Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/gA9_hFAfJMrWgD8xLPjv2qzLJM4.roa
File: gA9_hFAfJMrWgD8xLPjv2qzLJM4.roa (raw, json)
Hash identifier: GemaLXFjcV3smep1x/k/dmNAFoHgO1sVSttgA9Ts/2k=
Subject key identifier: 80:0F:7F:84:50:1F:24:CA:D6:80:3F:31:2C:F8:EF:DA:AC:CB:24:CE
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019652A7CB2415B1B0A0808750940A043346
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/gA9_hFAfJMrWgD8xLPjv2qzLJM4.roa
Signing time: Sun 20 Apr 2025 10:04:10 +0000
ROA not before: Sun 20 Apr 2025 10:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:52a7:c3aa/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 20 Apr 2025 10:14:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:52:a7:cb:24:15:b1:b0:a0:80:87:50:94:0a:04:33:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 20 10:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=800f7f84501f24cad6803f312cf8efdaaccb24ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e4:33:14:cd:b3:95:29:a7:14:be:26:1f:a1:
72:e2:83:81:81:5a:bd:53:eb:2e:56:8c:06:4c:c1:
d2:68:d3:f4:1e:3e:25:ba:dd:48:21:51:ef:83:68:
6f:f8:26:2a:a7:8c:ed:07:e7:68:2c:94:93:45:36:
f3:16:32:f0:e2:bb:72:50:13:0b:4c:52:f2:dc:19:
ef:5f:ec:b7:d6:8a:25:a2:cf:ea:ff:ea:3f:7a:e6:
0e:6a:52:ed:3c:85:a7:06:c9:ab:c9:cb:55:c6:98:
a2:87:02:50:fe:00:43:33:94:bb:28:e0:e4:00:43:
c2:2b:29:cc:92:e7:ea:a2:6f:94:6a:8a:e2:e5:c4:
f8:2a:35:69:e4:24:8c:fc:37:b5:c7:4a:f1:52:7a:
13:76:22:94:0b:03:f7:d9:d6:64:c3:50:35:96:07:
0d:72:9d:75:bb:c6:6f:55:0e:cf:ef:1d:af:a8:99:
eb:3d:8b:18:b0:4f:a4:16:4e:cf:e8:c0:7c:c9:01:
d2:f3:4f:b3:e8:1b:87:94:d5:1f:17:2f:95:52:60:
14:ff:4c:d0:3c:1b:39:b1:81:4c:84:28:7f:3e:ee:
bb:dc:a4:d8:c5:75:c1:6e:6e:bc:0c:88:bd:b8:d3:
2a:33:70:5a:7d:01:4f:1d:2f:b0:ba:5a:64:92:3d:
c9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:0F:7F:84:50:1F:24:CA:D6:80:3F:31:2C:F8:EF:DA:AC:CB:24:CE
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/gA9_hFAfJMrWgD8xLPjv2qzLJM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:52a7:c3aa/128
Signature Algorithm: sha256WithRSAEncryption
3b:03:77:07:4a:44:7c:e7:25:f4:c0:11:10:47:96:89:2a:54:
ed:a3:b2:c9:eb:37:22:4e:a5:c0:74:e9:45:b0:b2:81:23:58:
33:36:6f:4b:b3:25:96:29:e5:9d:a6:4f:b5:a3:c9:05:d4:d8:
7f:b5:d5:33:24:04:0a:24:b8:dd:e1:8a:7c:69:e2:04:b8:13:
b7:29:10:66:64:da:db:a9:7b:84:b9:85:e3:5f:19:fd:06:1e:
4b:4d:53:b8:1d:4e:a2:67:94:48:b5:de:20:07:13:b8:bd:b5:
8f:b3:5e:a3:2a:e8:de:8d:7f:47:33:fa:60:c3:06:16:12:b6:
9e:b2:1d:ab:7d:fc:ca:cb:f9:4a:73:c1:77:5a:da:99:7b:03:
51:6a:af:5f:34:83:18:a0:03:4d:36:5e:9c:4e:b3:e9:62:1d:
fe:8b:b4:86:67:cd:74:e7:54:29:7a:a5:b4:77:49:ca:ec:cd:
23:17:f0:41:e6:79:3c:49:8d:45:9d:4e:ff:97:6a:cd:a6:a2:
69:7c:5f:2e:28:24:13:b1:49:ee:b6:7e:8a:01:d4:e2:39:43:
c4:1d:7f:7d:a9:93:f6:b0:3f:da:03:19:3f:8c:ea:a4:b3:bf:
8a:9a:1a:1b:b0:2c:f8:e9:74:c4:dc:0c:44:35:c8:45:cf:00:
f1:77:b6:a7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZZSp8skFbGwoICHUJQKBDNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDIwMTAwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDBmN2Y4NDUwMWYyNGNhZDY4MDNmMzEyY2Y4ZWZkYWFjY2IyNGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eQzFM2zlSmnFL4mH6Fy4oOBgVq9
U+suVowGTMHSaNP0Hj4lut1IIVHvg2hv+CYqp4ztB+doLJSTRTbzFjLw4rtyUBML
TFLy3BnvX+y31oolos/q/+o/euYOalLtPIWnBsmryctVxpiihwJQ/gBDM5S7KODk
AEPCKynMkufqom+Uaori5cT4KjVp5CSM/De1x0rxUnoTdiKUCwP32dZkw1A1lgcN
cp11u8ZvVQ7P7x2vqJnrPYsYsE+kFk7P6MB8yQHS80+z6BuHlNUfFy+VUmAU/0zQ
PBs5sYFMhCh/Pu673KTYxXXBbm68DIi9uNMqM3BafQFPHS+wulpkkj3JyQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIAPf4RQHyTK1oA/MSz479qsyyTOMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvZ0E5X2hGQWZKTXJXZ0Q4eExQanYycXpMSk00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWUqfDqjANBgkqhkiG9w0BAQsFAAOCAQEAOwN3B0pEfOcl9MAREEeWiSpU
7aOyyes3Ik6lwHTpRbCygSNYMzZvS7MllinlnaZPtaPJBdTYf7XVMyQECiS43eGK
fGniBLgTtykQZmTa26l7hLmF418Z/QYeS01TuB1OomeUSLXeIAcTuL21j7Neoyro
3o1/RzP6YMMGFhK2nrIdq338ysv5SnPBd1ramXsDUWqvXzSDGKADTTZenE6z6WId
/ou0hmfNdOdUKXqltHdJyuzNIxfwQeZ5PEmNRZ1O/5dqzaaiaXxfLigkE7FJ7rZ+
igHU4jlDxB1/famT9rA/2gMZP4zqpLO/ipoaG7As+Ol0xNwMRDXIRc8A8Xe2pw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:26:33 2025 by rpki-client