Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bkjJMcU38gYa0ILPi1Q3Ih-S8yI.roa
File: bkjJMcU38gYa0ILPi1Q3Ih-S8yI.roa (raw, json)
Hash identifier: h7RXOQMim6P5MDyal3UqWGG193xmtpx0tkstJhBpCDI=
Subject key identifier: 6E:48:C9:31:C5:37:F2:06:1A:D0:82:CF:8B:54:37:22:1F:92:F3:22
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197037F785F21ED7B071A8195FF1CB6566E
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bkjJMcU38gYa0ILPi1Q3Ih-S8yI.roa
Signing time: Sat 24 May 2025 18:12:54 +0000
ROA not before: Sat 24 May 2025 18:12:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 24 May 2025 19:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:03:7f:78:5f:21:ed:7b:07:1a:81:95:ff:1c:b6:56:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 24 18:12:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e48c931c537f2061ad082cf8b5437221f92f322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:fd:c5:30:9b:09:cf:aa:8d:f6:5c:92:8e:8c:
d7:74:c7:d5:2d:d0:72:5e:03:5d:61:71:25:49:98:
25:93:c3:53:81:0c:ac:74:54:53:89:a9:7c:a8:bd:
d6:b8:0a:35:df:40:00:83:78:d9:86:82:7d:64:c2:
1a:b3:01:22:07:0a:69:c7:0a:4c:54:5a:ed:d4:59:
43:7a:c4:72:72:33:40:c9:ee:3c:6b:fc:dd:7a:68:
93:ef:94:90:03:8a:92:93:2c:8d:61:66:c5:5b:25:
af:3f:f6:0e:38:84:70:21:02:07:3c:eb:e4:35:38:
5a:15:b5:b5:41:4d:7f:76:db:50:f1:7d:f5:fc:0e:
da:d6:f8:94:21:8c:dc:85:a8:4a:0a:94:b6:ab:c7:
50:ad:5c:47:bd:d8:a0:ca:08:63:40:0a:a6:d5:58:
84:07:a5:fd:1e:dd:c9:4c:a5:cd:b8:dc:08:31:09:
ac:d8:1b:9b:f4:40:d0:ba:c5:3b:51:a9:e9:05:6d:
99:36:5c:ba:f3:42:be:c6:0a:fa:6f:80:12:1b:ad:
42:05:d3:06:6b:db:4c:0e:54:06:16:0b:c3:35:65:
ee:9d:6c:f5:fb:5c:e5:37:51:6b:c2:fc:8d:79:08:
5a:72:6a:51:5f:b4:f3:b3:a2:f9:16:ce:5e:a5:d4:
04:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:48:C9:31:C5:37:F2:06:1A:D0:82:CF:8B:54:37:22:1F:92:F3:22
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bkjJMcU38gYa0ILPi1Q3Ih-S8yI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
ae:f2:db:c7:7f:eb:2d:c3:66:89:a7:1a:ad:5f:ad:a4:69:57:
63:d4:fd:a4:c2:aa:cc:8c:20:53:8c:5f:a4:16:f4:c9:35:55:
e3:e8:b8:c9:4b:ad:ed:e9:ca:22:c2:02:af:c5:96:cd:2d:01:
e7:89:82:1e:9f:da:c0:3c:2b:15:a1:d9:5d:e7:2d:91:fe:d1:
ab:41:f4:f1:bd:85:05:63:93:8b:58:d2:70:27:f7:2b:93:b3:
80:79:b7:41:47:e5:05:fa:23:43:7d:bb:ad:2a:6d:64:06:44:
8a:d4:14:3d:ad:07:7c:2c:f8:77:9a:6a:77:82:ef:2e:f6:b7:
6d:a4:1e:e9:ea:d9:8a:02:97:60:a2:8f:89:ce:26:7c:27:a3:
a5:bf:54:19:e6:c6:2d:f0:de:0a:90:23:5e:0f:bf:2c:2e:5a:
01:ef:11:c4:e9:91:08:24:06:3e:87:22:9e:26:fa:70:ee:cb:
f3:81:a5:f6:fa:49:8f:08:e8:95:23:01:21:80:75:e4:ca:93:
19:bc:f8:c4:3a:b7:2e:3f:d3:cd:ff:a0:a8:b8:b3:72:91:b1:
be:a5:32:4b:b7:60:66:fa:2f:f9:e0:3b:51:12:1e:17:94:42:
55:09:bd:94:1a:3d:6f:ad:22:a5:19:6f:e2:8b:7a:65:97:aa:
31:9b:85:48
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZcDf3hfIe17BxqBlf8ctlZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI0MTgxMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQ4YzkzMWM1MzdmMjA2MWFkMDgyY2Y4YjU0MzcyMjFmOTJmMzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7P3FMJsJz6qN9lySjozXdMfVLdBy
XgNdYXElSZglk8NTgQysdFRTial8qL3WuAo130AAg3jZhoJ9ZMIaswEiBwppxwpM
VFrt1FlDesRycjNAye48a/zdemiT75SQA4qSkyyNYWbFWyWvP/YOOIRwIQIHPOvk
NThaFbW1QU1/dttQ8X31/A7a1viUIYzchahKCpS2q8dQrVxHvdigyghjQAqm1ViE
B6X9Ht3JTKXNuNwIMQms2Bub9EDQusU7UanpBW2ZNly680K+xgr6b4ASG61CBdMG
a9tMDlQGFgvDNWXunWz1+1zlN1FrwvyNeQhacmpRX7Tzs6L5Fs5epdQE+wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFG5IyTHFN/IGGtCCz4tUNyIfkvMiMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvYmtqSk1jVTM4Z1lhMElMUGkxUTNJaC1TOHlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEArvLbx3/rLcNmiacarV+tpGlX
Y9T9pMKqzIwgU4xfpBb0yTVV4+i4yUut7enKIsICr8WWzS0B54mCHp/awDwrFaHZ
Xectkf7Rq0H08b2FBWOTi1jScCf3K5OzgHm3QUflBfojQ327rSptZAZEitQUPa0H
fCz4d5pqd4LvLva3baQe6erZigKXYKKPic4mfCejpb9UGebGLfDeCpAjXg+/LC5a
Ae8RxOmRCCQGPocinib6cO7L84Gl9vpJjwjolSMBIYB15MqTGbz4xDq3Lj/Tzf+g
qLizcpGxvqUyS7dgZvov+eA7URIeF5RCVQm9lBo9b60ipRlv4ot6ZZeqMZuFSA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:03:39 2025 by rpki-client