Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/cMIUPVLQgMNlP7hl7mDVZcP_FjY.roa
File: cMIUPVLQgMNlP7hl7mDVZcP_FjY.roa (raw, json)
Hash identifier: jKwYqLXV8t7J6CqB19p9l5BgZsYvCpSVs8l7ohPbH/w=
Subject key identifier: 70:C2:14:3D:52:D0:80:C3:65:3F:B8:65:EE:60:D5:65:C3:FF:16:36
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01973990C2D6E4C5599D87BEEEA8027229FE
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/cMIUPVLQgMNlP7hl7mDVZcP_FjY.roa
Signing time: Wed 04 Jun 2025 06:11:17 +0000
ROA not before: Wed 04 Jun 2025 06:11:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 04 Jun 2025 07:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:39:90:c2:d6:e4:c5:59:9d:87:be:ee:a8:02:72:29:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 4 06:11:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70c2143d52d080c3653fb865ee60d565c3ff1636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6f:eb:ee:08:15:52:11:b2:89:fd:f2:d2:c1:
10:40:3d:de:a0:6d:43:3c:c2:8c:69:4e:c7:65:52:
5b:11:df:f3:00:9e:04:1b:e8:4d:d4:8c:4d:d5:cd:
d3:be:7a:91:ce:b9:d5:83:63:56:8f:6c:f5:0a:1b:
1e:71:ed:2c:1c:dd:2a:2b:85:eb:a3:5d:13:29:af:
20:15:14:07:c2:9c:48:53:2f:c8:f4:3b:fd:f2:42:
e6:11:6c:96:6a:80:84:c3:8a:57:53:43:18:55:dd:
fc:fe:32:58:e3:05:0b:96:af:59:86:ad:69:66:77:
db:ef:ac:f9:26:12:30:32:3a:21:29:52:8c:0e:d8:
17:ab:b7:ed:e4:47:46:42:d0:4a:6c:26:a6:d2:00:
5f:6e:87:43:c0:63:5f:80:ca:a9:f6:8b:78:af:1b:
af:6a:f0:ad:53:5b:5a:32:64:b2:60:2d:71:5e:3e:
f2:f5:fb:ca:84:e4:23:7f:1d:d2:35:67:66:ec:79:
1c:ec:0e:69:6d:4d:ae:1a:45:48:0c:60:f0:59:a6:
ce:3f:25:9c:e2:2e:50:62:a7:ac:4b:e2:2b:b0:c0:
57:1d:08:83:3a:10:04:c7:3a:79:b3:40:2f:68:bc:
08:41:14:07:e2:36:c7:33:52:4f:07:36:36:b7:23:
15:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C2:14:3D:52:D0:80:C3:65:3F:B8:65:EE:60:D5:65:C3:FF:16:36
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/cMIUPVLQgMNlP7hl7mDVZcP_FjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
9d:42:56:aa:ee:e9:02:10:d7:d4:7e:9b:e6:16:aa:e9:a5:19:
5b:7c:26:a2:ac:12:9b:39:af:9f:01:6e:eb:56:ea:f1:0d:c8:
77:56:d9:79:24:9e:5f:9f:03:ec:4e:9d:39:b7:92:e2:a4:6e:
c4:be:a0:77:ba:e0:80:c2:cb:f7:2e:cb:1c:50:7e:fd:69:6a:
2c:28:c7:8a:c7:08:5b:a4:bb:b6:51:0a:23:f6:4b:d9:12:a1:
46:28:4f:3d:6b:3d:16:80:e7:83:05:b8:79:e4:07:fd:d5:5a:
38:50:c3:82:f4:59:5e:40:7d:53:48:05:10:fc:e9:58:36:81:
02:ac:72:f8:40:b4:56:f6:82:db:a1:93:32:28:2e:49:ed:53:
fc:60:b4:0d:95:e0:ce:4f:4e:01:14:eb:4b:a6:40:1a:c6:65:
36:1d:0b:1e:3e:fc:8a:14:4c:5d:18:50:61:14:f9:5a:6f:a1:
54:e8:68:8c:f2:3c:18:16:61:e0:b8:8c:0e:4e:5b:ce:3a:88:
fd:a7:4a:6d:1b:be:a8:1f:21:0d:e5:46:2d:7c:ef:27:ea:56:
82:57:53:fa:8a:13:87:6d:d5:72:a3:6a:7b:49:6b:f7:01:30:
a2:f3:5c:b5:83:68:66:23:d5:95:54:e0:ef:d7:b8:33:40:eb:
c5:12:fe:42
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc5kMLW5MVZnYe+7qgCcin+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA0MDYxMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGMyMTQzZDUyZDA4MGMzNjUzZmI4NjVlZTYwZDU2NWMzZmYxNjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwW/r7ggVUhGyif3y0sEQQD3eoG1D
PMKMaU7HZVJbEd/zAJ4EG+hN1IxN1c3TvnqRzrnVg2NWj2z1Chsece0sHN0qK4Xr
o10TKa8gFRQHwpxIUy/I9Dv98kLmEWyWaoCEw4pXU0MYVd38/jJY4wULlq9Zhq1p
Znfb76z5JhIwMjohKVKMDtgXq7ft5EdGQtBKbCam0gBfbodDwGNfgMqp9ot4rxuv
avCtU1taMmSyYC1xXj7y9fvKhOQjfx3SNWdm7Hkc7A5pbU2uGkVIDGDwWabOPyWc
4i5QYqesS+IrsMBXHQiDOhAExzp5s0AvaLwIQRQH4jbHM1JPBzY2tyMVwQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFHDCFD1S0IDDZT+4Ze5g1WXD/xY2MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvY01JVVBWTFFnTU5sUDdobDdtRFZaY1BfRmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAnUJWqu7pAhDX
1H6b5haq6aUZW3wmoqwSmzmvnwFu61bq8Q3Id1bZeSSeX58D7E6dObeS4qRuxL6g
d7rggMLL9y7LHFB+/WlqLCjHiscIW6S7tlEKI/ZL2RKhRihPPWs9FoDngwW4eeQH
/dVaOFDDgvRZXkB9U0gFEPzpWDaBAqxy+EC0VvaC26GTMiguSe1T/GC0DZXgzk9O
ARTrS6ZAGsZlNh0LHj78ihRMXRhQYRT5Wm+hVOhojPI8GBZh4LiMDk5bzjqI/adK
bRu+qB8hDeVGLXzvJ+pWgldT+ooTh23VcqNqe0lr9wEwovNctYNoZiPVlVTg79e4
M0DrxRL+Qg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:10:11 2025 by rpki-client