Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/aODttHCiHrObzENkwJ9jcbQvNfA.roa
File: aODttHCiHrObzENkwJ9jcbQvNfA.roa (raw, json)
Hash identifier: h5ux8zgaF7+fV+8SzBMdLb9chp2Sv4OVoxlTyd9gRJg=
Subject key identifier: 68:E0:ED:B4:70:A2:1E:B3:9B:CC:43:64:C0:9F:63:71:B4:2F:35:F0
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196BB286B05E82C80AE40F169B60F87023A
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/aODttHCiHrObzENkwJ9jcbQvNfA.roa
Signing time: Sat 10 May 2025 17:05:10 +0000
ROA not before: Sat 10 May 2025 17:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:bb27:b3b4/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 10 May 2025 17:15:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:bb:28:6b:05:e8:2c:80:ae:40:f1:69:b6:0f:87:02:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 10 17:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68e0edb470a21eb39bcc4364c09f6371b42f35f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:bc:12:c4:97:67:07:33:a2:f3:9e:de:cd:e2:
45:9a:b0:7e:49:63:ed:b7:84:e2:d2:3b:0f:75:11:
6c:67:3f:cf:8c:c7:95:2c:ea:e0:eb:f6:c8:e7:59:
fc:a3:18:0e:96:41:33:71:c6:9f:7f:57:33:30:fe:
d6:bf:71:54:02:e8:63:29:17:dc:c8:26:74:ae:38:
d6:39:18:42:d8:10:24:ac:da:73:0b:8d:26:9f:0a:
a9:0e:ac:b5:be:75:39:ec:07:b2:20:5a:89:a7:69:
b5:e8:1d:ce:ef:8d:c2:16:61:e6:3b:2d:bd:78:df:
08:94:1f:60:01:bb:65:10:79:4e:86:b0:8f:8e:70:
bb:83:95:13:b4:22:c1:0b:34:ab:9b:b4:8b:c0:88:
6f:0b:a0:53:4d:29:fd:d7:d9:9f:e2:83:42:2b:30:
12:d1:37:03:9b:0f:69:3b:75:d6:71:07:53:b1:fc:
c1:02:f3:f7:e6:07:20:7f:47:b6:6b:77:a6:5c:c0:
fb:66:3d:fa:2b:7d:88:83:c2:9f:e8:4a:11:8f:db:
94:b4:69:53:dd:2c:d7:72:f7:1d:d6:01:32:06:0c:
83:fc:90:ca:a8:02:24:33:e4:8d:c3:87:bc:dc:37:
6d:90:8a:a8:d4:a8:3c:91:ee:6f:20:dd:c2:22:86:
1b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E0:ED:B4:70:A2:1E:B3:9B:CC:43:64:C0:9F:63:71:B4:2F:35:F0
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/aODttHCiHrObzENkwJ9jcbQvNfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:bb27:b3b4/128
Signature Algorithm: sha256WithRSAEncryption
1a:8b:86:86:0b:4a:8d:6c:64:8d:90:27:14:32:a3:d5:eb:7d:
2d:64:08:c3:d3:f7:48:2b:df:b6:a7:e9:ff:98:8a:32:c3:eb:
c8:9c:19:06:46:62:75:6b:42:a8:10:99:ff:78:9b:3c:13:46:
b2:28:a0:9b:d7:7a:74:18:c8:f6:38:ef:19:95:e3:13:82:62:
b9:51:d2:aa:1b:fa:a5:0b:3b:40:64:9b:63:68:a9:ac:8f:17:
15:0f:28:b4:15:6a:5f:df:54:0c:fa:9c:c5:58:5c:e7:a4:ae:
e3:e4:d5:c9:4d:e4:81:e3:5b:9a:20:ee:57:d4:31:f2:95:05:
ac:fa:e1:00:7d:94:d9:e4:38:86:8a:03:f6:c4:58:ad:05:18:
2c:41:87:46:9f:33:79:f7:0c:a1:0b:9b:7c:4e:ed:50:27:d2:
af:9c:6b:f0:d6:14:e2:5e:29:55:85:bf:2c:08:a1:26:13:d5:
f6:e6:09:2c:12:f0:74:4c:4d:d9:50:02:6d:d9:45:81:9b:a1:
98:ce:06:08:bd:5f:c6:31:e2:09:e0:96:1e:d5:35:24:99:d0:
ae:30:21:9d:01:fd:70:f5:45:fc:ae:dd:e3:5e:9f:e4:91:32:
70:19:b9:37:b3:79:30:15:91:49:8f:18:63:ec:c9:d8:68:cb:
71:a8:b5:3b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZa7KGsF6CyArkDxabYPhwI6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTEwMTcwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGUwZWRiNDcwYTIxZWIzOWJjYzQzNjRjMDlmNjM3MWI0MmYzNWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7wSxJdnBzOi857ezeJFmrB+SWPt
t4Ti0jsPdRFsZz/PjMeVLOrg6/bI51n8oxgOlkEzccaff1czMP7Wv3FUAuhjKRfc
yCZ0rjjWORhC2BAkrNpzC40mnwqpDqy1vnU57AeyIFqJp2m16B3O743CFmHmOy29
eN8IlB9gAbtlEHlOhrCPjnC7g5UTtCLBCzSrm7SLwIhvC6BTTSn919mf4oNCKzAS
0TcDmw9pO3XWcQdTsfzBAvP35gcgf0e2a3emXMD7Zj36K32Ig8Kf6EoRj9uUtGlT
3SzXcvcd1gEyBgyD/JDKqAIkM+SNw4e83DdtkIqo1Kg8ke5vIN3CIoYbEwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGjg7bRwoh6zm8xDZMCfY3G0LzXwMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvYU9EdHRIQ2lIck9iekVOa3dKOWpjYlF2TmZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWuyeztDANBgkqhkiG9w0BAQsFAAOCAQEAGouGhgtKjWxkjZAnFDKj1et9
LWQIw9P3SCvftqfp/5iKMsPryJwZBkZidWtCqBCZ/3ibPBNGsiigm9d6dBjI9jjv
GZXjE4JiuVHSqhv6pQs7QGSbY2iprI8XFQ8otBVqX99UDPqcxVhc56Su4+TVyU3k
geNbmiDuV9Qx8pUFrPrhAH2U2eQ4hooD9sRYrQUYLEGHRp8zefcMoQubfE7tUCfS
r5xr8NYU4l4pVYW/LAihJhPV9uYJLBLwdExN2VACbdlFgZuhmM4GCL1fxjHiCeCW
HtU1JJnQrjAhnQH9cPVF/K7d416f5JEycBm5N7N5MBWRSY8YY+zJ2GjLcai1Ow==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:13:19 2025 by rpki-client