Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/a31OWaxJIB3EGT7lvvBXorwA1Ys.roa
File: a31OWaxJIB3EGT7lvvBXorwA1Ys.roa (raw, json)
Hash identifier: 4ru4j4v0SuetopIRe7VtldxGp/V7x1YgV66HcluJLic=
Subject key identifier: 6B:7D:4E:59:AC:49:20:1D:C4:19:3E:E5:BE:F0:57:A2:BC:00:D5:8B
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196F6D680449DC7D7C318F605CFD45EDF89
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/a31OWaxJIB3EGT7lvvBXorwA1Ys.roa
Signing time: Thu 22 May 2025 07:12:54 +0000
ROA not before: Thu 22 May 2025 07:12:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 22 May 2025 08:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f6:d6:80:44:9d:c7:d7:c3:18:f6:05:cf:d4:5e:df:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 22 07:12:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b7d4e59ac49201dc4193ee5bef057a2bc00d58b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:19:1a:28:ae:d5:33:a5:fa:e2:0c:52:41:1b:
23:25:61:0e:d2:46:5c:ea:9d:f5:b0:bd:97:71:a8:
9a:52:03:63:1f:b6:aa:7f:60:d9:bc:33:f2:d6:76:
ae:95:1a:41:70:d5:cd:56:de:8b:1b:78:d9:42:60:
67:c0:9c:0a:80:35:07:17:38:ec:2b:ce:67:31:73:
27:3d:cd:1d:1f:2f:4e:83:d8:69:1b:53:18:07:b9:
9d:fa:16:ff:b4:6c:90:7e:62:dd:33:4b:f4:35:0a:
92:83:17:58:1b:cf:0a:7f:af:b5:20:01:1e:29:bb:
7e:0d:0a:4e:52:60:07:7c:72:f5:14:f9:e2:ef:2e:
8e:d3:21:86:97:46:df:7d:74:4a:21:a8:17:22:2b:
34:d0:aa:88:41:51:c7:96:3a:23:fa:48:31:2e:3b:
67:e3:e7:3e:15:e9:06:32:be:58:ab:c0:19:09:36:
2f:44:76:95:04:19:4a:f8:99:94:bb:66:88:d1:60:
64:7d:2a:69:82:1f:c1:56:bb:48:11:c7:c9:12:77:
61:ab:82:cc:94:e5:55:e5:a4:db:2f:0c:a2:87:46:
b7:be:84:3f:19:bf:c8:28:18:fe:42:80:95:4b:49:
cb:0d:18:10:9c:38:f6:09:c6:ce:a3:60:f1:9f:7d:
61:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:7D:4E:59:AC:49:20:1D:C4:19:3E:E5:BE:F0:57:A2:BC:00:D5:8B
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/a31OWaxJIB3EGT7lvvBXorwA1Ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
ab:01:e0:34:17:a2:82:82:fe:81:7c:c9:9c:89:ea:e4:13:26:
15:d5:bc:42:6b:62:3b:8c:b6:a9:b7:44:b1:bf:52:e7:37:97:
e7:de:16:a7:ab:80:c6:c3:a5:7f:0c:67:11:ca:8f:58:7b:82:
76:f1:86:12:09:9c:65:f2:51:fa:34:1c:c2:ed:9d:05:11:99:
75:12:be:b0:84:31:02:76:33:f0:9b:d4:4a:42:cf:bd:b2:a5:
0e:54:dc:72:c5:6c:94:04:11:13:46:99:d4:c4:e6:cd:ff:ca:
32:e9:89:d7:b2:51:9a:60:09:ce:a9:29:c6:3b:07:07:3d:88:
54:ac:4e:30:db:45:4d:c5:6d:0e:27:bf:fb:82:d1:ae:d3:c9:
33:25:ab:a8:cd:ed:b8:1f:fd:18:0b:b1:13:6a:25:12:1c:07:
a3:41:c7:0b:bc:81:59:eb:21:74:05:85:b8:24:7f:37:ae:65:
da:5a:4e:51:c2:1a:76:25:90:13:2d:6f:f8:0b:b9:52:40:01:
b1:dd:09:74:11:d4:dc:7a:ff:45:2b:82:78:85:1c:f0:5b:bd:
57:12:48:cd:af:e2:7e:71:69:0b:b7:42:ef:53:8c:49:c8:97:
3d:c2:fc:d7:ad:37:6e:df:25:35:43:2a:e9:8e:53:12:dc:a5:
f8:e6:1a:86
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb21oBEncfXwxj2Bc/UXt+JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIyMDcxMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjdkNGU1OWFjNDkyMDFkYzQxOTNlZTViZWYwNTdhMmJjMDBkNThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBkaKK7VM6X64gxSQRsjJWEO0kZc
6p31sL2XcaiaUgNjH7aqf2DZvDPy1naulRpBcNXNVt6LG3jZQmBnwJwKgDUHFzjs
K85nMXMnPc0dHy9Og9hpG1MYB7md+hb/tGyQfmLdM0v0NQqSgxdYG88Kf6+1IAEe
Kbt+DQpOUmAHfHL1FPni7y6O0yGGl0bffXRKIagXIis00KqIQVHHljoj+kgxLjtn
4+c+FekGMr5Yq8AZCTYvRHaVBBlK+JmUu2aI0WBkfSppgh/BVrtIEcfJEndhq4LM
lOVV5aTbLwyih0a3voQ/Gb/IKBj+QoCVS0nLDRgQnDj2CcbOo2Dxn31hRQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGt9TlmsSSAdxBk+5b7wV6K8ANWLMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvYTMxT1dheEpJQjNFR1Q3bHZ2QlhvcndBMVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAqwHgNBeigoL+gXzJnInq5BMm
FdW8QmtiO4y2qbdEsb9S5zeX594Wp6uAxsOlfwxnEcqPWHuCdvGGEgmcZfJR+jQc
wu2dBRGZdRK+sIQxAnYz8JvUSkLPvbKlDlTccsVslAQRE0aZ1MTmzf/KMumJ17JR
mmAJzqkpxjsHBz2IVKxOMNtFTcVtDie/+4LRrtPJMyWrqM3tuB/9GAuxE2olEhwH
o0HHC7yBWeshdAWFuCR/N65l2lpOUcIadiWQEy1v+Au5UkABsd0JdBHU3Hr/RSuC
eIUc8Fu9VxJIza/ifnFpC7dC71OMSciXPcL81603bt8lNUMq6Y5TEtyl+OYahg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:44:43 2025 by rpki-client