Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/b1-fAmLAqFqho_9h8VAPKFN3Fvo.roa
File: b1-fAmLAqFqho_9h8VAPKFN3Fvo.roa (raw, json)
Hash identifier: twi946GfXRomTsqPWwVYClelzXtE0tdCa6/RXlHBI9I=
Subject key identifier: 6F:5F:9F:02:62:C0:A8:5A:A1:A3:FF:61:F1:50:0F:28:53:77:16:FA
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01973AA455AFFB563ABEBA16A0069A48DCB2
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/b1-fAmLAqFqho_9h8VAPKFN3Fvo.roa
Signing time: Wed 04 Jun 2025 11:12:17 +0000
ROA not before: Wed 04 Jun 2025 11:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 04 Jun 2025 12:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:a4:55:af:fb:56:3a:be:ba:16:a0:06:9a:48:dc:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 4 11:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f5f9f0262c0a85aa1a3ff61f1500f28537716fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c3:9a:bb:33:eb:75:b4:2d:d1:bd:a1:19:05:
2e:8c:82:4a:d6:07:b7:55:58:c4:59:23:04:c9:c8:
21:08:e1:62:8c:c8:e6:f2:db:0d:05:67:b9:33:38:
f2:e2:51:40:cb:ae:7c:f7:67:25:56:18:d1:d0:0b:
45:e1:30:29:79:39:bf:a7:d4:6c:07:0e:e4:e9:cf:
f1:21:b0:f2:8e:33:68:c0:c6:9a:ac:3a:e8:fd:30:
3e:be:b4:ca:41:62:5d:1f:a2:14:30:dc:1d:b7:9e:
da:fa:9e:31:40:f8:ac:d9:0c:a7:c9:fc:27:dd:31:
aa:0d:dc:81:dd:ea:c0:b4:6e:63:4f:03:50:89:b6:
b8:1e:3e:cf:07:66:7c:ce:b9:ca:80:81:ac:27:e6:
e2:65:06:41:28:09:3a:26:8a:89:44:9d:25:7c:68:
e6:73:70:94:fb:eb:2f:d7:5c:1a:0f:3e:ca:44:61:
86:2b:a7:0a:1d:26:9a:5a:18:58:34:9e:4a:7c:6a:
b8:53:3e:27:55:43:8d:dc:0c:d0:2c:94:8a:e8:c0:
b3:e1:89:41:9d:71:cb:9b:d5:87:f3:06:25:83:cf:
9b:c1:40:88:9f:55:79:65:9a:79:1a:d6:74:de:ec:
c2:82:8c:0c:b0:3b:39:2d:44:9a:d1:f7:ed:8d:a1:
f0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:5F:9F:02:62:C0:A8:5A:A1:A3:FF:61:F1:50:0F:28:53:77:16:FA
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/b1-fAmLAqFqho_9h8VAPKFN3Fvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
88:a4:44:6b:10:2f:d8:81:6c:13:23:53:7c:78:99:48:39:7f:
09:2f:3f:53:78:f7:2a:07:26:09:a8:c1:f5:4f:aa:e8:2f:d9:
c4:38:07:27:d8:fb:8e:b6:f0:e9:90:8c:87:f8:e1:45:94:72:
68:cf:52:00:60:f7:cc:0b:ca:a1:49:54:ff:72:0a:04:d8:0d:
cd:bd:4a:58:63:33:b4:03:e1:9a:db:05:a8:2b:51:eb:3a:8f:
83:df:d2:d5:ac:aa:70:04:9d:63:2d:72:1d:a2:5d:59:ba:aa:
3c:52:1e:86:96:f0:c6:1e:50:e6:4f:a9:cd:bb:d5:ca:47:54:
bc:25:0a:76:3e:6f:a6:7d:95:57:30:95:db:1a:f6:d5:54:8b:
76:5c:41:cc:b4:ee:f4:fc:54:7e:e6:22:33:c8:77:c1:52:16:
60:66:cf:07:e1:20:96:be:36:0d:8e:8e:39:bd:8b:c3:f4:94:
9e:66:e8:99:54:61:a7:72:12:f2:04:fa:c1:50:8c:90:36:78:
4f:c4:60:97:6d:48:35:3d:e1:f3:cc:9f:cf:74:be:3e:5c:c3:
b2:6d:73:10:ad:eb:cc:56:f1:b4:1b:ee:5d:8e:b7:32:5a:36:
03:a9:d7:91:88:a6:e8:55:db:77:04:5d:f0:c2:28:4c:66:6e:
52:52:b6:12
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc6pFWv+1Y6vroWoAaaSNyyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA0MTExMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjVmOWYwMjYyYzBhODVhYTFhM2ZmNjFmMTUwMGYyODUzNzcxNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMOauzPrdbQt0b2hGQUujIJK1ge3
VVjEWSMEycghCOFijMjm8tsNBWe5Mzjy4lFAy65892clVhjR0AtF4TApeTm/p9Rs
Bw7k6c/xIbDyjjNowMaarDro/TA+vrTKQWJdH6IUMNwdt57a+p4xQPis2Qynyfwn
3TGqDdyB3erAtG5jTwNQiba4Hj7PB2Z8zrnKgIGsJ+biZQZBKAk6JoqJRJ0lfGjm
c3CU++sv11waDz7KRGGGK6cKHSaaWhhYNJ5KfGq4Uz4nVUON3AzQLJSK6MCz4YlB
nXHLm9WH8wYlg8+bwUCIn1V5ZZp5GtZ03uzCgowMsDs5LUSa0fftjaHwdwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFG9fnwJiwKhaoaP/YfFQDyhTdxb6MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvYjEtZkFtTEFxRnFob185aDhWQVBLRk4zRnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAiKREaxAv2IFs
EyNTfHiZSDl/CS8/U3j3KgcmCajB9U+q6C/ZxDgHJ9j7jrbw6ZCMh/jhRZRyaM9S
AGD3zAvKoUlU/3IKBNgNzb1KWGMztAPhmtsFqCtR6zqPg9/S1ayqcASdYy1yHaJd
WbqqPFIehpbwxh5Q5k+pzbvVykdUvCUKdj5vpn2VVzCV2xr21VSLdlxBzLTu9PxU
fuYiM8h3wVIWYGbPB+Eglr42DY6OOb2Lw/SUnmbomVRhp3IS8gT6wVCMkDZ4T8Rg
l21INT3h88yfz3S+PlzDsm1zEK3rzFbxtBvuXY63Mlo2A6nXkYim6FXbdwRd8MIo
TGZuUlK2Eg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:30:23 2025 by rpki-client