Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/dGddPDx1va7ZZzSHJJRK2nJICGU.roa
File: dGddPDx1va7ZZzSHJJRK2nJICGU.roa (raw, json)
Hash identifier: 88+En5wBhZVIun6GC99YEUNyhrVY2ofTcaofx25oqMc=
Subject key identifier: 74:67:5D:3C:3C:75:BD:AE:D9:67:34:87:24:94:4A:DA:72:48:08:65
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01971664331839E9DEC0BC1FD3E50B8D8D76
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/dGddPDx1va7ZZzSHJJRK2nJICGU.roa
Signing time: Wed 28 May 2025 10:15:54 +0000
ROA not before: Wed 28 May 2025 10:15:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 28 May 2025 11:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:16:64:33:18:39:e9:de:c0:bc:1f:d3:e5:0b:8d:8d:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 28 10:15:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74675d3c3c75bdaed967348724944ada72480865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:5c:b2:9b:be:1b:f1:76:e8:c5:ad:29:a6:24:
a6:fe:3d:57:56:00:8b:48:35:b4:1a:d6:4b:90:d9:
b3:90:41:5f:37:61:df:c3:3e:55:cc:ea:bb:e4:11:
e6:86:99:40:78:36:90:f9:45:43:24:3b:57:b9:bc:
b3:d7:0a:f4:61:8f:37:5b:bf:36:c1:9e:46:48:c2:
40:37:40:78:72:13:0d:c6:5f:90:fb:b6:19:c6:e7:
e9:01:dd:70:1c:77:00:fc:fe:d5:da:12:49:87:98:
fa:21:e4:2f:ea:ae:6e:c7:ff:13:15:f2:e6:66:71:
1c:d9:a1:83:4e:55:da:81:ca:11:09:73:5b:08:eb:
68:ad:4b:38:3f:0d:7d:e1:e9:80:8f:3f:6f:fb:d9:
46:5a:34:98:23:6b:78:ba:23:04:e0:69:84:81:64:
c4:f9:0d:18:28:b0:30:be:d3:0f:87:0d:ae:4e:92:
f7:69:c5:55:d7:a1:91:c1:de:bd:90:c3:09:d5:84:
3d:f9:50:00:e8:05:52:65:df:35:45:31:0b:d4:70:
e1:b3:c1:30:e8:86:29:b9:6e:e2:3d:cf:ee:4d:9e:
5f:b1:3c:e7:e7:10:55:d4:f8:c1:67:94:32:30:53:
aa:e9:c2:9b:d5:a3:41:b1:3f:65:81:3d:2e:da:2c:
7d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:67:5D:3C:3C:75:BD:AE:D9:67:34:87:24:94:4A:DA:72:48:08:65
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/dGddPDx1va7ZZzSHJJRK2nJICGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
6f:52:11:9c:87:8c:4f:2d:31:eb:48:a3:d7:63:6b:6c:fe:0b:
d2:84:48:9c:60:09:55:be:56:47:0f:7e:cd:fb:61:11:8f:74:
6f:11:70:7d:b3:61:4c:84:30:85:0d:68:15:dd:de:3b:c0:39:
93:40:19:82:96:ca:70:ee:da:e1:45:f0:51:f7:fb:0b:c6:df:
52:f5:f8:88:cc:8d:40:84:c8:04:89:e7:28:93:33:8b:a4:59:
78:3e:c1:cb:56:11:44:09:9c:15:41:29:06:d8:9c:ed:0d:fe:
39:ec:4b:46:15:30:b2:34:03:f9:2b:63:78:8a:b6:f4:a8:20:
72:81:f8:d1:29:97:4c:87:f9:c3:2c:0b:1e:6a:73:82:73:64:
fc:aa:c7:f9:b5:a8:16:68:3c:f5:9d:01:63:6b:82:b5:3a:29:
53:54:a2:09:0c:be:c0:d3:76:59:8f:7a:18:f8:df:e3:ff:e7:
5e:c0:d7:52:f1:68:9f:f8:6b:6e:fa:75:f9:bc:37:fd:8c:77:
ca:e5:24:29:ef:60:91:c1:10:cc:fd:68:a8:5d:5b:1d:a7:f3:
32:b2:d3:c3:3f:08:3a:50:dd:59:41:52:56:e6:48:74:2d:dc:
fe:60:d3:73:32:17:32:31:05:81:c0:92:bd:9c:e7:3b:e2:f8:
dc:74:c6:bc
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcWZDMYOenewLwf0+ULjY12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI4MTAxNTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDY3NWQzYzNjNzViZGFlZDk2NzM0ODcyNDk0NGFkYTcyNDgwODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Fyym74b8Xboxa0ppiSm/j1XVgCL
SDW0GtZLkNmzkEFfN2Hfwz5VzOq75BHmhplAeDaQ+UVDJDtXubyz1wr0YY83W782
wZ5GSMJAN0B4chMNxl+Q+7YZxufpAd1wHHcA/P7V2hJJh5j6IeQv6q5ux/8TFfLm
ZnEc2aGDTlXagcoRCXNbCOtorUs4Pw194emAjz9v+9lGWjSYI2t4uiME4GmEgWTE
+Q0YKLAwvtMPhw2uTpL3acVV16GRwd69kMMJ1YQ9+VAA6AVSZd81RTEL1HDhs8Ew
6IYpuW7iPc/uTZ5fsTzn5xBV1PjBZ5QyMFOq6cKb1aNBsT9lgT0u2ix9lQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHRnXTw8db2u2Wc0hySUStpySAhlMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvZEdkZFBEeDF2YTdaWnpTSEpKUksybkpJQ0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQBvUhGch4xPLTHrSKPXY2ts/gvShEicYAlVvlZH
D37N+2ERj3RvEXB9s2FMhDCFDWgV3d47wDmTQBmClspw7trhRfBR9/sLxt9S9fiI
zI1AhMgEiecokzOLpFl4PsHLVhFECZwVQSkG2JztDf457EtGFTCyNAP5K2N4irb0
qCBygfjRKZdMh/nDLAseanOCc2T8qsf5tagWaDz1nQFja4K1OilTVKIJDL7A03ZZ
j3oY+N/j/+dewNdS8Wif+Gtu+nX5vDf9jHfK5SQp72CRwRDM/WioXVsdp/MystPD
Pwg6UN1ZQVJW5kh0Ldz+YNNzMhcyMQWBwJK9nOc74vjcdMa8
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:14:22 2025 by rpki-client