Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/gfKIxBha-JGCf4olLKKk6i0w7Qo.roa
File: gfKIxBha-JGCf4olLKKk6i0w7Qo.roa (raw, json)
Hash identifier: dw8CLg09WnjNLPnJZjh5aidyI/U+CM0R4MrvgQi8vBY=
Subject key identifier: 81:F2:88:C4:18:5A:F8:91:82:7F:8A:25:2C:A2:A4:EA:2D:30:ED:0A
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01970D5F3D899821DB39BF7F6EBC84C7FEF3
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/gfKIxBha-JGCf4olLKKk6i0w7Qo.roa
Signing time: Mon 26 May 2025 16:13:54 +0000
ROA not before: Mon 26 May 2025 16:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 26 May 2025 17:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0d:5f:3d:89:98:21:db:39:bf:7f:6e:bc:84:c7:fe:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 26 16:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81f288c4185af891827f8a252ca2a4ea2d30ed0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ff:d6:9c:46:d0:7e:94:21:66:2c:be:1f:69:
ab:19:02:09:17:4c:c9:0a:00:a8:84:71:77:16:d1:
7c:60:d9:94:17:c0:45:3f:87:fa:c3:b9:b6:57:30:
d2:b2:8f:6a:b4:fe:7a:1e:cf:37:57:45:72:6c:66:
66:ac:5b:bf:e9:0f:87:78:64:1f:b9:81:ee:db:db:
22:d2:ab:2a:91:00:72:d6:a6:48:ab:ec:70:2e:ac:
4e:6c:f9:54:0f:83:11:8c:0d:72:72:39:c5:9e:b1:
5f:06:db:06:53:93:7a:ea:dd:78:ee:89:18:cd:6d:
1b:cd:68:5d:19:1f:69:61:47:56:ab:f9:06:8f:7b:
e7:dc:b6:bd:9e:67:2b:eb:28:9c:d2:1f:2d:f3:73:
d5:82:4c:9a:b8:ed:4d:42:fb:81:99:59:e5:35:8b:
db:be:bd:67:2d:3f:55:4e:69:84:99:8e:28:5e:e0:
dd:9d:ee:cc:fa:45:b1:3c:84:85:1f:72:6f:8a:95:
89:4d:1e:ec:00:a5:f1:39:50:1c:56:40:97:0d:bc:
b8:fc:3b:19:1f:72:6c:ed:70:b5:d1:b5:32:a3:ff:
ab:0f:c9:ee:2c:8a:5e:20:6b:b8:96:14:05:23:f2:
38:01:c1:2b:63:dd:fd:c8:09:be:4c:34:e1:6d:35:
f3:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:F2:88:C4:18:5A:F8:91:82:7F:8A:25:2C:A2:A4:EA:2D:30:ED:0A
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/gfKIxBha-JGCf4olLKKk6i0w7Qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
66:a5:f5:d9:92:20:16:f7:83:12:6b:5a:2e:a9:76:de:83:49:
47:db:e3:b3:8c:42:af:05:4a:73:cd:cb:d7:50:60:c5:fd:b6:
bd:fc:92:27:42:f8:2b:b2:05:82:64:e6:7e:7b:fa:ed:de:a6:
09:f2:b0:95:bf:28:33:80:27:b5:e6:7c:96:d6:fd:25:f1:ad:
75:04:1c:91:02:3e:bd:de:f1:45:0e:7c:cc:a2:49:f6:c3:e7:
a9:97:f5:27:1b:69:9d:ae:a2:20:b7:cf:89:1b:1d:22:58:eb:
08:93:62:98:dd:b1:43:c5:b5:b2:79:63:86:eb:37:4b:b8:e3:
fd:ea:4d:0b:9a:aa:d7:49:f7:ad:6b:0c:1e:c7:ee:46:63:68:
d5:f0:2a:9b:2b:ac:db:6f:f7:24:64:43:1d:e9:83:1d:21:3d:
3f:84:fa:3e:36:66:17:8d:0c:b6:fc:d2:3d:56:d7:13:da:9d:
41:80:25:9d:62:16:b7:15:a5:fe:11:6d:5e:d9:55:ab:6e:24:
ba:aa:c5:77:9a:72:1a:69:95:b4:6f:be:96:cb:70:45:41:e2:
1d:9f:79:e6:33:dd:38:43:cd:af:0b:34:ad:19:25:b4:c2:a3:
fc:46:da:7d:99:83:af:3d:3a:63:9c:4c:80:9b:69:fe:d1:b2:
79:c5:0f:ca
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZcNXz2JmCHbOb9/bryEx/7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI2MTYxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWYyODhjNDE4NWFmODkxODI3ZjhhMjUyY2EyYTRlYTJkMzBlZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApf/WnEbQfpQhZiy+H2mrGQIJF0zJ
CgCohHF3FtF8YNmUF8BFP4f6w7m2VzDSso9qtP56Hs83V0VybGZmrFu/6Q+HeGQf
uYHu29si0qsqkQBy1qZIq+xwLqxObPlUD4MRjA1ycjnFnrFfBtsGU5N66t147okY
zW0bzWhdGR9pYUdWq/kGj3vn3La9nmcr6yic0h8t83PVgkyauO1NQvuBmVnlNYvb
vr1nLT9VTmmEmY4oXuDdne7M+kWxPISFH3JvipWJTR7sAKXxOVAcVkCXDby4/DsZ
H3Js7XC10bUyo/+rD8nuLIpeIGu4lhQFI/I4AcErY939yAm+TDThbTXzTwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIHyiMQYWviRgn+KJSyipOotMO0KMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvZ2ZLSXhCaGEtSkdDZjRvbExLS2s2aTB3N1FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAZqX12ZIgFveDEmtaLql23oNJ
R9vjs4xCrwVKc83L11Bgxf22vfySJ0L4K7IFgmTmfnv67d6mCfKwlb8oM4AnteZ8
ltb9JfGtdQQckQI+vd7xRQ58zKJJ9sPnqZf1Jxtpna6iILfPiRsdIljrCJNimN2x
Q8W1snljhus3S7jj/epNC5qq10n3rWsMHsfuRmNo1fAqmyus22/3JGRDHemDHSE9
P4T6PjZmF40MtvzSPVbXE9qdQYAlnWIWtxWl/hFtXtlVq24kuqrFd5pyGmmVtG++
lstwRUHiHZ955jPdOEPNrws0rRkltMKj/EbafZmDrz06Y5xMgJtp/tGyecUPyg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:39:41 2025 by rpki-client