Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bk9OTO10FZZZV_GlNX4B4p8pwj4.roa
File: bk9OTO10FZZZV_GlNX4B4p8pwj4.roa (raw, json)
Hash identifier: KCy4tx5WwnvZUXNNFkNfVTJ1BOEgBN/n4pjo/yF+U5I=
Subject key identifier: 6E:4F:4E:4C:ED:74:15:96:59:57:F1:A5:35:7E:01:E2:9F:29:C2:3E
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196FF6CAEB747865DB7008280EF630AC7D7
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bk9OTO10FZZZV_GlNX4B4p8pwj4.roa
Signing time: Fri 23 May 2025 23:13:54 +0000
ROA not before: Fri 23 May 2025 23:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 24 May 2025 00:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ff:6c:ae:b7:47:86:5d:b7:00:82:80:ef:63:0a:c7:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 23 23:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e4f4e4ced7415965957f1a5357e01e29f29c23e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:49:74:90:7d:74:9f:98:68:f8:06:5a:af:f2:
86:48:82:7d:67:ca:bb:cc:ad:bd:d9:f1:75:7b:ce:
63:1c:40:ce:24:48:5b:e8:ad:05:bd:8f:43:67:92:
3d:58:1a:f0:82:3e:94:b0:56:7a:8f:50:4e:41:51:
41:0a:62:87:09:a3:b2:13:c1:e7:4e:d9:5c:0b:fe:
33:04:37:08:9b:81:23:5f:1d:a5:87:3d:64:f9:14:
4a:51:52:66:02:7c:32:d6:7e:c7:b5:84:65:59:0e:
0a:46:ad:04:b3:a2:48:f1:a3:db:0c:18:8e:26:49:
57:5d:bb:c2:bd:f6:78:d0:df:eb:95:d6:f8:1e:fa:
71:52:43:c1:e0:c1:45:8b:c6:ac:9c:ad:3e:bb:19:
1c:de:b7:06:4a:6b:d2:61:7e:fb:30:cf:55:bf:dd:
4c:1a:5e:f8:3c:26:4f:20:03:88:8e:69:67:a5:be:
a8:63:7d:52:be:23:ac:26:4d:14:3e:fa:bc:4d:6f:
f2:8e:09:6a:21:a0:67:00:b6:e8:0a:18:eb:bd:61:
e3:24:9c:d1:8a:6e:8c:ee:fd:01:dd:a4:dd:9f:95:
91:20:68:de:7e:9d:7b:45:26:bd:79:02:37:e9:64:
87:13:4b:14:08:b8:33:29:c2:41:89:ce:e5:d3:a0:
c1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:4F:4E:4C:ED:74:15:96:59:57:F1:A5:35:7E:01:E2:9F:29:C2:3E
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bk9OTO10FZZZV_GlNX4B4p8pwj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
3c:a8:38:80:71:0f:76:b3:71:e7:28:9e:ea:c5:95:ef:d8:cc:
3f:ec:f6:67:09:f5:f3:1e:b2:39:c6:63:75:31:83:40:3f:ab:
fb:74:95:6d:7f:ba:6a:70:73:d9:db:eb:46:85:e1:cc:9d:c7:
fc:dd:cc:b0:5b:7c:f6:39:af:68:b2:fc:d4:57:ac:e7:33:e0:
4d:75:6d:4e:b6:01:68:54:64:f6:f0:9f:5a:8b:3c:59:4f:e6:
3a:46:bf:a3:5a:2e:e4:cc:f2:75:65:5d:a6:c2:69:c0:9e:9c:
01:be:b5:ce:2d:fd:01:07:dc:1c:e6:37:5e:2a:b5:9e:73:dd:
30:35:ab:3c:3c:f6:d8:85:ff:3d:d8:35:35:28:43:e8:2f:db:
67:d0:31:87:84:64:08:9d:f3:20:a5:97:05:e9:e1:17:f5:26:
68:90:d4:09:61:f8:67:63:97:8e:30:bb:0d:59:7d:11:b4:7e:
ca:0c:e1:46:3f:ef:43:d4:89:9f:ce:11:72:c5:5e:0a:af:7b:
69:cd:c5:0d:45:7b:cc:fe:b5:1d:e5:3b:b2:a6:79:6d:88:27:
d9:36:61:60:51:e3:4c:0c:6b:9c:38:54:b8:6a:03:e7:4e:a4:
18:da:9c:0e:2d:01:1b:55:d2:26:77:35:54:ce:64:8a:1c:8a:
b6:20:e0:95
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb/bK63R4ZdtwCCgO9jCsfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIzMjMxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTRmNGU0Y2VkNzQxNTk2NTk1N2YxYTUzNTdlMDFlMjlmMjljMjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukl0kH10n5ho+AZar/KGSIJ9Z8q7
zK292fF1e85jHEDOJEhb6K0FvY9DZ5I9WBrwgj6UsFZ6j1BOQVFBCmKHCaOyE8Hn
TtlcC/4zBDcIm4EjXx2lhz1k+RRKUVJmAnwy1n7HtYRlWQ4KRq0Es6JI8aPbDBiO
JklXXbvCvfZ40N/rldb4HvpxUkPB4MFFi8asnK0+uxkc3rcGSmvSYX77MM9Vv91M
Gl74PCZPIAOIjmlnpb6oY31SviOsJk0UPvq8TW/yjglqIaBnALboChjrvWHjJJzR
im6M7v0B3aTdn5WRIGjefp17RSa9eQI36WSHE0sUCLgzKcJBic7l06DBlQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFG5PTkztdBWWWVfxpTV+AeKfKcI+MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvYms5T1RPMTBGWlpaVl9HbE5YNEI0cDhwd2o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAPKg4gHEPdrNx5yie6sWV79jM
P+z2Zwn18x6yOcZjdTGDQD+r+3SVbX+6anBz2dvrRoXhzJ3H/N3MsFt89jmvaLL8
1Fes5zPgTXVtTrYBaFRk9vCfWos8WU/mOka/o1ou5MzydWVdpsJpwJ6cAb61zi39
AQfcHOY3Xiq1nnPdMDWrPDz22IX/Pdg1NShD6C/bZ9Axh4RkCJ3zIKWXBenhF/Um
aJDUCWH4Z2OXjjC7DVl9EbR+ygzhRj/vQ9SJn84RcsVeCq97ac3FDUV7zP61HeU7
sqZ5bYgn2TZhYFHjTAxrnDhUuGoD506kGNqcDi0BG1XSJnc1VM5kihyKtiDglQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:20:52 2025 by rpki-client