Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/a_JIW2r6-3UcTiG4hgjVAkcwmmg.roa
File: a_JIW2r6-3UcTiG4hgjVAkcwmmg.roa (raw, json)
Hash identifier: sszJctQjF2VdxFr3YKBDp9TkP7fS+I+MlQ+YsxuEU9k=
Subject key identifier: 6B:F2:48:5B:6A:FA:FB:75:1C:4E:21:B8:86:08:D5:02:47:30:9A:68
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197278BFC3201FFB1115D1B70BA49D6A784
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/a_JIW2r6-3UcTiG4hgjVAkcwmmg.roa
Signing time: Sat 31 May 2025 18:12:54 +0000
ROA not before: Sat 31 May 2025 18:12:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 31 May 2025 19:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:27:8b:fc:32:01:ff:b1:11:5d:1b:70:ba:49:d6:a7:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 31 18:12:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bf2485b6afafb751c4e21b88608d50247309a68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:9d:86:8e:43:3e:35:0b:07:c3:54:9f:c4:54:
66:fc:52:51:2f:0d:4b:00:85:65:35:c3:8e:dc:4b:
6c:cf:22:eb:86:42:2a:de:55:a6:b8:84:22:7b:b1:
41:e7:7c:7e:fa:04:ba:ca:45:18:7e:87:da:af:51:
a3:41:72:4d:da:9f:dd:1c:53:f4:26:36:bb:c8:85:
c5:c1:5d:62:51:0e:04:cd:8c:6d:f3:b4:69:ed:c4:
19:fd:95:4b:8f:82:65:42:b2:1f:a5:eb:a1:59:09:
55:2b:4c:18:4c:91:3a:ce:29:53:49:3f:1b:b8:77:
5f:92:11:80:7e:78:51:ef:90:d1:4c:e6:27:12:0e:
85:0c:f9:93:c7:45:b7:ef:02:eb:42:35:ac:ae:fb:
9e:f5:41:37:0d:fd:b0:27:e8:e6:30:76:da:3f:07:
bd:6b:75:76:84:52:05:8f:bb:fd:4b:10:c3:93:e3:
25:13:60:cb:50:9e:31:f2:98:d7:50:5c:71:37:6b:
d5:21:ef:b3:70:6f:e1:41:48:74:d8:a9:ba:a6:59:
7a:62:5f:29:e3:c1:e3:7d:0c:b3:12:fc:eb:eb:96:
22:e8:21:b9:85:f1:2c:11:40:47:10:d6:8e:c6:25:
39:6e:fc:29:9e:ce:ea:01:27:ca:04:f6:d5:30:c0:
33:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F2:48:5B:6A:FA:FB:75:1C:4E:21:B8:86:08:D5:02:47:30:9A:68
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/a_JIW2r6-3UcTiG4hgjVAkcwmmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
8f:6f:25:f4:c1:42:a4:49:23:5f:fe:f1:3f:70:2d:fb:fd:6e:
6f:20:70:35:c8:1a:c9:af:81:09:da:4f:74:7d:ea:5a:38:fb:
40:56:a9:59:a9:52:c2:27:d7:fb:e0:10:6b:fa:0c:ac:f9:5a:
df:7a:a0:27:47:1a:90:2a:2f:02:f8:d0:ca:d2:48:75:b0:51:
dd:76:03:24:92:83:c1:f0:21:56:cb:f1:d3:e6:8c:80:35:bf:
6f:0b:5e:8a:98:d2:6e:a5:61:ca:bd:bd:3d:b4:11:0d:71:a0:
08:96:5d:f6:09:cd:aa:50:13:7b:49:81:92:a8:3f:ba:0a:45:
7a:39:17:f7:8d:1f:98:b0:f7:96:d8:64:3b:6e:e8:cd:ad:19:
53:49:8a:34:49:d4:43:f4:8b:29:7a:59:0a:63:4d:98:45:96:
c3:97:53:88:e0:25:da:9d:b5:4e:00:fd:9a:b0:f9:8d:28:cd:
78:20:57:31:4a:39:36:64:6c:bb:6e:5e:b0:b7:9c:fc:31:f3:
af:9e:72:2b:7a:a3:9b:e1:40:6d:a8:a7:a4:a4:06:a6:50:cd:
53:aa:52:d0:8a:90:e1:92:ee:35:e8:fc:8d:94:3a:36:0c:d6:
c0:d3:6e:f0:71:d4:39:b2:5f:29:5c:27:18:d1:c4:ee:36:5a:
cc:b3:ec:6d
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcni/wyAf+xEV0bcLpJ1qeEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTMxMTgxMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmYyNDg1YjZhZmFmYjc1MWM0ZTIxYjg4NjA4ZDUwMjQ3MzA5YTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz52GjkM+NQsHw1SfxFRm/FJRLw1L
AIVlNcOO3EtszyLrhkIq3lWmuIQie7FB53x++gS6ykUYfofar1GjQXJN2p/dHFP0
Jja7yIXFwV1iUQ4EzYxt87Rp7cQZ/ZVLj4JlQrIfpeuhWQlVK0wYTJE6zilTST8b
uHdfkhGAfnhR75DRTOYnEg6FDPmTx0W37wLrQjWsrvue9UE3Df2wJ+jmMHbaPwe9
a3V2hFIFj7v9SxDDk+MlE2DLUJ4x8pjXUFxxN2vVIe+zcG/hQUh02Km6pll6Yl8p
48HjfQyzEvzr65Yi6CG5hfEsEUBHENaOxiU5bvwpns7qASfKBPbVMMAzVQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFGvySFtq+vt1HE4huIYI1QJHMJpoMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvYV9KSVcycjYtM1VjVGlHNGhnalZBa2N3bW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQCPbyX0wUKkSSNf/vE/cC37/W5vIHA1yBrJr4EJ
2k90fepaOPtAVqlZqVLCJ9f74BBr+gys+VrfeqAnRxqQKi8C+NDK0kh1sFHddgMk
koPB8CFWy/HT5oyANb9vC16KmNJupWHKvb09tBENcaAIll32Cc2qUBN7SYGSqD+6
CkV6ORf3jR+YsPeW2GQ7bujNrRlTSYo0SdRD9IspelkKY02YRZbDl1OI4CXanbVO
AP2asPmNKM14IFcxSjk2ZGy7bl6wt5z8MfOvnnIreqOb4UBtqKekpAamUM1TqlLQ
ipDhku416PyNlDo2DNbA027wcdQ5sl8pXCcY0cTuNlrMs+xt
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:44:04 2025 by rpki-client