Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/_mTvrSkB2IQcxS-KNJgtlTxYsLA.roa
File: _mTvrSkB2IQcxS-KNJgtlTxYsLA.roa (raw, json)
Hash identifier: K1GD8BBVPHT9DLSyBQaUix6NQ4cYy9f6xMehhW2wFMQ=
Subject key identifier: FE:64:EF:AD:29:01:D8:84:1C:C5:2F:8A:34:98:2D:95:3C:58:B0:B0
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01971DAC367B845246FBD5FEBC54C030BB42
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/_mTvrSkB2IQcxS-KNJgtlTxYsLA.roa
Signing time: Thu 29 May 2025 20:11:54 +0000
ROA not before: Thu 29 May 2025 20:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 29 May 2025 21:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1d:ac:36:7b:84:52:46:fb:d5:fe:bc:54:c0:30:bb:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 29 20:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe64efad2901d8841cc52f8a34982d953c58b0b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:41:f8:c3:fe:79:f6:96:88:05:ea:95:e5:e2:
56:53:38:2d:0a:23:b6:64:67:9b:6b:b2:78:3c:06:
2b:96:8c:0d:2b:c7:96:be:c9:c8:fe:ec:dc:06:6f:
78:39:ed:f9:1a:07:57:81:29:f4:c7:af:30:48:83:
1e:2b:29:1f:8b:79:4e:20:3d:bd:b7:1f:3d:35:0b:
a2:79:f7:9c:ac:67:7d:e3:e9:c9:8c:62:86:f4:1b:
e4:6e:b6:9c:47:a7:fe:4a:23:2a:d3:fc:10:93:96:
9c:fe:f7:08:14:b7:be:18:85:ff:9e:08:db:ed:bd:
c5:b2:bc:90:a0:ab:27:bb:f7:92:c1:b2:4f:0a:84:
c9:0f:cd:ab:79:14:76:b7:cb:58:88:3a:75:9e:a5:
58:4a:8e:bf:a1:07:ff:03:ed:d4:e8:60:d3:01:25:
96:57:f8:df:76:d5:65:b0:d1:a8:93:30:4d:39:1b:
6f:b5:55:5c:2f:09:ef:93:01:be:e1:5f:5c:04:d2:
9f:e4:27:d6:4a:e0:74:de:8c:6a:d2:e6:30:ce:ba:
60:e6:89:c9:4e:74:8a:5f:81:fd:ae:9c:02:24:e7:
a1:74:28:e9:97:04:5d:01:07:c4:8d:88:d0:be:cb:
f1:45:07:6d:a8:5c:32:9c:47:c0:29:03:f7:d1:1c:
63:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:64:EF:AD:29:01:D8:84:1C:C5:2F:8A:34:98:2D:95:3C:58:B0:B0
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/_mTvrSkB2IQcxS-KNJgtlTxYsLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
c4:82:65:63:21:7c:56:30:e9:d5:3a:5f:c1:6d:1d:27:3d:e5:
a0:00:41:95:f9:0e:01:b8:8d:97:ee:a5:a1:c1:53:b5:51:52:
41:c9:83:48:c4:bc:49:de:f5:0a:12:2d:ab:15:64:9d:75:2a:
f3:84:ac:bc:52:06:d0:38:ba:bf:4e:66:97:41:5e:40:72:ef:
19:17:b6:96:47:5e:59:e8:87:b9:8b:9d:fc:75:a2:1b:37:5c:
63:bd:00:4d:3c:06:34:d2:6b:3b:22:75:58:fe:2e:65:7e:af:
1d:81:59:df:7b:ed:14:74:f4:88:98:e3:a7:4b:bb:76:5e:60:
65:9f:cb:ff:36:a3:54:cf:7b:fa:d7:59:9f:14:72:30:bc:24:
35:88:d0:39:c6:4c:ca:5f:43:c5:0e:fe:a0:06:04:f1:3c:63:
4e:65:06:cb:d7:25:90:8d:c9:08:ea:6e:78:ae:55:28:65:e3:
68:cd:06:d2:81:40:17:50:39:3f:09:5c:ae:ea:7e:4d:6b:bb:
85:3f:97:6d:96:f7:b8:bf:dd:42:a8:bc:32:af:29:7a:af:40:
1b:0d:8e:d6:08:ef:c6:5f:7a:b0:7b:6f:bc:4f:e8:9d:08:37:
15:ea:29:e1:18:33:a0:aa:2b:be:03:b5:49:97:3e:cb:7a:0d:
e9:13:65:e7
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcdrDZ7hFJG+9X+vFTAMLtCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI5MjAxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTY0ZWZhZDI5MDFkODg0MWNjNTJmOGEzNDk4MmQ5NTNjNThiMGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEH4w/559paIBeqV5eJWUzgtCiO2
ZGeba7J4PAYrlowNK8eWvsnI/uzcBm94Oe35GgdXgSn0x68wSIMeKykfi3lOID29
tx89NQuiefecrGd94+nJjGKG9BvkbracR6f+SiMq0/wQk5ac/vcIFLe+GIX/ngjb
7b3FsryQoKsnu/eSwbJPCoTJD82reRR2t8tYiDp1nqVYSo6/oQf/A+3U6GDTASWW
V/jfdtVlsNGokzBNORtvtVVcLwnvkwG+4V9cBNKf5CfWSuB03oxq0uYwzrpg5onJ
TnSKX4H9rpwCJOehdCjplwRdAQfEjYjQvsvxRQdtqFwynEfAKQP30RxjLwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFP5k760pAdiEHMUvijSYLZU8WLCwMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvX21UdnJTa0IySVFjeFMtS05KZ3RsVHhZc0xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQDEgmVjIXxWMOnVOl/BbR0nPeWgAEGV+Q4BuI2X
7qWhwVO1UVJByYNIxLxJ3vUKEi2rFWSddSrzhKy8UgbQOLq/TmaXQV5Acu8ZF7aW
R15Z6Ie5i538daIbN1xjvQBNPAY00ms7InVY/i5lfq8dgVnfe+0UdPSImOOnS7t2
XmBln8v/NqNUz3v611mfFHIwvCQ1iNA5xkzKX0PFDv6gBgTxPGNOZQbL1yWQjckI
6m54rlUoZeNozQbSgUAXUDk/CVyu6n5Na7uFP5dtlve4v91CqLwyryl6r0AbDY7W
CO/GX3qwe2+8T+idCDcV6inhGDOgqiu+A7VJlz7Leg3pE2Xn
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:37:33 2025 by rpki-client