Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/hBTknoUxyh-noThLf_8BuNLSNr8.roa
File: hBTknoUxyh-noThLf_8BuNLSNr8.roa (raw, json)
Hash identifier: YybP3ztt8yvouUt2jumbEWvAGRYvXwW3fsLtphotnAc=
Subject key identifier: 84:14:E4:9E:85:31:CA:1F:A7:A1:38:4B:7F:FF:01:B8:D2:D2:36:BF
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019747F21A06AC2A3C82C6B4E78A7D5FBE2A
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/hBTknoUxyh-noThLf_8BuNLSNr8.roa
Signing time: Sat 07 Jun 2025 01:12:18 +0000
ROA not before: Sat 07 Jun 2025 01:12:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 07 Jun 2025 02:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:47:f2:1a:06:ac:2a:3c:82:c6:b4:e7:8a:7d:5f:be:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 7 01:12:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8414e49e8531ca1fa7a1384b7fff01b8d2d236bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:25:41:f0:e9:77:e9:97:1a:9c:9d:2e:b5:4b:
93:40:76:6b:7a:73:19:e1:70:19:dc:f8:97:c2:14:
3b:6d:62:e6:de:26:2d:39:03:a9:fb:fd:41:06:1c:
1b:97:69:88:99:4e:c6:ee:8b:ce:d0:81:5e:28:18:
a8:70:56:58:11:ca:1e:3d:6b:06:e5:2d:8c:06:ed:
66:af:39:ac:f9:80:3a:30:ce:0e:87:76:8b:bc:e5:
8e:ac:0e:4f:90:e6:51:27:5f:42:02:c2:dc:7a:9c:
0f:7e:93:b3:55:ac:f0:77:4a:41:a6:78:2d:48:7b:
57:1b:88:14:3b:65:f9:aa:d4:dd:38:44:42:42:5d:
1a:5a:52:e5:09:a2:75:91:71:59:a9:bf:01:83:a5:
c7:ec:fd:48:c6:46:1d:6c:e2:12:a4:16:cd:5a:75:
77:35:11:2b:0f:42:33:ec:88:8f:ba:4a:94:5d:40:
c0:7f:20:21:a7:7e:25:ec:a2:9e:8c:b8:3e:5c:c5:
e4:20:71:28:73:84:b2:bb:78:78:be:0a:28:eb:d9:
19:a2:a7:e3:c9:ef:d1:c0:5b:f1:5a:92:89:9b:58:
64:d8:3a:57:29:2d:fc:36:0d:7a:7a:b1:12:e2:03:
f7:85:db:3a:3d:9e:ed:83:16:63:c5:35:4e:ea:02:
fb:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:14:E4:9E:85:31:CA:1F:A7:A1:38:4B:7F:FF:01:B8:D2:D2:36:BF
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/hBTknoUxyh-noThLf_8BuNLSNr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
a1:59:cf:31:8a:2b:ba:15:74:74:67:de:5b:e7:24:7d:72:d7:
7c:0e:4b:cf:a6:de:ff:8a:7b:9e:d2:1c:b1:f2:fd:dc:df:62:
49:09:fc:b3:0f:6a:d7:ff:0a:6f:0f:d9:eb:6d:9c:4d:d5:14:
36:98:75:28:1c:ca:39:b6:34:c5:cb:dd:25:69:65:13:4e:a3:
99:ac:d8:ae:ed:a7:d2:4f:9b:31:89:73:a0:d2:0e:84:30:46:
df:4c:5e:41:4a:89:dd:47:58:32:db:d6:e2:ec:c2:7a:e8:0b:
85:14:33:b1:02:b7:40:e0:60:46:e1:80:65:6c:4e:eb:12:a0:
cb:fc:59:cc:7c:d8:04:70:6d:28:20:e3:06:91:12:8f:c4:16:
85:46:63:15:73:fa:20:80:bb:d9:c5:59:a2:e9:04:3e:34:db:
03:ab:f5:7d:48:dd:df:38:cf:57:0d:35:21:7f:1e:c2:2a:6d:
7e:f9:71:1b:a0:37:ea:0f:ac:6f:74:90:2d:18:9a:03:e5:0c:
95:4a:f8:4e:de:7d:25:64:7b:a2:61:09:33:e0:53:2e:a8:bb:
2c:40:d6:72:4c:a3:1f:d6:f1:0c:ce:cb:d5:01:18:92:67:0c:
1e:a2:7c:f3:1e:72:d3:07:5e:f1:eb:78:33:de:ff:18:c1:e8:
d8:2a:b5:fd
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZdH8hoGrCo8gsa054p9X74qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA3MDExMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDE0ZTQ5ZTg1MzFjYTFmYTdhMTM4NGI3ZmZmMDFiOGQyZDIzNmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyVB8Ol36ZcanJ0utUuTQHZrenMZ
4XAZ3PiXwhQ7bWLm3iYtOQOp+/1BBhwbl2mImU7G7ovO0IFeKBiocFZYEcoePWsG
5S2MBu1mrzms+YA6MM4Oh3aLvOWOrA5PkOZRJ19CAsLcepwPfpOzVazwd0pBpngt
SHtXG4gUO2X5qtTdOERCQl0aWlLlCaJ1kXFZqb8Bg6XH7P1IxkYdbOISpBbNWnV3
NRErD0Iz7IiPukqUXUDAfyAhp34l7KKejLg+XMXkIHEoc4Syu3h4vgoo69kZoqfj
ye/RwFvxWpKJm1hk2DpXKS38Ng16erES4gP3hds6PZ7tgxZjxTVO6gL7TwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFIQU5J6FMcofp6E4S3//AbjS0ja/MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvaEJUa25vVXh5aC1ub1RoTGZfOEJ1TkxTTnI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAoVnPMYoruhV0
dGfeW+ckfXLXfA5Lz6be/4p7ntIcsfL93N9iSQn8sw9q1/8Kbw/Z622cTdUUNph1
KBzKObY0xcvdJWllE06jmazYru2n0k+bMYlzoNIOhDBG30xeQUqJ3UdYMtvW4uzC
eugLhRQzsQK3QOBgRuGAZWxO6xKgy/xZzHzYBHBtKCDjBpESj8QWhUZjFXP6IIC7
2cVZoukEPjTbA6v1fUjd3zjPVw01IX8ewiptfvlxG6A36g+sb3SQLRiaA+UMlUr4
Tt59JWR7omEJM+BTLqi7LEDWckyjH9bxDM7L1QEYkmcMHqJ88x5y0wde8et4M97/
GMHo2Cq1/Q==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:13:16 2025 by rpki-client