Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/g-aFL3Nm5ztcM1flC2RpwGq9t0g.roa
File: g-aFL3Nm5ztcM1flC2RpwGq9t0g.roa (raw, json)
Hash identifier: U4KMLQyHRoGsZ+vOhfnpfcJhUlv31+kVAyIAQKp3jfU=
Subject key identifier: 83:E6:85:2F:73:66:E7:3B:5C:33:57:E5:0B:64:69:C0:6A:BD:B7:48
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01973D00957A1C86F0BE80CA2D640BECA462
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/g-aFL3Nm5ztcM1flC2RpwGq9t0g.roa
Signing time: Wed 04 Jun 2025 22:12:17 +0000
ROA not before: Wed 04 Jun 2025 22:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 04 Jun 2025 23:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3d:00:95:7a:1c:86:f0:be:80:ca:2d:64:0b:ec:a4:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 4 22:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83e6852f7366e73b5c3357e50b6469c06abdb748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8a:be:14:04:cc:49:e3:02:67:fd:60:b6:b8:
a6:21:37:d7:6e:63:d5:4b:dc:6b:16:b8:1d:5d:d2:
30:99:ba:05:81:6f:ec:62:08:9d:64:0d:d5:d6:ba:
1b:7f:1c:18:03:1a:da:65:fb:b3:6c:9d:ed:cf:28:
1d:9b:7e:ac:d3:89:34:76:f0:74:4d:22:93:fc:f9:
e7:f4:ee:be:85:10:6c:7b:6b:63:5c:46:f7:1f:70:
3f:e9:21:ba:f4:d6:e6:64:89:bd:e5:2e:cc:da:65:
fd:3b:dc:74:c5:aa:97:78:82:60:07:95:a6:36:64:
d1:18:c7:78:4e:29:87:6a:ef:d4:a2:62:42:23:69:
63:68:69:09:5e:9f:33:fb:0d:53:4c:e0:7c:87:12:
15:11:1b:26:c2:70:34:f8:f1:6e:e2:7e:2f:2a:42:
4f:e5:55:4c:df:4d:b5:83:86:b5:2f:b5:02:f8:3d:
03:3d:25:ce:b8:fb:2c:1c:b0:41:18:62:4b:ff:95:
57:57:56:d4:82:6c:39:ba:a4:9e:9f:cd:ce:90:ad:
fa:07:39:fb:4d:9f:98:e1:a8:0e:a4:ca:20:99:cb:
d6:c7:7b:70:7b:a4:62:8c:4f:21:b8:9d:56:c6:39:
34:16:a0:07:82:64:20:bc:59:f9:c7:33:39:74:7c:
27:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:E6:85:2F:73:66:E7:3B:5C:33:57:E5:0B:64:69:C0:6A:BD:B7:48
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/g-aFL3Nm5ztcM1flC2RpwGq9t0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
7a:d3:53:de:de:b9:dc:cc:a2:5f:a4:df:e1:a9:d7:bd:4b:95:
ea:0e:34:55:bb:72:1a:d1:0a:92:71:66:5a:01:a4:7d:f3:57:
58:bd:da:7f:38:b2:11:3d:47:6f:fa:02:61:dc:78:c9:e1:1e:
1e:29:0d:50:2b:d9:ec:34:f1:b4:b1:df:d7:6f:5e:70:06:1b:
64:6e:25:b4:3a:81:3a:bc:a6:b1:81:72:83:ee:72:bd:02:42:
11:ca:8d:ea:f1:9e:de:80:52:b9:16:87:bb:0c:26:34:12:8a:
72:68:36:58:55:5a:07:e0:51:2e:6f:88:6d:9c:4a:91:d8:a8:
9f:20:57:91:74:7c:88:86:03:40:e7:e7:66:a9:39:82:fd:ba:
bc:f5:9b:48:77:c2:14:fc:75:8b:dc:34:55:ae:1b:fa:25:5e:
62:5e:ac:eb:6f:6f:ed:22:00:f1:fc:fb:ad:01:7f:18:d9:40:
7a:4c:07:2e:86:9f:ec:3c:88:16:fa:4d:40:82:d7:63:6b:88:
4c:e4:b7:a1:3f:57:8f:94:08:27:7c:ed:5e:4d:72:c1:42:66:
e1:ca:0a:ca:90:7c:98:33:14:c8:5f:3f:f4:58:9c:a3:2a:75:
af:da:d6:f9:ef:ca:05:a2:95:3f:45:19:c1:e3:b1:ad:58:e9:
c3:57:47:46
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc9AJV6HIbwvoDKLWQL7KRiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA0MjIxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2U2ODUyZjczNjZlNzNiNWMzMzU3ZTUwYjY0NjljMDZhYmRiNzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIq+FATMSeMCZ/1gtrimITfXbmPV
S9xrFrgdXdIwmboFgW/sYgidZA3V1robfxwYAxraZfuzbJ3tzygdm36s04k0dvB0
TSKT/Pnn9O6+hRBse2tjXEb3H3A/6SG69NbmZIm95S7M2mX9O9x0xaqXeIJgB5Wm
NmTRGMd4TimHau/UomJCI2ljaGkJXp8z+w1TTOB8hxIVERsmwnA0+PFu4n4vKkJP
5VVM3021g4a1L7UC+D0DPSXOuPssHLBBGGJL/5VXV1bUgmw5uqSen83OkK36Bzn7
TZ+Y4agOpMogmcvWx3twe6RijE8huJ1Wxjk0FqAHgmQgvFn5xzM5dHwnSQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFIPmhS9zZuc7XDNX5QtkacBqvbdIMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvZy1hRkwzTm01enRjTTFmbEMyUnB3R3E5dDBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAetNT3t653Myi
X6Tf4anXvUuV6g40VbtyGtEKknFmWgGkffNXWL3afziyET1Hb/oCYdx4yeEeHikN
UCvZ7DTxtLHf129ecAYbZG4ltDqBOrymsYFyg+5yvQJCEcqN6vGe3oBSuRaHuwwm
NBKKcmg2WFVaB+BRLm+IbZxKkdionyBXkXR8iIYDQOfnZqk5gv26vPWbSHfCFPx1
i9w0Va4b+iVeYl6s629v7SIA8fz7rQF/GNlAekwHLoaf7DyIFvpNQILXY2uITOS3
oT9Xj5QIJ3ztXk1ywUJm4coKypB8mDMUyF8/9Ficoyp1r9rW+e/KBaKVP0UZweOx
rVjpw1dHRg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:27:46 2025 by rpki-client