Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/boT9kHWTuidwiKl_ZfcXG4UBUoE.roa
File: boT9kHWTuidwiKl_ZfcXG4UBUoE.roa (raw, json)
Hash identifier: Jj2llao1PoegHJOYBwN3N6gla7xVQAGStHJslzjWjlE=
Subject key identifier: 6E:84:FD:90:75:93:BA:27:70:88:A9:7F:65:F7:17:1B:85:01:52:81
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197045A4790DDBE0D1C6B54CA12E4B16143
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/boT9kHWTuidwiKl_ZfcXG4UBUoE.roa
Signing time: Sat 24 May 2025 22:11:54 +0000
ROA not before: Sat 24 May 2025 22:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 24 May 2025 23:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:04:5a:47:90:dd:be:0d:1c:6b:54:ca:12:e4:b1:61:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 24 22:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e84fd907593ba277088a97f65f7171b85015281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a7:a0:84:b7:51:fc:b3:54:89:da:96:d1:ba:
69:3e:bb:df:f5:be:b4:bf:30:78:eb:23:36:89:ac:
9a:91:80:a2:aa:a9:7f:d1:10:6b:71:e3:e0:cb:d1:
ed:d5:9d:93:28:01:d7:71:3d:86:14:b4:23:d9:a7:
86:6f:16:dc:af:7a:ca:f4:4c:fb:47:07:94:0b:8b:
91:2b:43:3f:e3:f2:c3:a0:ba:02:b7:a3:49:db:68:
69:c2:8d:85:78:7b:e2:92:be:07:98:ea:01:ac:03:
8b:76:20:07:bc:06:ac:34:4d:ef:38:64:7d:e7:72:
f6:4d:b4:db:65:5c:be:fc:39:3c:06:c1:37:ec:4d:
c4:b4:ac:a4:74:5b:49:db:94:13:50:4c:23:40:dc:
71:12:1b:c3:dc:cc:0e:41:fc:d8:e1:f1:24:54:74:
63:8f:bc:6b:35:2a:55:a3:b2:d2:82:56:0e:dd:85:
bf:0a:50:ac:47:ad:e1:5e:bf:b3:ca:28:c6:c6:2f:
16:8d:a1:70:f1:8e:aa:6d:8f:03:84:3d:9f:d8:17:
93:6d:21:40:3a:b7:5d:e8:8d:00:87:b9:36:cf:e7:
80:e5:74:aa:f9:25:b2:98:7c:3e:d4:5d:75:79:54:
ce:50:33:3f:e0:e5:bd:c6:73:a3:98:d8:97:4f:83:
bd:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:84:FD:90:75:93:BA:27:70:88:A9:7F:65:F7:17:1B:85:01:52:81
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/boT9kHWTuidwiKl_ZfcXG4UBUoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
bd:cd:4f:1c:fd:cd:6b:59:47:fd:a4:87:98:e3:54:1d:52:23:
21:ee:ff:e2:0c:75:2f:72:68:19:d0:c7:de:34:01:dc:42:8c:
84:bf:68:fb:36:10:3a:7e:b4:e2:ef:b1:75:13:d4:11:da:ee:
35:76:27:7d:7c:e1:75:c7:84:21:01:fa:9d:5c:87:6b:73:f7:
40:8d:7f:52:b2:72:bf:f7:e8:c9:67:cd:8b:5e:ab:01:df:05:
b6:35:39:62:a1:5c:b3:85:52:3a:da:bf:e2:62:45:df:e6:b8:
f0:e0:4a:15:70:e3:40:c3:51:00:02:03:14:76:69:a2:42:fb:
23:a0:38:24:36:cb:d7:7f:df:21:4d:a6:b1:e8:2f:d7:79:e5:
fa:96:76:70:b4:f1:1d:5b:51:26:8c:d9:d9:20:be:a0:9b:e9:
fc:5e:ff:a8:83:ce:35:d6:26:7f:bc:48:44:1e:e6:b3:5b:53:
be:cc:23:07:80:72:e3:08:fa:95:a4:15:0e:48:b3:27:ca:f9:
7e:2e:14:8c:d9:67:58:3c:2c:16:6c:b5:e2:2a:73:58:6b:ea:
23:07:26:c1:7a:23:d7:37:19:20:39:bb:89:2a:b9:0d:a8:59:
83:ee:01:5e:b7:57:5a:6f:01:cf:86:25:d5:b8:7e:ca:f4:72:
49:68:ad:c2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZcEWkeQ3b4NHGtUyhLksWFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI0MjIxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTg0ZmQ5MDc1OTNiYTI3NzA4OGE5N2Y2NWY3MTcxYjg1MDE1MjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqeghLdR/LNUidqW0bppPrvf9b60
vzB46yM2iayakYCiqql/0RBrcePgy9Ht1Z2TKAHXcT2GFLQj2aeGbxbcr3rK9Ez7
RweUC4uRK0M/4/LDoLoCt6NJ22hpwo2FeHvikr4HmOoBrAOLdiAHvAasNE3vOGR9
53L2TbTbZVy+/Dk8BsE37E3EtKykdFtJ25QTUEwjQNxxEhvD3MwOQfzY4fEkVHRj
j7xrNSpVo7LSglYO3YW/ClCsR63hXr+zyijGxi8WjaFw8Y6qbY8DhD2f2BeTbSFA
Ordd6I0Ah7k2z+eA5XSq+SWymHw+1F11eVTOUDM/4OW9xnOjmNiXT4O9kQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFG6E/ZB1k7oncIipf2X3FxuFAVKBMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvYm9UOWtIV1R1aWR3aUtsX1pmY1hHNFVCVW9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAvc1PHP3Na1lH/aSHmONUHVIj
Ie7/4gx1L3JoGdDH3jQB3EKMhL9o+zYQOn604u+xdRPUEdruNXYnfXzhdceEIQH6
nVyHa3P3QI1/UrJyv/foyWfNi16rAd8FtjU5YqFcs4VSOtq/4mJF3+a48OBKFXDj
QMNRAAIDFHZpokL7I6A4JDbL13/fIU2msegv13nl+pZ2cLTxHVtRJozZ2SC+oJvp
/F7/qIPONdYmf7xIRB7ms1tTvswjB4By4wj6laQVDkizJ8r5fi4UjNlnWDwsFmy1
4ipzWGvqIwcmwXoj1zcZIDm7iSq5DahZg+4BXrdXWm8Bz4Yl1bh+yvRySWitwg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:27:15 2025 by rpki-client