Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/hEiE-f_M5LW9it77iBe8WMvCAmw.roa
File: hEiE-f_M5LW9it77iBe8WMvCAmw.roa (raw, json)
Hash identifier: sskwQKhXYX2aaApYGc2970qu9OXG8m7EFSreHoEL8Iw=
Subject key identifier: 84:48:84:F9:FF:CC:E4:B5:BD:8A:DE:FB:88:17:BC:58:CB:C2:02:6C
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019702D359F0EA2F0C1DF3726ED0AA99A991
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/hEiE-f_M5LW9it77iBe8WMvCAmw.roa
Signing time: Sat 24 May 2025 15:04:54 +0000
ROA not before: Sat 24 May 2025 15:04:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:2d2:8fde/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 24 May 2025 15:12:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:02:d3:59:f0:ea:2f:0c:1d:f3:72:6e:d0:aa:99:a9:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 24 15:04:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=844884f9ffcce4b5bd8adefb8817bc58cbc2026c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:43:ed:23:60:a8:09:d8:e5:9a:62:55:35:2f:
8d:94:f4:4d:f7:e0:fc:99:c0:4f:b3:9b:01:ec:d3:
db:88:97:9a:ee:8f:9d:db:38:90:e6:cb:73:e0:18:
12:f9:13:0e:4b:dc:df:dc:ce:cb:f8:20:96:75:90:
d6:37:6e:7a:6b:bf:d7:27:00:f7:e2:ad:d4:93:a2:
e2:2e:86:48:cd:9f:69:45:47:8f:d4:ab:6a:a7:7e:
70:c5:64:f3:77:44:96:c6:01:31:f3:24:10:d4:34:
5e:b4:5e:50:3c:75:b7:a4:64:b9:2c:bc:22:15:53:
49:49:f7:b9:7b:f0:36:fe:61:fe:8b:3f:37:5c:d2:
5a:ec:3b:7f:00:6a:b6:63:88:8d:97:98:db:26:06:
36:44:34:5e:bc:3e:3a:69:5c:79:2e:ba:3e:44:7d:
0e:39:a4:60:68:23:56:ad:6b:fc:d2:cd:25:6b:80:
17:50:af:5f:bd:db:81:d5:52:c3:87:9c:64:8a:de:
49:b1:d2:58:24:1e:6d:36:e0:03:4c:59:40:e7:70:
7b:48:3a:c7:1d:9c:f9:93:9a:f5:ab:15:ce:08:84:
a9:ea:4b:0e:1c:a5:c3:8a:f2:01:99:a9:ea:71:da:
aa:fe:86:79:f0:7a:d7:f7:41:29:a8:43:de:f6:ab:
ec:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:48:84:F9:FF:CC:E4:B5:BD:8A:DE:FB:88:17:BC:58:CB:C2:02:6C
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/hEiE-f_M5LW9it77iBe8WMvCAmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:2d2:8fde/128
Signature Algorithm: sha256WithRSAEncryption
3b:75:34:96:e9:00:9e:10:7d:2b:06:34:5e:7e:80:fb:5f:d4:
0b:fd:1f:d8:3c:35:33:54:ae:c5:79:bb:c3:78:c4:b1:6d:84:
db:ff:71:57:9a:7c:05:7c:8b:83:3a:89:7d:a7:02:c3:3e:a1:
88:0a:f6:dc:37:63:14:eb:ff:8a:67:bf:b7:02:31:33:2f:07:
d7:52:fc:f9:40:c6:4e:d8:a1:9b:05:f6:61:86:ff:eb:84:05:
f0:d9:8f:ee:8f:17:9d:59:62:d0:de:5d:7d:47:8f:91:e5:5c:
c9:ee:93:66:ce:b9:3f:8f:b8:21:1e:eb:26:2f:28:07:3d:44:
4d:b1:20:69:69:cb:99:76:ed:de:46:a3:a0:35:77:90:50:1f:
1d:d3:f7:82:65:57:a1:49:5f:cd:d2:bd:38:e5:67:66:8a:79:
9c:e1:0e:31:2d:5a:d0:5f:ff:e0:dd:30:20:3d:af:b8:f7:a0:
97:ef:35:10:7e:71:6f:0d:7d:e6:18:1a:43:f1:d5:b5:2a:27:
83:48:98:2f:07:d6:b4:a1:46:84:ff:e0:91:49:10:0c:73:26:
71:a2:45:fd:c1:7e:e2:d5:ee:32:93:21:1b:0e:f6:88:30:95:
b7:9d:2e:14:19:06:b9:a6:09:6b:4b:57:d4:a3:ba:20:24:fa:
b0:24:33:cd
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZcC01nw6i8MHfNybtCqmamRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI0MTUwNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDQ4ODRmOWZmY2NlNGI1YmQ4YWRlZmI4ODE3YmM1OGNiYzIwMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUPtI2CoCdjlmmJVNS+NlPRN9+D8
mcBPs5sB7NPbiJea7o+d2ziQ5stz4BgS+RMOS9zf3M7L+CCWdZDWN256a7/XJwD3
4q3Uk6LiLoZIzZ9pRUeP1Ktqp35wxWTzd0SWxgEx8yQQ1DRetF5QPHW3pGS5LLwi
FVNJSfe5e/A2/mH+iz83XNJa7Dt/AGq2Y4iNl5jbJgY2RDRevD46aVx5Lro+RH0O
OaRgaCNWrWv80s0la4AXUK9fvduB1VLDh5xkit5JsdJYJB5tNuADTFlA53B7SDrH
HZz5k5r1qxXOCISp6ksOHKXDivIBmanqcdqq/oZ58HrX90EpqEPe9qvsZwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIRIhPn/zOS1vYre+4gXvFjLwgJsMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvaEVpRS1mX001TFc5aXQ3N2lCZThXTXZDQW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlwLSj94wDQYJKoZIhvcNAQELBQADggEB
ADt1NJbpAJ4QfSsGNF5+gPtf1Av9H9g8NTNUrsV5u8N4xLFthNv/cVeafAV8i4M6
iX2nAsM+oYgK9tw3YxTr/4pnv7cCMTMvB9dS/PlAxk7YoZsF9mGG/+uEBfDZj+6P
F51ZYtDeXX1Hj5HlXMnuk2bOuT+PuCEe6yYvKAc9RE2xIGlpy5l27d5Go6A1d5BQ
Hx3T94JlV6FJX83SvTjlZ2aKeZzhDjEtWtBf/+DdMCA9r7j3oJfvNRB+cW8NfeYY
GkPx1bUqJ4NImC8H1rShRoT/4JFJEAxzJnGiRf3BfuLV7jKTIRsO9ogwlbedLhQZ
BrmmCWtLV9SjuiAk+rAkM80=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:00:15 2025 by rpki-client