Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/dTl9_5SpgnbdsEB4GkD2Ffo7p8M.roa
File: dTl9_5SpgnbdsEB4GkD2Ffo7p8M.roa (raw, json)
Hash identifier: Avb0D6Exi6gFTX8LtA9F/q4synNCaRZA7OjT+aUf0cM=
Subject key identifier: 75:39:7D:FF:94:A9:82:76:DD:B0:40:78:1A:40:F6:15:FA:3B:A7:C3
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019743A94B32AD8366361472476DE94C8A20
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/dTl9_5SpgnbdsEB4GkD2Ffo7p8M.roa
Signing time: Fri 06 Jun 2025 05:14:17 +0000
ROA not before: Fri 06 Jun 2025 05:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 06 Jun 2025 06:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:43:a9:4b:32:ad:83:66:36:14:72:47:6d:e9:4c:8a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 6 05:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75397dff94a98276ddb040781a40f615fa3ba7c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:78:87:44:6f:0a:f0:0b:e4:81:f1:89:de:81:
e8:45:74:65:70:f9:53:f3:a4:22:74:7c:97:7b:80:
eb:00:4b:68:f2:1a:50:8e:38:9a:30:5d:f0:7f:e8:
88:c6:82:46:a4:d8:32:37:74:96:ee:1b:ce:0a:62:
12:a5:d0:3f:78:aa:a9:90:6d:19:82:85:a6:22:fc:
a5:a6:c3:6d:af:0a:7e:ab:50:6e:ee:73:ef:5e:c3:
98:45:e0:25:e0:fb:4a:b0:5c:c8:1f:29:02:41:b4:
12:11:15:d4:bd:0b:d1:97:17:92:20:ef:d2:4e:14:
29:f9:3d:93:97:28:4a:b3:ad:26:b7:b6:65:03:45:
fb:a0:cf:1a:4d:2f:f9:5c:8c:d6:09:70:34:e5:2a:
c9:7c:5b:75:4f:74:20:8d:af:05:09:55:5f:be:92:
04:6d:7a:da:eb:1b:6e:45:f6:08:85:fa:53:ad:0d:
07:b8:19:9f:d1:e5:38:43:4e:26:7b:ab:d7:5b:44:
36:75:ef:b9:0f:16:b0:27:1c:dc:a8:83:aa:c3:f3:
99:fd:02:62:c8:e6:4b:22:95:cb:d7:5e:34:68:1d:
93:f5:02:c1:ff:ad:fb:41:53:87:a7:3b:e9:60:2f:
e0:b3:90:c3:cf:d3:1c:9c:66:1f:60:db:7d:3a:1e:
85:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:39:7D:FF:94:A9:82:76:DD:B0:40:78:1A:40:F6:15:FA:3B:A7:C3
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/dTl9_5SpgnbdsEB4GkD2Ffo7p8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
bc:c6:ec:c0:70:1e:77:36:54:3f:d0:86:42:de:eb:e2:6e:10:
68:ac:4e:d2:77:c8:4d:0c:62:0c:5b:f1:94:3c:67:c8:88:42:
8f:56:87:d6:5c:96:d1:ae:10:a4:ac:4b:1d:2a:1f:f4:7a:8d:
55:c5:a0:08:a1:e3:d6:e3:c6:3d:62:0c:a9:7b:e3:b2:76:c1:
4c:35:a6:77:e3:3a:57:14:2d:8a:dd:e9:9b:ed:f3:ca:78:de:
05:7e:91:ea:1e:3d:e7:ec:00:60:54:d1:43:1c:00:74:0d:e6:
b1:40:1f:47:dc:0f:51:4a:22:69:26:72:70:cc:87:bd:5a:fa:
e9:2c:cc:d5:ce:5c:b8:5e:0a:61:0e:a6:54:62:68:8c:9b:89:
51:e5:a0:92:8c:81:f6:b6:f9:f6:0e:5b:a3:7c:a1:4e:6a:7f:
9f:d3:e5:de:64:0b:e7:5c:b1:e3:a5:25:a1:ee:25:6c:38:9d:
bc:cb:cd:cd:bd:8a:21:df:c0:4c:b6:b9:13:02:27:d0:a7:93:
9b:74:f1:2e:8d:71:05:43:b1:50:59:83:8f:ea:81:5c:20:f8:
47:b7:b0:8c:4b:c4:7f:c3:e4:8b:82:6a:cd:25:51:c9:3a:ec:
9d:90:df:92:d1:4b:a0:1e:2e:52:f7:b8:6d:5b:7a:83:0e:c5:
0b:4b:11:7e
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZdDqUsyrYNmNhRyR23pTIogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA2MDUxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTM5N2RmZjk0YTk4Mjc2ZGRiMDQwNzgxYTQwZjYxNWZhM2JhN2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXiHRG8K8AvkgfGJ3oHoRXRlcPlT
86QidHyXe4DrAEto8hpQjjiaMF3wf+iIxoJGpNgyN3SW7hvOCmISpdA/eKqpkG0Z
goWmIvylpsNtrwp+q1Bu7nPvXsOYReAl4PtKsFzIHykCQbQSERXUvQvRlxeSIO/S
ThQp+T2TlyhKs60mt7ZlA0X7oM8aTS/5XIzWCXA05SrJfFt1T3Qgja8FCVVfvpIE
bXra6xtuRfYIhfpTrQ0HuBmf0eU4Q04me6vXW0Q2de+5DxawJxzcqIOqw/OZ/QJi
yOZLIpXL1140aB2T9QLB/637QVOHpzvpYC/gs5DDz9McnGYfYNt9Oh6FVQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFHU5ff+UqYJ23bBAeBpA9hX6O6fDMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvZFRsOV81U3BnbmJkc0VCNEdrRDJGZm83cDhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAvMbswHAedzZU
P9CGQt7r4m4QaKxO0nfITQxiDFvxlDxnyIhCj1aH1lyW0a4QpKxLHSof9HqNVcWg
CKHj1uPGPWIMqXvjsnbBTDWmd+M6VxQtit3pm+3zynjeBX6R6h495+wAYFTRQxwA
dA3msUAfR9wPUUoiaSZycMyHvVr66SzM1c5cuF4KYQ6mVGJojJuJUeWgkoyB9rb5
9g5bo3yhTmp/n9Pl3mQL51yx46Uloe4lbDidvMvNzb2KId/ATLa5EwIn0KeTm3Tx
Lo1xBUOxUFmDj+qBXCD4R7ewjEvEf8Pki4JqzSVRyTrsnZDfktFLoB4uUve4bVt6
gw7FC0sRfg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:47:01 2025 by rpki-client