Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/b96o2rjChuWkRjhtYWS3Afz2In0.roa
File: b96o2rjChuWkRjhtYWS3Afz2In0.roa (raw, json)
Hash identifier: J6FdXCg6nHfdFIomxJtvokXrTyzfl5xnzbSQl+5zWmE=
Subject key identifier: 6F:DE:A8:DA:B8:C2:86:E5:A4:46:38:6D:61:64:B7:01:FC:F6:22:7D
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01973C5CB49CFB6C4B73C1ABBF3E9ECFFF42
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/b96o2rjChuWkRjhtYWS3Afz2In0.roa
Signing time: Wed 04 Jun 2025 19:13:17 +0000
ROA not before: Wed 04 Jun 2025 19:13:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 04 Jun 2025 20:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3c:5c:b4:9c:fb:6c:4b:73:c1:ab:bf:3e:9e:cf:ff:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 4 19:13:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fdea8dab8c286e5a446386d6164b701fcf6227d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:89:ca:a1:0c:69:ab:30:01:53:08:33:68:66:
f7:bf:f1:57:34:93:ac:9b:bf:09:ee:49:74:4e:53:
7f:0b:fa:1e:57:8e:74:90:24:e1:fa:39:0b:68:a9:
d7:72:93:c1:eb:a3:3b:0a:b9:14:d3:2f:fe:b6:86:
f0:8f:5e:58:36:78:52:2f:e1:56:aa:90:63:4b:cb:
51:fd:4d:ea:50:96:26:66:2c:bd:2e:cd:94:22:3e:
a1:03:62:4d:86:9e:45:3a:bc:19:57:9c:aa:81:cf:
79:d3:61:e8:be:03:b2:f4:f0:b7:25:ae:70:53:8a:
45:d2:37:3b:47:63:08:96:5d:2d:73:79:b8:30:c6:
d3:22:3a:74:05:a8:ff:0b:2b:26:33:a3:e4:17:a7:
36:d9:96:b9:da:31:d5:4c:67:d4:88:15:71:d7:af:
46:64:1d:19:48:53:53:98:15:63:06:64:75:26:83:
15:82:89:76:b8:47:7b:6c:c9:a3:9c:a6:a6:3e:56:
c1:60:7d:a9:ad:37:4d:35:2e:6a:b7:59:f3:4d:8e:
19:fe:07:60:e4:4c:9e:f9:02:8a:6f:5b:18:cb:d0:
59:da:ee:55:91:94:76:33:36:d3:6f:48:07:33:45:
17:4d:fe:00:fa:6f:9b:c7:c6:0b:8b:4e:e8:0c:63:
50:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:DE:A8:DA:B8:C2:86:E5:A4:46:38:6D:61:64:B7:01:FC:F6:22:7D
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/b96o2rjChuWkRjhtYWS3Afz2In0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
4b:64:eb:73:81:45:a3:b0:f6:15:4c:b4:b9:38:f0:01:d5:4b:
b2:d6:e1:de:c5:a8:3f:fe:fb:5b:b3:d3:e3:5a:a9:a6:71:95:
7e:ed:e9:42:4f:a0:45:4e:06:6b:5d:2a:53:b7:32:78:ec:f7:
62:ba:91:31:a2:4a:14:c3:19:49:ac:b7:55:ac:49:19:19:50:
04:2d:bb:42:80:f8:44:38:3c:4c:24:ca:b9:44:3f:a0:9f:d6:
a5:4d:68:98:e3:78:a1:d8:69:37:75:d3:fd:17:e4:1a:ad:2b:
7d:ee:e8:7a:17:c4:ce:6c:ab:d9:a6:33:a7:51:59:0a:eb:e7:
76:df:64:ff:be:0c:19:e5:a9:97:dc:a6:ef:78:84:85:38:80:
e8:80:c0:87:95:54:e5:f7:2c:ae:03:b0:f5:95:42:c2:0d:85:
49:1c:6d:d4:15:5a:9a:32:94:8d:93:a3:6c:ba:00:dc:4e:b6:
c4:07:97:e4:b6:90:dd:44:81:e1:a1:26:1f:d6:25:6a:63:05:
78:16:c5:47:d4:11:f4:30:1a:81:27:c6:62:70:53:25:7d:20:
a5:48:01:fe:f6:a9:ab:a0:e7:2b:2a:ff:f8:ce:e7:43:fd:22:
1a:bd:87:d2:7b:7f:50:ac:47:e3:4a:0f:74:04:ab:95:d6:5e:
89:53:db:53
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc8XLSc+2xLc8Grvz6ez/9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA0MTkxMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmRlYThkYWI4YzI4NmU1YTQ0NjM4NmQ2MTY0YjcwMWZjZjYyMjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoonKoQxpqzABUwgzaGb3v/FXNJOs
m78J7kl0TlN/C/oeV450kCTh+jkLaKnXcpPB66M7CrkU0y/+tobwj15YNnhSL+FW
qpBjS8tR/U3qUJYmZiy9Ls2UIj6hA2JNhp5FOrwZV5yqgc9502HovgOy9PC3Ja5w
U4pF0jc7R2MIll0tc3m4MMbTIjp0Baj/CysmM6PkF6c22Za52jHVTGfUiBVx169G
ZB0ZSFNTmBVjBmR1JoMVgol2uEd7bMmjnKamPlbBYH2prTdNNS5qt1nzTY4Z/gdg
5Eye+QKKb1sYy9BZ2u5VkZR2MzbTb0gHM0UXTf4A+m+bx8YLi07oDGNQywIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFG/eqNq4woblpEY4bWFktwH89iJ9MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvYjk2bzJyakNodVdrUmpodFlXUzNBZnoySW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAS2Trc4FFo7D2
FUy0uTjwAdVLstbh3sWoP/77W7PT41qppnGVfu3pQk+gRU4Ga10qU7cyeOz3YrqR
MaJKFMMZSay3VaxJGRlQBC27QoD4RDg8TCTKuUQ/oJ/WpU1omON4odhpN3XT/Rfk
Gq0rfe7oehfEzmyr2aYzp1FZCuvndt9k/74MGeWpl9ym73iEhTiA6IDAh5VU5fcs
rgOw9ZVCwg2FSRxt1BVamjKUjZOjbLoA3E62xAeX5LaQ3USB4aEmH9YlamMFeBbF
R9QR9DAagSfGYnBTJX0gpUgB/vapq6DnKyr/+M7nQ/0iGr2H0nt/UKxH40oPdASr
ldZeiVPbUw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:01:59 2025 by rpki-client