Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/al9Q3ezu-9facZQoghvVf23S2KU.roa
File: al9Q3ezu-9facZQoghvVf23S2KU.roa (raw, json)
Hash identifier: U3d3YmBgaWrAHP9Z0Rxx2IA8iY0bMsKad+bD7jxpYU0=
Subject key identifier: 6A:5F:50:DD:EC:EE:FB:D7:DA:71:94:28:82:1B:D5:7F:6D:D2:D8:A5
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019680CB029A24416C0F24EE96C34A0119F0
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/al9Q3ezu-9facZQoghvVf23S2KU.roa
Signing time: Tue 29 Apr 2025 09:05:10 +0000
ROA not before: Tue 29 Apr 2025 09:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:80ca:1bb7/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 29 Apr 2025 09:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:cb:02:9a:24:41:6c:0f:24:ee:96:c3:4a:01:19:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 29 09:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a5f50ddeceefbd7da719428821bd57f6dd2d8a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:25:be:59:1a:15:35:14:d1:cf:75:d8:bc:6e:
16:e7:16:cf:03:c7:22:1f:12:41:23:85:fa:82:2e:
ed:fa:ec:cd:87:bf:29:ad:fb:5a:92:f0:32:c8:f3:
7b:8c:1b:88:c0:55:86:d6:8b:9c:b6:59:0c:04:ad:
82:c5:91:fa:12:c0:7c:b2:5d:dc:ad:77:44:4b:b6:
f6:29:5c:5d:0b:d3:4a:a4:57:2c:5b:ab:f7:a4:13:
5f:76:e5:68:4d:cb:8a:31:3a:5d:1f:6e:5d:de:1e:
7c:77:99:a9:df:e1:03:c3:28:dd:55:ff:cf:7a:10:
04:47:fc:43:3a:30:69:30:4c:4c:cf:90:4d:29:80:
ad:be:5a:71:75:31:10:3b:b9:6f:63:2c:0e:00:e6:
57:e4:1a:f3:50:ea:aa:63:6c:96:f9:b4:8f:c8:07:
a1:1f:cf:57:a1:bf:75:9f:be:e7:2a:e9:a1:29:d5:
ac:ab:4f:03:ac:3c:54:c2:64:f7:f3:3e:60:c2:c5:
23:87:a4:ee:f8:0f:2b:de:26:45:61:5f:df:dc:32:
83:35:22:35:22:3a:08:ae:97:b1:61:0f:0f:89:2b:
e1:0f:a3:83:fa:6d:54:60:49:a0:62:f0:88:40:aa:
14:03:2c:ea:b1:f3:af:4b:00:b4:74:b0:b8:10:5e:
e7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:5F:50:DD:EC:EE:FB:D7:DA:71:94:28:82:1B:D5:7F:6D:D2:D8:A5
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/al9Q3ezu-9facZQoghvVf23S2KU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:80ca:1bb7/128
Signature Algorithm: sha256WithRSAEncryption
8b:b1:71:35:68:7f:0e:20:7f:10:13:8f:fb:65:cc:6d:0f:66:
88:bd:22:92:b0:bf:82:ef:af:97:b5:cd:8a:30:8b:76:a6:4f:
05:bd:6c:e2:da:1c:f5:73:db:97:d4:18:97:70:36:d9:20:3a:
cf:97:41:a0:41:00:08:e1:c0:95:0f:fc:9b:24:38:7e:9e:cb:
fd:43:70:47:a0:41:60:5b:dc:ba:9a:ad:e3:8d:f9:bd:9e:a1:
f9:24:d3:41:d0:13:da:8e:e0:84:22:57:20:8e:da:ba:c6:6b:
f7:1e:57:e7:f3:28:f6:d1:1f:21:c8:7c:24:aa:7a:f5:01:aa:
71:de:16:a7:7a:7b:23:45:36:81:9e:88:e8:51:7b:b9:d1:fc:
86:14:9d:46:b1:1d:fd:83:e4:77:df:6e:9d:2e:5f:f1:7d:af:
a4:1c:1c:59:8c:6d:0b:e1:e6:85:48:3c:d1:b1:ad:64:ec:60:
da:81:a6:b4:2a:1f:16:79:cd:28:e2:d7:dd:09:82:85:98:84:
eb:4b:13:2b:3a:ff:f3:3b:e2:fa:7f:de:c3:39:98:28:ef:a1:
8a:bd:d2:97:b5:ec:e5:45:31:28:c1:08:3f:b3:00:91:2d:e6:
8d:43:1c:30:db:bb:80:8e:ad:db:f0:43:3a:f4:7a:f0:fd:c8:
47:a4:72:76
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZaAywKaJEFsDyTulsNKARnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDI5MDkwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTVmNTBkZGVjZWVmYmQ3ZGE3MTk0Mjg4MjFiZDU3ZjZkZDJkOGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiW+WRoVNRTRz3XYvG4W5xbPA8ci
HxJBI4X6gi7t+uzNh78prftakvAyyPN7jBuIwFWG1ouctlkMBK2CxZH6EsB8sl3c
rXdES7b2KVxdC9NKpFcsW6v3pBNfduVoTcuKMTpdH25d3h58d5mp3+EDwyjdVf/P
ehAER/xDOjBpMExMz5BNKYCtvlpxdTEQO7lvYywOAOZX5BrzUOqqY2yW+bSPyAeh
H89Xob91n77nKumhKdWsq08DrDxUwmT38z5gwsUjh6Tu+A8r3iZFYV/f3DKDNSI1
IjoIrpexYQ8PiSvhD6OD+m1UYEmgYvCIQKoUAyzqsfOvSwC0dLC4EF7nhwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGpfUN3s7vvX2nGUKIIb1X9t0tilMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvYWw5UTNlenUtOWZhY1pRb2dodlZmMjNTMktVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWgMobtzANBgkqhkiG9w0BAQsFAAOCAQEAi7FxNWh/DiB/EBOP+2XMbQ9m
iL0ikrC/gu+vl7XNijCLdqZPBb1s4toc9XPbl9QYl3A22SA6z5dBoEEACOHAlQ/8
myQ4fp7L/UNwR6BBYFvcupqt4435vZ6h+STTQdAT2o7ghCJXII7ausZr9x5X5/Mo
9tEfIch8JKp69QGqcd4Wp3p7I0U2gZ6I6FF7udH8hhSdRrEd/YPkd99unS5f8X2v
pBwcWYxtC+HmhUg80bGtZOxg2oGmtCofFnnNKOLX3QmChZiE60sTKzr/8zvi+n/e
wzmYKO+hir3Sl7Xs5UUxKMEIP7MAkS3mjUMcMNu7gI6t2/BDOvR68P3IR6Rydg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:57:37 2025 by rpki-client