Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bwSuIkDwh_dgSYybSMntlsGxyZE.roa
File: bwSuIkDwh_dgSYybSMntlsGxyZE.roa (raw, json)
Hash identifier: 8zN4l0Qgy2oSj5H41OOxGwc8TN5fXWAccrrzhORQAFo=
Subject key identifier: 6F:04:AE:22:40:F0:87:F7:60:49:8C:9B:48:C9:ED:96:C1:B1:C9:91
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196F9D78CE5CCD1CDDACE94679BB7DFC2D0
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bwSuIkDwh_dgSYybSMntlsGxyZE.roa
Signing time: Thu 22 May 2025 21:12:55 +0000
ROA not before: Thu 22 May 2025 21:12:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 22 May 2025 22:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f9:d7:8c:e5:cc:d1:cd:da:ce:94:67:9b:b7:df:c2:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 22 21:12:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f04ae2240f087f760498c9b48c9ed96c1b1c991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c1:a9:cd:d3:b7:a7:54:a1:9d:c9:24:6d:2b:
af:68:f7:93:19:a9:d0:a8:cc:34:5e:e2:00:a8:6e:
89:a1:7e:37:29:3d:7e:7b:0c:7d:67:b8:15:5f:dd:
dd:74:8b:e3:4e:31:72:15:56:9c:c6:31:2f:f4:ec:
4a:1f:05:91:30:f9:e2:c1:d1:83:08:97:d6:1f:57:
54:98:13:ad:47:42:5f:2f:b5:3f:c8:5a:4b:0e:5c:
4d:65:94:b7:65:c2:cb:d1:88:0a:c1:b9:d6:d7:85:
35:ef:23:4e:22:f6:f5:58:8c:45:20:1f:f3:18:2e:
45:cb:39:65:42:21:de:fe:02:72:df:1b:66:e1:47:
fa:18:59:9a:fd:83:95:45:26:3d:b0:e2:5b:13:d8:
c4:c5:f5:1d:ed:ba:78:41:17:e1:62:bd:40:f5:ae:
5e:cf:c0:d3:35:f2:87:3b:be:83:ae:91:08:20:22:
1b:29:60:ab:f0:d4:51:3e:03:99:c6:86:fc:98:ec:
d1:aa:27:6a:81:2c:1a:f4:fd:70:db:5b:6b:e9:88:
cf:69:09:e6:f7:17:00:14:3b:59:49:4f:a4:89:a5:
40:c3:19:81:78:2a:36:47:66:0d:46:8c:7f:c0:3f:
ee:0b:c1:fd:45:f5:59:4e:0b:6c:34:22:59:97:4c:
bc:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:04:AE:22:40:F0:87:F7:60:49:8C:9B:48:C9:ED:96:C1:B1:C9:91
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bwSuIkDwh_dgSYybSMntlsGxyZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
88:8e:62:d2:fd:34:d1:f0:15:6a:6b:8d:be:e7:72:b6:5b:e9:
02:74:5c:d0:e8:b6:7d:73:99:47:c0:8a:1d:30:76:53:41:a3:
d8:95:cb:9d:8c:c4:8c:36:11:7a:c6:2b:b9:33:60:57:81:f9:
a6:7c:a6:d1:c9:4c:57:03:b1:b5:35:05:56:85:90:6c:3c:4c:
6f:90:e7:c7:43:59:f6:20:71:7a:2d:72:53:26:cf:b6:ac:da:
9a:93:0a:b0:5d:cd:f5:a3:53:07:b5:42:b0:76:e2:c9:eb:bc:
15:58:fb:b9:81:0c:92:75:1f:9d:e3:6e:d0:84:28:ce:e3:b4:
b3:c1:2e:b9:8a:c7:3a:9e:de:45:36:d7:10:7c:fa:69:94:92:
32:57:b6:65:55:3b:67:4f:73:b6:93:34:53:b5:bf:b0:9d:d1:
76:3d:d0:8f:8c:9a:06:78:b7:cb:2d:fa:3f:22:99:ac:89:04:
fc:c7:44:70:68:61:59:e1:b5:d6:5b:b6:fb:12:71:04:fd:7d:
5e:8d:d9:83:bc:c1:71:7c:30:84:11:a0:63:74:e5:a7:fe:b4:
3f:b5:cd:30:4a:b2:87:0e:27:d5:82:0d:22:97:a8:6c:0c:25:
01:82:f9:32:3a:75:1c:52:0d:f7:75:42:39:85:bf:73:54:32:
1a:48:52:2d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb514zlzNHN2s6UZ5u338LQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIyMjExMjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjA0YWUyMjQwZjA4N2Y3NjA0OThjOWI0OGM5ZWQ5NmMxYjFjOTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycGpzdO3p1ShnckkbSuvaPeTGanQ
qMw0XuIAqG6JoX43KT1+ewx9Z7gVX93ddIvjTjFyFVacxjEv9OxKHwWRMPniwdGD
CJfWH1dUmBOtR0JfL7U/yFpLDlxNZZS3ZcLL0YgKwbnW14U17yNOIvb1WIxFIB/z
GC5FyzllQiHe/gJy3xtm4Uf6GFma/YOVRSY9sOJbE9jExfUd7bp4QRfhYr1A9a5e
z8DTNfKHO76DrpEIICIbKWCr8NRRPgOZxob8mOzRqidqgSwa9P1w21tr6YjPaQnm
9xcAFDtZSU+kiaVAwxmBeCo2R2YNRox/wD/uC8H9RfVZTgtsNCJZl0y8GQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFG8EriJA8If3YEmMm0jJ7ZbBscmRMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvYndTdUlrRHdoX2RnU1l5YlNNbnRsc0d4eVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAiI5i0v000fAVamuNvudytlvp
AnRc0Oi2fXOZR8CKHTB2U0Gj2JXLnYzEjDYResYruTNgV4H5pnym0clMVwOxtTUF
VoWQbDxMb5Dnx0NZ9iBxei1yUybPtqzampMKsF3N9aNTB7VCsHbiyeu8FVj7uYEM
knUfneNu0IQozuO0s8EuuYrHOp7eRTbXEHz6aZSSMle2ZVU7Z09ztpM0U7W/sJ3R
dj3Qj4yaBni3yy36PyKZrIkE/MdEcGhhWeG11lu2+xJxBP19Xo3Zg7zBcXwwhBGg
Y3Tlp/60P7XNMEqyhw4n1YINIpeobAwlAYL5Mjp1HFIN93VCOYW/c1QyGkhSLQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:09:48 2025 by rpki-client