Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/fKQ_zf8ZlzgcH11Te-JZ64TOlYM.roa
File: fKQ_zf8ZlzgcH11Te-JZ64TOlYM.roa (raw, json)
Hash identifier: kqI0t9FX50Y9KEWBHgalROUnTxDunjjAksidnrpKusA=
Subject key identifier: 7C:A4:3F:CD:FF:19:97:38:1C:1F:5D:53:7B:E2:59:EB:84:CE:95:83
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01973B131D670E0B67A2C2D83FF700F9614D
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/fKQ_zf8ZlzgcH11Te-JZ64TOlYM.roa
Signing time: Wed 04 Jun 2025 13:13:17 +0000
ROA not before: Wed 04 Jun 2025 13:13:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 04 Jun 2025 14:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3b:13:1d:67:0e:0b:67:a2:c2:d8:3f:f7:00:f9:61:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 4 13:13:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ca43fcdff1997381c1f5d537be259eb84ce9583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:bf:fe:48:5d:f5:cf:6e:af:76:d7:3b:f9:6f:
f8:b5:2a:44:98:59:2f:4b:58:e1:17:3a:d1:d4:2f:
d7:78:c0:13:32:c1:3b:42:97:fd:5f:0c:bf:ad:24:
0c:af:b8:53:cd:b7:b9:c9:6d:ca:91:fc:fa:a1:25:
28:78:7f:60:12:00:14:fa:8a:31:1e:96:a5:d0:0c:
d9:ad:18:e6:32:6d:b0:56:57:60:36:33:67:94:fb:
71:01:0f:43:5f:90:e0:5f:39:86:ac:c4:ad:a2:fa:
c4:d3:04:ad:ae:51:3f:28:24:5a:9c:bf:e7:88:5a:
cd:c3:ac:7b:49:c8:ab:6b:43:9a:ca:52:b7:8d:55:
1e:cf:d9:76:ae:5e:51:70:1a:50:8a:64:aa:7b:f7:
5f:09:d5:70:41:86:50:1c:c5:54:a8:d0:1c:d6:78:
4a:8c:e1:52:9c:b5:35:c9:d5:39:f5:71:46:c7:fb:
3f:e7:3f:df:97:be:4a:0e:57:09:e5:fb:c2:ca:35:
a5:c7:a3:d7:72:bd:6f:ed:af:c5:43:f4:5b:ea:44:
5e:33:fc:d3:46:15:7f:a8:ff:63:d8:29:a9:c2:2b:
da:76:fc:7b:ad:ad:9e:e3:45:9b:37:7b:ca:21:f0:
17:4a:97:ff:08:84:fd:f6:ca:79:28:30:dd:41:0e:
e4:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:A4:3F:CD:FF:19:97:38:1C:1F:5D:53:7B:E2:59:EB:84:CE:95:83
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/fKQ_zf8ZlzgcH11Te-JZ64TOlYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
c6:05:f5:92:a2:88:f8:d9:fc:cc:c8:70:6e:15:7b:ee:1b:e1:
a9:12:fd:6f:16:69:27:77:4f:37:09:41:5e:73:06:ef:bf:4b:
0c:27:ef:8c:f7:8e:32:8c:d2:61:2f:5e:de:09:fd:1b:35:85:
f1:30:2f:fe:16:2a:f2:12:f0:76:61:9e:65:45:f2:34:00:a5:
ff:7f:4d:be:79:bf:36:f4:8a:0c:05:0b:b9:17:e9:4b:9e:ec:
59:cc:2e:49:aa:4e:36:b2:0b:dd:5e:12:93:ba:10:f2:f1:4a:
db:1c:a9:b7:63:d6:18:c7:29:32:f3:8f:f9:30:76:f5:68:7b:
73:0e:34:25:b7:2a:85:78:18:76:dd:e2:2c:f5:0d:f5:2e:bc:
6e:a8:07:73:b3:0c:9b:43:e4:46:3c:9c:64:d1:48:b1:ce:cc:
0c:f4:7f:5d:81:a8:6d:4a:29:49:a0:93:86:14:65:f1:c3:30:
53:04:e1:c5:5c:5b:f1:88:2a:6e:16:90:7b:e7:ab:d6:a7:aa:
ed:a1:cb:3f:34:d1:90:22:a1:af:a5:f4:38:ce:85:22:72:87:
19:a6:db:15:92:99:a3:44:93:c6:45:04:39:63:bf:5b:3b:68:
f6:20:16:4f:37:5c:db:6d:81:8d:3b:68:78:90:51:e3:71:b2:
60:f8:0e:cd
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc7Ex1nDgtnosLYP/cA+WFNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA0MTMxMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2E0M2ZjZGZmMTk5NzM4MWMxZjVkNTM3YmUyNTllYjg0Y2U5NTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwb/+SF31z26vdtc7+W/4tSpEmFkv
S1jhFzrR1C/XeMATMsE7Qpf9Xwy/rSQMr7hTzbe5yW3Kkfz6oSUoeH9gEgAU+oox
Hpal0AzZrRjmMm2wVldgNjNnlPtxAQ9DX5DgXzmGrMStovrE0wStrlE/KCRanL/n
iFrNw6x7Scira0OaylK3jVUez9l2rl5RcBpQimSqe/dfCdVwQYZQHMVUqNAc1nhK
jOFSnLU1ydU59XFGx/s/5z/fl75KDlcJ5fvCyjWlx6PXcr1v7a/FQ/Rb6kReM/zT
RhV/qP9j2Cmpwivadvx7ra2e40WbN3vKIfAXSpf/CIT99sp5KDDdQQ7kHQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFHykP83/GZc4HB9dU3viWeuEzpWDMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvZktRX3pmOFpsemdjSDExVGUtSlo2NFRPbFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAxgX1kqKI+Nn8
zMhwbhV77hvhqRL9bxZpJ3dPNwlBXnMG779LDCfvjPeOMozSYS9e3gn9GzWF8TAv
/hYq8hLwdmGeZUXyNACl/39Nvnm/NvSKDAULuRfpS57sWcwuSapONrIL3V4Sk7oQ
8vFK2xypt2PWGMcpMvOP+TB29Wh7cw40JbcqhXgYdt3iLPUN9S68bqgHc7MMm0Pk
RjycZNFIsc7MDPR/XYGobUopSaCThhRl8cMwUwThxVxb8YgqbhaQe+er1qeq7aHL
PzTRkCKhr6X0OM6FInKHGabbFZKZo0STxkUEOWO/Wzto9iAWTzdc222BjTtoeJBR
43GyYPgOzQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:23:00 2025 by rpki-client