78:af:07:d7:a4:48:76:1e:82:f4:e7:5c:6f:96:0d:23:
3e:78:97:fb:8b:4c:ed:75:bb:08:27:c3:d7:f3:06:3a:4f:12:
12:fc:12:c8:00:72:cc:98:eb:bf:f6:bd:1a:99:13:3d:63:fe:
63:8c:1a:31:54:26:8a:df:8c:c4:18:84:de:c8:ef:28:83:27:
57:35:b5:1f:29:12:c2:9b:b1:9a:13:4c:13:f0:d1:9e:b2:b5:
59:3d:c8:53:52:5a:c9:6c:b4:b2:fd:cb:83:68:94:03:7b:0c:
6a:d8:43:23:86:a3:0d:9e:f2:4e:6c:48:cd:12:a7:ef:35:54:
5c:38:42:8c:60:9f:81:b4:8e:e8:48:6f:2f:62:28:6e:91:95:
db:f8:12:9c:af:61:f9:21:8b:da:a4:5a:89:72:a8:26:b7:17:
84:63:1c:4a:18:c0:49:8e:79:80:07:39:da:5d:6a:92:6d:c4:
32:63:83:75:c0:c8:3c:13:4f:6f:95:98:8f:c9:85:87:09:22:
19:5b:65:6b:e0:13:e9:cd:b5:e3:88:d0:84:27:93:cf:1e:5c:
e7:c3:2d:27:00:6f:e7:6a:99:f2:29:fe:1f:c5:18:1a:e8:98:
29:5b:58:b0
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZdJ4Ht63CZCImJ2gNoIVUN8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA3MTAxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjcyOTgyOTE2N2QyZmVjMWU0MTE1YzBhOGExYmRhOTc2Y2I4ODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3XB7p/CEhcY/13rzxumfAVh6kQQ
O2FAJPcu/pg067dOqQ3gjF5KGHePykeXYens/Il78wt7K7U6xR9FI96zlCvu7Clx
P3IeRk5XJkjglxmzKmPFkETrugRIuv8tRbtJdDa44TYcjpNqafzlabXZUS1SRoFh
wO/bN+ya7oXWtVJOsfDMCyug+Jz9Bba72ITNOpsQuwUoePkCPycdOiEyFDslSorT
/Q3YuuY9C4LdbaerinJfgkjotRANoXToT3qDYvxhZH8AcNt2+muOEt+LdX8VDZZn
ZQZiHYKXIf/6bcdePlF3BQzzjPdBFcnYrURwjzdXDT/lFgjhBsIXsSrjdQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFP9ymCkWfS/sHkEVwKihval2y4hRMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvXzNLWUtSWjlMLXdlUVJYQXFLRzlxWGJMaUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAE2v3m5obtika
OgXJyfEUGc99cOl4rwfXpEh2HoL051xvlg0jPniX+4tM7XW7CCfD1/MGOk8SEvwS
yAByzJjrv/a9GpkTPWP+Y4waMVQmit+MxBiE3sjvKIMnVzW1HykSwpuxmhNME/DR
nrK1WT3IU1JayWy0sv3Lg2iUA3sMathDI4ajDZ7yTmxIzRKn7zVUXDhCjGCfgbSO
6EhvL2IobpGV2/gSnK9h+SGL2qRaiXKoJrcXhGMcShjASY55gAc52l1qkm3EMmOD
dcDIPBNPb5WYj8mFhwkiGVtla+AT6c2144jQhCeTzx5c58MtJwBv52qZ8in+H8UY
GuiYKVtYsA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:28:45 2025 by rpki-client