Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/g8vtylgApEScqGvRt9eLC4wl-f8.roa
File: g8vtylgApEScqGvRt9eLC4wl-f8.roa (raw, json)
Hash identifier: DcWZeGIFXRyxZA8bK5PeV76MGhGVkJ7BdR6H8L8g6LE=
Subject key identifier: 83:CB:ED:CA:58:00:A4:44:9C:A8:6B:D1:B7:D7:8B:0B:8C:25:F9:FF
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01972C0CA1CEA46C04333F86829DDEDEDF66
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/g8vtylgApEScqGvRt9eLC4wl-f8.roa
Signing time: Sun 01 Jun 2025 15:11:54 +0000
ROA not before: Sun 01 Jun 2025 15:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 01 Jun 2025 16:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2c:0c:a1:ce:a4:6c:04:33:3f:86:82:9d:de:de:df:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 1 15:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83cbedca5800a4449ca86bd1b7d78b0b8c25f9ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5e:80:d7:8e:6b:c3:35:30:53:db:de:b9:31:
f6:77:be:6e:db:d7:f1:c8:62:4c:23:d5:ae:f8:98:
ef:40:b6:84:28:e2:c0:ce:21:66:01:63:15:af:f1:
ee:8b:9d:a0:3d:96:2b:ad:4e:db:fe:42:94:78:f1:
ae:2e:1b:57:42:09:1d:b3:0b:84:dc:76:ba:a4:1a:
c8:b9:6a:06:5f:57:68:98:f9:44:b0:79:4d:a1:d5:
b8:8f:e3:86:a1:b2:e5:2d:26:6a:ad:29:c3:cf:a9:
46:64:0d:8d:c4:5c:4b:65:d9:4b:ac:17:13:ae:6c:
6a:d6:17:64:c8:82:26:df:31:83:2d:06:b5:18:84:
76:2e:8a:87:54:11:22:ac:a0:0a:a1:be:89:79:df:
28:85:90:19:86:e2:81:05:9f:51:29:b6:e4:1a:e3:
6b:2e:cc:e2:a5:83:1b:34:a5:c1:42:d1:eb:64:e9:
92:9f:5a:1e:2b:96:36:e7:b0:d3:e3:d2:bf:5d:43:
7a:bc:84:f6:50:4d:8f:d4:b5:51:5e:80:cc:18:29:
44:18:4a:62:7e:32:1f:4f:f6:d2:58:66:14:bd:ba:
02:d3:81:3e:8e:bb:dd:18:a6:cd:ad:78:cd:2f:94:
0f:2d:80:8b:74:82:66:ea:a1:11:fc:de:04:28:72:
6b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:CB:ED:CA:58:00:A4:44:9C:A8:6B:D1:B7:D7:8B:0B:8C:25:F9:FF
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/g8vtylgApEScqGvRt9eLC4wl-f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
7a:b7:06:1d:8d:fd:98:01:fd:88:6e:cc:d3:e6:7f:88:0a:2d:
42:e6:92:12:d2:a4:58:22:25:09:50:f2:65:75:48:09:dd:47:
60:af:10:9d:35:6c:0b:fa:ad:cc:37:ca:f3:be:89:3c:c6:55:
88:30:6c:ff:31:a8:96:58:a6:9f:59:0b:c2:44:56:ae:dd:a1:
c0:81:17:4f:b2:2a:5f:42:2f:6a:28:82:b7:56:3e:21:32:07:
3f:36:d4:03:6c:b6:6f:c4:fc:95:fb:a1:6a:be:18:dd:50:29:
92:f2:6e:5d:68:7a:41:12:bb:36:d5:22:01:82:86:26:da:2c:
e2:08:da:4a:ff:05:3b:d7:8a:91:27:b4:73:c3:7b:11:54:f9:
0d:1e:91:c8:8c:c8:1a:ac:7f:90:01:9d:1f:7b:fd:c5:bb:08:
4a:f0:e4:a5:2e:59:02:39:88:e4:82:d1:3a:0d:ff:09:c1:9a:
36:cb:3e:76:96:2a:6a:cd:38:b0:93:d3:29:77:af:84:ee:45:
b9:15:c4:b8:92:75:01:3b:34:a8:06:f4:1a:f3:98:e2:48:6c:
1c:80:c3:19:a2:6d:69:58:35:94:2f:b0:dc:88:15:9a:e4:df:
1b:2f:e9:ff:9c:69:e0:7d:1d:69:b0:7d:9e:d0:de:b2:4e:ee:
f1:43:41:af
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcsDKHOpGwEMz+Ggp3e3t9mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAxMTUxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2NiZWRjYTU4MDBhNDQ0OWNhODZiZDFiN2Q3OGIwYjhjMjVmOWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz16A145rwzUwU9veuTH2d75u29fx
yGJMI9Wu+JjvQLaEKOLAziFmAWMVr/Hui52gPZYrrU7b/kKUePGuLhtXQgkdswuE
3Ha6pBrIuWoGX1domPlEsHlNodW4j+OGobLlLSZqrSnDz6lGZA2NxFxLZdlLrBcT
rmxq1hdkyIIm3zGDLQa1GIR2LoqHVBEirKAKob6Jed8ohZAZhuKBBZ9RKbbkGuNr
LszipYMbNKXBQtHrZOmSn1oeK5Y257DT49K/XUN6vIT2UE2P1LVRXoDMGClEGEpi
fjIfT/bSWGYUvboC04E+jrvdGKbNrXjNL5QPLYCLdIJm6qER/N4EKHJr+QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFIPL7cpYAKREnKhr0bfXiwuMJfn/MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvZzh2dHlsZ0FwRVNjcUd2UnQ5ZUxDNHdsLWY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQB6twYdjf2YAf2IbszT5n+ICi1C5pIS0qRYIiUJ
UPJldUgJ3UdgrxCdNWwL+q3MN8rzvok8xlWIMGz/MaiWWKafWQvCRFau3aHAgRdP
sipfQi9qKIK3Vj4hMgc/NtQDbLZvxPyV+6FqvhjdUCmS8m5daHpBErs21SIBgoYm
2iziCNpK/wU714qRJ7Rzw3sRVPkNHpHIjMgarH+QAZ0fe/3FuwhK8OSlLlkCOYjk
gtE6Df8JwZo2yz52lipqzTiwk9Mpd6+E7kW5FcS4knUBOzSoBvQa85jiSGwcgMMZ
om1pWDWUL7DciBWa5N8bL+n/nGngfR1psH2e0N6yTu7xQ0Gv
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:12:57 2025 by rpki-client