Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bYWSga6rX9l57ns12Dlpjah_9dQ.roa
File: bYWSga6rX9l57ns12Dlpjah_9dQ.roa (raw, json)
Hash identifier: TwkE9jM65wQyD/EjeSC+BfbydCslnLD491iJsKQC09E=
Subject key identifier: 6D:85:92:81:AE:AB:5F:D9:79:EE:7B:35:D8:39:69:8D:A8:7F:F5:D4
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01973C25C5E075850117BE025F0A923807F6
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bYWSga6rX9l57ns12Dlpjah_9dQ.roa
Signing time: Wed 04 Jun 2025 18:13:17 +0000
ROA not before: Wed 04 Jun 2025 18:13:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 04 Jun 2025 19:05:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3c:25:c5:e0:75:85:01:17:be:02:5f:0a:92:38:07:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 4 18:13:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d859281aeab5fd979ee7b35d839698da87ff5d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c2:2d:01:ae:cb:d4:78:44:f5:ec:cd:e8:91:
d8:47:9c:f9:10:e0:61:45:39:09:47:c8:cd:36:c9:
f7:25:df:c4:58:b3:e5:78:52:0c:9a:ca:8c:41:38:
01:b0:29:64:bb:58:e2:a0:42:94:cd:65:13:6b:f6:
b8:09:f7:b9:4e:03:70:7a:22:3e:68:2f:87:45:e5:
c4:5e:9d:69:ec:36:a7:66:0f:10:c6:2e:85:9a:40:
ed:bf:a9:cb:2e:45:94:b7:a8:5e:76:a0:8d:b5:c9:
c5:76:dd:2b:73:66:ba:48:6a:83:ef:fb:0f:78:88:
42:46:81:3a:57:89:d6:52:2c:ad:85:50:d9:61:60:
de:b2:b3:79:2d:33:ee:ec:6d:63:75:52:98:51:0f:
1c:80:5e:59:e4:c5:a6:a0:b9:71:6a:07:78:4b:5c:
64:58:56:9e:27:d7:cb:a4:c5:84:e6:a4:f0:ad:97:
a9:c0:90:b9:d6:dc:b9:5d:8a:af:7c:f6:58:42:d3:
10:fb:6b:28:b0:24:29:6c:de:ca:a9:7d:ce:2e:32:
f0:65:41:00:d6:07:50:32:2b:e7:8c:00:b6:a8:c1:
5e:86:f8:56:02:63:27:6f:68:85:27:23:e7:5a:60:
1f:b9:11:74:8d:5d:4c:59:79:47:ad:f6:d5:73:be:
06:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:85:92:81:AE:AB:5F:D9:79:EE:7B:35:D8:39:69:8D:A8:7F:F5:D4
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bYWSga6rX9l57ns12Dlpjah_9dQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
09:fa:7f:a7:46:32:40:e3:f9:62:e0:21:fa:53:cf:de:db:44:
5f:2f:63:32:8b:bf:3f:c2:97:45:d1:13:ac:8c:e2:bd:91:86:
1f:0f:7d:dc:d6:14:f3:85:10:9b:f0:ec:6d:8a:dd:ac:54:ad:
2d:fd:90:0b:ad:f9:0b:12:f8:50:72:4e:f8:0e:46:29:6b:34:
f2:9f:aa:04:7f:39:87:ea:02:79:4b:ad:80:61:d7:2e:e8:a0:
47:ae:8c:8c:a6:e3:7f:53:00:0a:c1:dd:6a:d8:ec:18:a6:79:
c2:1e:1a:4a:62:1f:fa:ed:a4:8b:1e:76:e0:61:49:07:4f:ba:
47:78:8c:65:06:7d:74:f0:e2:61:ef:56:c8:b0:e5:b9:c3:80:
3d:34:7c:8c:b5:84:ff:bc:93:b4:e3:74:d8:62:90:a5:f3:d7:
ad:71:1f:54:3f:73:41:5e:80:86:c8:08:2b:70:ba:7d:bd:fb:
c4:fa:fb:f0:96:fa:c0:11:08:b9:da:45:38:c6:81:6a:6e:45:
77:aa:ac:9d:72:4b:d4:3d:61:a9:c1:61:b3:05:8c:0d:e9:0a:
bf:1e:d8:f1:b8:6c:f2:00:5a:04:10:f5:3e:e0:06:b9:60:49:
45:17:18:6b:76:9f:e6:0e:45:09:52:93:be:50:98:6e:a2:f6:
8c:ac:22:37
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc8JcXgdYUBF74CXwqSOAf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA0MTgxMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDg1OTI4MWFlYWI1ZmQ5NzllZTdiMzVkODM5Njk4ZGE4N2ZmNWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMItAa7L1HhE9ezN6JHYR5z5EOBh
RTkJR8jNNsn3Jd/EWLPleFIMmsqMQTgBsClku1jioEKUzWUTa/a4Cfe5TgNweiI+
aC+HReXEXp1p7DanZg8Qxi6FmkDtv6nLLkWUt6hedqCNtcnFdt0rc2a6SGqD7/sP
eIhCRoE6V4nWUiythVDZYWDesrN5LTPu7G1jdVKYUQ8cgF5Z5MWmoLlxagd4S1xk
WFaeJ9fLpMWE5qTwrZepwJC51ty5XYqvfPZYQtMQ+2sosCQpbN7KqX3OLjLwZUEA
1gdQMivnjAC2qMFehvhWAmMnb2iFJyPnWmAfuRF0jV1MWXlHrfbVc74GcwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFG2FkoGuq1/Zee57Ndg5aY2of/XUMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvYllXU2dhNnJYOWw1N25zMTJEbHBqYWhfOWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEACfp/p0YyQOP5
YuAh+lPP3ttEXy9jMou/P8KXRdETrIzivZGGHw993NYU84UQm/DsbYrdrFStLf2Q
C635CxL4UHJO+A5GKWs08p+qBH85h+oCeUutgGHXLuigR66MjKbjf1MACsHdatjs
GKZ5wh4aSmIf+u2kix524GFJB0+6R3iMZQZ9dPDiYe9WyLDlucOAPTR8jLWE/7yT
tON02GKQpfPXrXEfVD9zQV6AhsgIK3C6fb37xPr78Jb6wBEIudpFOMaBam5Fd6qs
nXJL1D1hqcFhswWMDekKvx7Y8bhs8gBaBBD1PuAGuWBJRRcYa3af5g5FCVKTvlCY
bqL2jKwiNw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:22:45 2025 by rpki-client