Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/gzmlsZTx8BYCUwlABGEKtHgP0wQ.roa
File: gzmlsZTx8BYCUwlABGEKtHgP0wQ.roa (raw, json)
Hash identifier: uHKmPIllrD8qTq4C9478YkdJdAdCvJ5g73uyG3z823k=
Subject key identifier: 83:39:A5:B1:94:F1:F0:16:02:53:09:40:04:61:0A:B4:78:0F:D3:04
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01973F5EA950840548DBD3FA6377ED1D56EF
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/gzmlsZTx8BYCUwlABGEKtHgP0wQ.roa
Signing time: Thu 05 Jun 2025 09:14:17 +0000
ROA not before: Thu 05 Jun 2025 09:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 05 Jun 2025 10:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:5e:a9:50:84:05:48:db:d3:fa:63:77:ed:1d:56:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 5 09:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8339a5b194f1f0160253094004610ab4780fd304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:85:f9:26:c2:c5:96:e9:ee:b5:4b:54:ab:06:
e4:c2:f7:07:61:1c:b1:a1:9c:16:eb:1e:65:f3:38:
12:cb:89:e2:37:67:87:00:0f:b3:92:af:55:f9:e7:
e0:9f:65:21:39:9e:6b:f7:53:96:ba:7b:f6:e9:3d:
38:ef:5e:d3:26:00:09:eb:5c:2d:21:82:3b:d8:d1:
fd:d6:41:ed:02:a8:29:0f:9e:ff:04:b2:6a:78:dd:
2d:8f:df:99:25:93:4e:30:73:3b:56:93:43:c7:5f:
cf:6c:66:a2:4c:23:0a:31:76:2c:3c:79:2f:be:02:
67:8f:e9:ea:bd:1f:6d:a6:2f:5d:d0:5f:d9:b6:4b:
0b:51:9c:66:ea:a8:eb:c8:0c:9e:b9:fe:de:fb:18:
48:c5:6c:ef:e5:ad:2f:27:0e:67:13:06:70:94:d1:
38:28:7e:3d:96:fd:40:cc:3f:16:b9:10:e6:51:2d:
74:e3:17:ca:7f:99:d3:ca:3c:a7:e5:f7:9e:21:89:
10:ab:4a:b4:b1:51:d6:69:b3:b5:87:8b:47:88:1d:
95:d4:06:43:82:a4:a7:36:f3:0e:34:1a:e6:0b:30:
a9:6b:5e:b3:9d:cb:92:dd:f8:52:33:66:19:bd:1e:
51:d0:64:35:7f:cc:de:4f:87:73:a2:62:a8:cd:c0:
73:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:39:A5:B1:94:F1:F0:16:02:53:09:40:04:61:0A:B4:78:0F:D3:04
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/gzmlsZTx8BYCUwlABGEKtHgP0wQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
56:4d:ff:80:f7:87:f5:a3:f2:7e:2f:67:96:65:77:9f:74:bc:
a6:3c:74:ef:1d:82:9e:6f:0c:c0:35:81:9c:6a:b8:e4:63:c8:
de:e5:8b:85:3c:83:60:0e:3c:52:59:d2:15:9b:db:f5:25:f5:
52:4a:71:5b:df:af:27:f8:4e:3d:e1:bd:54:84:50:1e:a4:df:
6e:df:bf:48:45:7b:fe:7c:14:4b:d1:8e:ec:96:a0:e1:56:c9:
07:2a:26:77:d0:d4:d4:8e:88:a5:77:09:0b:7e:18:90:e0:56:
26:a3:16:de:2f:4c:35:94:41:c2:8d:75:bd:67:c1:09:f9:78:
eb:6b:45:75:bb:2b:48:57:ee:fa:d8:66:14:e4:d2:80:b8:0a:
17:a7:87:a3:ff:e7:9d:f2:24:60:24:01:37:b5:5a:a7:0c:99:
c3:10:5e:29:ac:9f:10:58:1e:68:be:ee:10:e5:0f:70:5d:43:
5a:5c:de:ed:2c:92:a7:e0:a6:b9:61:82:27:2d:59:97:4d:82:
b5:bd:37:ca:f5:b6:ce:f9:75:4f:6c:61:31:b5:c6:7c:40:b8:
1e:46:c6:c8:c2:ae:e5:74:aa:a5:df:2f:a9:e7:1f:ac:7e:52:
f6:a8:27:50:c4:22:67:d7:b7:e6:f7:87:58:84:15:7a:65:f2:
09:69:64:5b
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZc/XqlQhAVI29P6Y3ftHVbvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA1MDkxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzM5YTViMTk0ZjFmMDE2MDI1MzA5NDAwNDYxMGFiNDc4MGZkMzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IX5JsLFlunutUtUqwbkwvcHYRyx
oZwW6x5l8zgSy4niN2eHAA+zkq9V+efgn2UhOZ5r91OWunv26T04717TJgAJ61wt
IYI72NH91kHtAqgpD57/BLJqeN0tj9+ZJZNOMHM7VpNDx1/PbGaiTCMKMXYsPHkv
vgJnj+nqvR9tpi9d0F/ZtksLUZxm6qjryAyeuf7e+xhIxWzv5a0vJw5nEwZwlNE4
KH49lv1AzD8WuRDmUS104xfKf5nTyjyn5feeIYkQq0q0sVHWabO1h4tHiB2V1AZD
gqSnNvMONBrmCzCpa16zncuS3fhSM2YZvR5R0GQ1f8zeT4dzomKozcBzfQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFIM5pbGU8fAWAlMJQARhCrR4D9MEMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvZ3ptbHNaVHg4QllDVXdsQUJHRUt0SGdQMHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAVk3/gPeH9aPy
fi9nlmV3n3S8pjx07x2Cnm8MwDWBnGq45GPI3uWLhTyDYA48UlnSFZvb9SX1Ukpx
W9+vJ/hOPeG9VIRQHqTfbt+/SEV7/nwUS9GO7Jag4VbJByomd9DU1I6IpXcJC34Y
kOBWJqMW3i9MNZRBwo11vWfBCfl462tFdbsrSFfu+thmFOTSgLgKF6eHo//nnfIk
YCQBN7VapwyZwxBeKayfEFgeaL7uEOUPcF1DWlze7SySp+CmuWGCJy1Zl02Ctb03
yvW2zvl1T2xhMbXGfEC4HkbGyMKu5XSqpd8vqecfrH5S9qgnUMQiZ9e35veHWIQV
emXyCWlkWw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:53:37 2025 by rpki-client