Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bd6azvFv8S_3rv11_aR73wYNDaM.roa
File: bd6azvFv8S_3rv11_aR73wYNDaM.roa (raw, json)
Hash identifier: OkRBCtiEDeqo5nA32dCcIqXugNZUwlIQ4wwZ/OhMt5Q=
Subject key identifier: 6D:DE:9A:CE:F1:6F:F1:2F:F7:AE:FD:75:FD:A4:7B:DF:06:0D:0D:A3
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196862765274C8B26DB731811BB72CAC688
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bd6azvFv8S_3rv11_aR73wYNDaM.roa
Signing time: Wed 30 Apr 2025 10:04:10 +0000
ROA not before: Wed 30 Apr 2025 10:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:8627:4e4c/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 30 Apr 2025 10:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:27:65:27:4c:8b:26:db:73:18:11:bb:72:ca:c6:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 30 10:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6dde9acef16ff12ff7aefd75fda47bdf060d0da3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cd:12:a8:d0:08:bc:9c:6f:d0:ce:e5:c4:28:
6f:f3:d5:2a:f1:b4:ab:f4:c7:10:ed:76:f8:14:28:
f2:7f:44:2b:f8:8e:9c:83:c5:42:ae:3d:3b:be:0a:
1a:82:65:f5:d9:68:ed:02:f3:02:bc:b6:a8:cc:e7:
40:10:77:92:f8:65:ec:ab:bb:4d:2c:5f:01:ce:d0:
94:8f:4a:7b:1d:96:ca:84:a8:be:3c:b5:23:c8:fc:
79:77:ae:08:07:43:05:a2:1a:48:dc:fa:08:8a:9d:
c2:73:6b:3a:4a:f4:ba:d0:f0:18:67:d2:c0:b7:1e:
76:c0:c9:da:1a:0b:cd:11:1c:80:f6:fb:ca:67:9d:
8a:3f:16:59:91:72:59:de:b7:a8:13:23:7a:a8:1a:
c2:44:75:e2:f7:7e:f2:a6:94:61:41:39:98:c4:d7:
88:3d:c0:51:8d:19:ea:ad:ca:4f:82:62:29:a8:b1:
80:67:ae:4a:42:a3:c8:2f:db:ab:c1:4e:df:b1:0c:
6a:a5:2e:70:f2:38:86:85:3c:47:09:e1:ee:0f:79:
22:1c:1d:c2:93:44:d0:d7:6c:4d:aa:41:5c:3a:e3:
85:19:b0:7b:17:42:98:0b:03:b0:4d:0b:fc:fd:f5:
03:3d:b3:96:c1:c0:a9:17:c6:83:b3:b4:28:68:28:
03:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:DE:9A:CE:F1:6F:F1:2F:F7:AE:FD:75:FD:A4:7B:DF:06:0D:0D:A3
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bd6azvFv8S_3rv11_aR73wYNDaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:8627:4e4c/128
Signature Algorithm: sha256WithRSAEncryption
93:0f:c4:db:d6:2a:f9:13:54:28:a9:f6:85:0e:70:cd:3b:94:
2f:b4:75:a3:8e:3f:24:d9:96:b8:be:10:3e:a8:75:f3:76:c9:
33:e4:55:40:8a:a4:0d:e7:b5:7c:5e:8b:3c:12:20:b0:dd:a9:
39:68:23:86:75:d4:22:08:e1:ee:93:c6:1b:61:7e:e9:3d:d5:
86:a7:15:0c:06:6c:04:71:aa:2a:7e:ef:33:49:36:0a:45:46:
03:da:a3:88:18:8f:c0:91:f4:cc:1d:64:0d:ce:98:0d:9c:68:
00:a2:6b:a0:17:9d:6d:87:58:78:c0:ef:4d:ac:16:ae:87:ab:
aa:7a:70:55:8f:af:59:78:d8:de:8b:eb:2e:5c:27:46:c5:87:
a4:46:05:8f:59:33:82:85:f9:88:ed:10:07:e2:2a:ff:9c:0a:
f0:a4:c6:95:00:0e:17:7d:72:9e:b5:92:85:46:79:42:03:af:
e3:40:e7:c5:1e:21:1f:b4:bd:f3:c1:13:14:02:67:91:a8:68:
3a:27:e4:68:e4:53:75:25:1f:a0:57:41:32:63:9b:a5:d3:8d:
b3:8d:e2:b8:e2:b4:6b:22:52:a1:3c:e1:1c:f7:38:d1:ec:83:
28:dc:a0:b5:70:fb:5b:72:3b:ac:a7:67:08:5b:fe:5d:2f:09:
a1:9a:55:c4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZaGJ2UnTIsm23MYEbtyysaIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDMwMTAwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGRlOWFjZWYxNmZmMTJmZjdhZWZkNzVmZGE0N2JkZjA2MGQwZGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApc0SqNAIvJxv0M7lxChv89Uq8bSr
9McQ7Xb4FCjyf0Qr+I6cg8VCrj07vgoagmX12WjtAvMCvLaozOdAEHeS+GXsq7tN
LF8BztCUj0p7HZbKhKi+PLUjyPx5d64IB0MFohpI3PoIip3Cc2s6SvS60PAYZ9LA
tx52wMnaGgvNERyA9vvKZ52KPxZZkXJZ3reoEyN6qBrCRHXi937yppRhQTmYxNeI
PcBRjRnqrcpPgmIpqLGAZ65KQqPIL9urwU7fsQxqpS5w8jiGhTxHCeHuD3kiHB3C
k0TQ12xNqkFcOuOFGbB7F0KYCwOwTQv8/fUDPbOWwcCpF8aDs7QoaCgDKwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFG3ems7xb/Ev9679df2ke98GDQ2jMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvYmQ2YXp2RnY4U18zcnYxMV9hUjczd1lORGFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWhidOTDANBgkqhkiG9w0BAQsFAAOCAQEAkw/E29Yq+RNUKKn2hQ5wzTuU
L7R1o44/JNmWuL4QPqh183bJM+RVQIqkDee1fF6LPBIgsN2pOWgjhnXUIgjh7pPG
G2F+6T3VhqcVDAZsBHGqKn7vM0k2CkVGA9qjiBiPwJH0zB1kDc6YDZxoAKJroBed
bYdYeMDvTawWroerqnpwVY+vWXjY3ovrLlwnRsWHpEYFj1kzgoX5iO0QB+Iq/5wK
8KTGlQAOF31ynrWShUZ5QgOv40DnxR4hH7S988ETFAJnkahoOifkaORTdSUfoFdB
MmObpdONs43iuOK0ayJSoTzhHPc40eyDKNygtXD7W3I7rKdnCFv+XS8JoZpVxA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:47:08 2025 by rpki-client