Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bIa-_5T4OiMeWu3rPRs7E94yIJ8.roa
File: bIa-_5T4OiMeWu3rPRs7E94yIJ8.roa (raw, json)
Hash identifier: hID0VnO0FVmxko00/azhH25bolykg/uS8SH/fOyMccE=
Subject key identifier: 6C:86:BE:FF:94:F8:3A:23:1E:5A:ED:EB:3D:1B:3B:13:DE:32:20:9F
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196FC34F6E827CB2AF1C528635AFBF0A9CF
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bIa-_5T4OiMeWu3rPRs7E94yIJ8.roa
Signing time: Fri 23 May 2025 08:14:11 +0000
ROA not before: Fri 23 May 2025 08:14:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 23 May 2025 09:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fc:34:f6:e8:27:cb:2a:f1:c5:28:63:5a:fb:f0:a9:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 23 08:14:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c86beff94f83a231e5aedeb3d1b3b13de32209f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:54:5a:83:5f:8f:b2:57:10:d4:23:42:e8:6b:
54:f3:bf:7e:04:a8:7e:01:ba:c1:13:af:0f:c2:0e:
65:8a:ff:c2:4f:06:79:b8:2a:54:fc:6b:2c:22:84:
a1:91:e2:6e:2e:d9:1c:5f:ee:fa:07:3d:00:e1:81:
29:b1:b9:6c:20:4c:be:33:51:39:80:f3:03:68:0b:
72:7c:46:3a:3c:ca:b7:11:c1:f2:27:79:f0:5d:61:
f3:df:23:a1:2e:7f:cf:db:72:b0:9b:04:de:f0:f1:
7e:8e:5d:e9:c6:9d:c8:cf:17:c9:81:1b:b2:8f:1a:
88:6f:41:bf:c1:fc:c1:3c:34:72:40:32:b9:a7:c8:
0a:79:b6:d7:7e:53:27:ed:a6:dc:84:0e:5b:5f:30:
6f:e5:fa:90:3f:cb:bf:00:a3:1e:10:c3:fd:ad:19:
17:e8:41:0c:9b:e9:6d:78:78:b9:00:60:22:65:fd:
b4:bd:f5:a5:0b:68:9b:4d:a7:2f:8e:61:b7:af:c1:
0d:47:20:24:74:ec:1d:6e:25:7f:5a:20:9f:5e:68:
7a:2d:12:0e:cf:81:c6:e1:76:c3:4b:5d:3b:ec:98:
ee:be:6d:9f:2f:59:0b:70:67:b7:15:47:e5:c5:a4:
2a:17:30:fa:f8:6a:6e:1c:fb:b9:67:93:a0:bc:ca:
24:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:86:BE:FF:94:F8:3A:23:1E:5A:ED:EB:3D:1B:3B:13:DE:32:20:9F
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bIa-_5T4OiMeWu3rPRs7E94yIJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
9c:8a:1d:e3:72:b1:57:05:70:18:6a:00:f7:aa:5d:3b:cc:c2:
bb:28:3b:dd:a1:84:23:b2:a3:58:46:88:35:cd:4b:0c:72:37:
48:c1:cd:bb:5e:2d:20:9a:1e:e5:b2:c1:4c:02:12:9e:17:8c:
e6:90:07:b8:af:2a:fe:d9:5e:aa:96:6d:e6:9d:5e:f3:06:54:
1f:d5:ae:99:93:3d:47:b7:ee:9e:a2:28:57:7a:5b:68:97:b9:
30:c3:17:13:b0:b4:0c:28:0d:4e:c0:6f:f1:21:b2:f4:d7:97:
3a:8d:c0:90:70:82:41:0d:6e:96:78:4f:48:60:53:5c:12:df:
4f:08:96:d2:b4:4f:d7:dc:28:e9:fa:16:f0:3a:e8:84:53:50:
a2:c7:4b:30:3c:86:9e:ef:ea:db:45:07:70:74:48:f4:de:61:
dd:b6:cc:00:e2:f7:ee:39:78:e6:07:ff:8b:83:96:56:00:cb:
fa:c7:db:8a:7c:4b:20:b5:75:35:40:78:36:7a:42:44:4b:0d:
ce:a4:b4:4b:41:f4:1c:f7:d9:8c:83:ab:4b:17:18:e2:11:aa:
d2:4b:e1:f5:4f:d8:65:71:08:54:4c:59:29:9c:22:ab:50:e2:
5b:c6:cd:05:cd:07:df:ab:ed:5d:7c:f2:0c:28:50:c5:0e:61:
db:da:40:5c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb8NPboJ8sq8cUoY1r78KnPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIzMDgxNDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzg2YmVmZjk0ZjgzYTIzMWU1YWVkZWIzZDFiM2IxM2RlMzIyMDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFRag1+PslcQ1CNC6GtU879+BKh+
AbrBE68Pwg5liv/CTwZ5uCpU/GssIoShkeJuLtkcX+76Bz0A4YEpsblsIEy+M1E5
gPMDaAtyfEY6PMq3EcHyJ3nwXWHz3yOhLn/P23KwmwTe8PF+jl3pxp3IzxfJgRuy
jxqIb0G/wfzBPDRyQDK5p8gKebbXflMn7abchA5bXzBv5fqQP8u/AKMeEMP9rRkX
6EEMm+lteHi5AGAiZf20vfWlC2ibTacvjmG3r8ENRyAkdOwdbiV/WiCfXmh6LRIO
z4HG4XbDS1077Jjuvm2fL1kLcGe3FUflxaQqFzD6+GpuHPu5Z5OgvMokNQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGyGvv+U+DojHlrt6z0bOxPeMiCfMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvYklhLV81VDRPaU1lV3UzclBSczdFOTR5SUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAnIod43KxVwVwGGoA96pdO8zC
uyg73aGEI7KjWEaINc1LDHI3SMHNu14tIJoe5bLBTAISnheM5pAHuK8q/tleqpZt
5p1e8wZUH9WumZM9R7funqIoV3pbaJe5MMMXE7C0DCgNTsBv8SGy9NeXOo3AkHCC
QQ1ulnhPSGBTXBLfTwiW0rRP19wo6foW8DrohFNQosdLMDyGnu/q20UHcHRI9N5h
3bbMAOL37jl45gf/i4OWVgDL+sfbinxLILV1NUB4NnpCREsNzqS0S0H0HPfZjIOr
SxcY4hGq0kvh9U/YZXEIVExZKZwiq1DiW8bNBc0H36vtXXzyDChQxQ5h29pAXA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:53:59 2025 by rpki-client