Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/d25nTDd5ebwXZDvVpesg0iZYv_E.roa
File: d25nTDd5ebwXZDvVpesg0iZYv_E.roa (raw, json)
Hash identifier: jyyKF9lfj25IX0kcr0PiT3WeLaJiYzwcRnRflZBOCgo=
Subject key identifier: 77:6E:67:4C:37:79:79:BC:17:64:3B:D5:A5:EB:20:D2:26:58:BF:F1
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019731A2204848CE9D173257A7E7AA36E0B5
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/d25nTDd5ebwXZDvVpesg0iZYv_E.roa
Signing time: Mon 02 Jun 2025 17:13:18 +0000
ROA not before: Mon 02 Jun 2025 17:13:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 02 Jun 2025 18:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:31:a2:20:48:48:ce:9d:17:32:57:a7:e7:aa:36:e0:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 2 17:13:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=776e674c377979bc17643bd5a5eb20d22658bff1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:49:1a:e6:ba:c7:69:a4:d4:c0:2d:9f:86:03:
17:c9:bd:8c:13:d1:32:c5:33:57:25:1a:9f:f8:e4:
bd:e4:99:fa:90:c9:fc:e8:1f:1d:12:83:f1:31:1f:
d8:7e:23:bb:89:d1:68:f4:1a:89:88:28:3d:0b:16:
36:5f:28:73:03:b2:56:3a:a8:1d:ae:8c:d3:67:fa:
01:e5:30:e8:a1:25:bf:94:cc:a3:2f:e5:4c:82:a7:
a1:60:a0:47:b9:82:c0:eb:78:74:be:ac:57:11:53:
be:ab:78:95:ae:d7:28:cd:6f:b0:54:a0:13:80:86:
c6:8e:2a:72:48:d3:dd:17:05:8a:61:1b:56:a8:b0:
99:49:b6:a4:5e:4d:b0:e9:b8:0a:99:24:f3:f7:56:
8b:b3:4e:0b:bf:c6:8a:98:26:f4:a9:75:96:d4:58:
21:da:9a:63:01:af:3f:e0:c2:76:0b:04:2f:91:5d:
34:37:44:17:6d:a0:1f:4b:e6:be:aa:35:1b:65:9f:
eb:02:0c:3e:d7:3e:ae:be:48:f5:05:50:ac:8b:c4:
84:18:23:7d:a1:5f:55:7c:f0:5e:7b:fb:77:23:20:
35:de:72:41:a1:6e:64:be:4c:5d:4a:f8:80:24:d1:
c4:db:dd:29:97:59:39:6e:71:d4:b5:17:ee:53:31:
59:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:6E:67:4C:37:79:79:BC:17:64:3B:D5:A5:EB:20:D2:26:58:BF:F1
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/d25nTDd5ebwXZDvVpesg0iZYv_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
98:a4:75:9f:33:02:64:77:33:29:2a:dc:99:05:75:52:fd:e8:
3b:72:b5:d4:a0:a2:24:28:ac:d5:ed:c7:da:8c:ca:cb:9a:9a:
f0:19:08:84:6d:88:13:4f:7b:d4:fc:bf:ff:e9:b7:50:cb:66:
ef:13:29:cb:d3:fd:fc:89:62:62:3f:53:c8:ac:b1:02:12:3e:
17:5b:c0:be:ee:a6:15:8b:66:92:8b:2a:50:7a:ea:7b:00:d8:
24:6f:6b:f9:4b:be:5d:a0:29:5e:a7:12:15:a7:7e:3f:69:dc:
10:bf:bf:fe:eb:f0:55:62:a9:c4:4d:fd:f1:67:3a:9b:27:f3:
fe:4f:6b:c2:b0:b1:08:bf:e2:71:9b:04:45:33:75:6a:3f:ce:
54:42:e2:f5:42:66:b9:82:18:7b:b9:83:42:6c:8b:e6:62:2c:
9d:76:4f:10:1f:28:ae:b3:0d:60:76:7f:93:5f:01:59:bc:b9:
5c:5b:f7:ff:48:60:39:29:39:98:0f:82:17:67:b2:d0:4b:31:
30:e5:0a:45:d3:51:40:7a:a6:c6:50:b4:1b:cc:67:b0:6d:33:
e3:26:e7:f3:14:9c:e1:01:af:f0:58:5a:a2:5d:60:f9:42:dd:
cf:cf:40:0d:70:77:24:79:8a:ac:96:3d:82:e6:aa:f0:65:bf:
b2:bc:77:dc
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcxoiBISM6dFzJXp+eqNuC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAyMTcxMzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzZlNjc0YzM3Nzk3OWJjMTc2NDNiZDVhNWViMjBkMjI2NThiZmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEka5rrHaaTUwC2fhgMXyb2ME9Ey
xTNXJRqf+OS95Jn6kMn86B8dEoPxMR/YfiO7idFo9BqJiCg9CxY2XyhzA7JWOqgd
rozTZ/oB5TDooSW/lMyjL+VMgqehYKBHuYLA63h0vqxXEVO+q3iVrtcozW+wVKAT
gIbGjipySNPdFwWKYRtWqLCZSbakXk2w6bgKmSTz91aLs04Lv8aKmCb0qXWW1Fgh
2ppjAa8/4MJ2CwQvkV00N0QXbaAfS+a+qjUbZZ/rAgw+1z6uvkj1BVCsi8SEGCN9
oV9VfPBee/t3IyA13nJBoW5kvkxdSviAJNHE290pl1k5bnHUtRfuUzFZVwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHduZ0w3eXm8F2Q71aXrINImWL/xMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvZDI1blREZDVlYndYWkR2VnBlc2cwaVpZdl9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQCYpHWfMwJkdzMpKtyZBXVS/eg7crXUoKIkKKzV
7cfajMrLmprwGQiEbYgTT3vU/L//6bdQy2bvEynL0/38iWJiP1PIrLECEj4XW8C+
7qYVi2aSiypQeup7ANgkb2v5S75doClepxIVp34/adwQv7/+6/BVYqnETf3xZzqb
J/P+T2vCsLEIv+JxmwRFM3VqP85UQuL1Qma5ghh7uYNCbIvmYiyddk8QHyiusw1g
dn+TXwFZvLlcW/f/SGA5KTmYD4IXZ7LQSzEw5QpF01FAeqbGULQbzGewbTPjJufz
FJzhAa/wWFqiXWD5Qt3Pz0ANcHckeYqslj2C5qrwZb+yvHfc
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:36:20 2025 by rpki-client