Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/hZi0ftkRvrM7YKGreLQ1_6FakIE.roa
File: hZi0ftkRvrM7YKGreLQ1_6FakIE.roa (raw, json)
Hash identifier: i3j9LUImHuG1al4aGE/igtmhGBm2Pz0SjokUe0/lR3w=
Subject key identifier: 85:98:B4:7E:D9:11:BE:B3:3B:60:A1:AB:78:B4:35:FF:A1:5A:90:81
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01972A85B3FAA86FA03E158312F95CB2388F
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/hZi0ftkRvrM7YKGreLQ1_6FakIE.roa
Signing time: Sun 01 Jun 2025 08:04:54 +0000
ROA not before: Sun 01 Jun 2025 08:04:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:2a84:dca6/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 01 Jun 2025 08:12:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2a:85:b3:fa:a8:6f:a0:3e:15:83:12:f9:5c:b2:38:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 1 08:04:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8598b47ed911beb33b60a1ab78b435ffa15a9081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e4:e0:48:1a:56:37:1b:a8:21:5f:5d:c9:c0:
0b:db:4d:73:60:48:ca:fe:ba:26:6c:0a:50:e0:7f:
e8:c7:89:49:d1:78:9e:83:83:40:21:67:9f:1a:b1:
89:48:5c:ff:7f:16:28:ad:f5:07:72:ab:83:2a:f0:
48:8d:df:99:e6:f1:2c:c4:16:75:ae:ce:45:97:4b:
fe:34:60:97:66:7a:77:92:ba:fc:b1:9a:5c:51:c4:
b1:3f:34:16:25:49:94:15:79:f8:d1:b7:4f:08:aa:
8e:22:13:60:a4:a1:ed:57:71:27:a6:5d:10:f5:5e:
5b:d7:da:58:7b:68:fb:8c:f0:09:93:3d:6e:7a:86:
cb:43:23:60:c9:9e:27:e0:88:c6:9a:46:37:63:67:
bb:af:4f:f5:0f:4f:bd:ab:18:f0:29:dc:ef:47:f8:
1a:ae:59:8e:08:a5:92:8f:e8:f7:8c:64:63:42:2a:
e1:d6:d1:e3:35:1d:10:0f:d4:69:e8:01:ee:0a:1a:
b2:c2:8a:a7:65:9f:82:72:af:91:6a:7f:05:7e:af:
8b:6a:89:71:b8:2d:fa:41:c7:53:7f:8d:15:c6:da:
64:c8:82:d4:86:dc:29:62:28:35:b9:2c:1f:cb:d0:
1c:a7:bb:d5:4a:c1:55:36:45:32:a8:64:dc:bd:e2:
b0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:98:B4:7E:D9:11:BE:B3:3B:60:A1:AB:78:B4:35:FF:A1:5A:90:81
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/hZi0ftkRvrM7YKGreLQ1_6FakIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:2a84:dca6/128
Signature Algorithm: sha256WithRSAEncryption
99:91:d2:0d:9b:5d:bd:c2:c5:c6:c6:ee:7e:ea:9c:6f:4d:59:
79:6c:90:e8:de:46:10:90:be:00:36:ec:dd:13:4f:b0:31:e6:
91:e2:ff:d0:1d:45:72:10:1e:2b:a8:7d:80:a5:a7:4e:d3:54:
1e:a6:8a:73:8b:e3:b6:54:1a:e8:45:b9:69:35:cd:7c:9b:ce:
7c:11:fc:9a:73:c5:16:27:23:9d:5a:2d:f8:85:b9:15:ad:d3:
b7:40:6b:32:ec:f6:ab:5b:3c:ff:54:32:bd:b0:c2:fb:e6:50:
30:85:6a:28:3a:d9:89:6f:8b:d0:34:7a:9c:2a:6b:f3:98:ae:
4e:e9:91:5f:71:52:71:88:cc:26:8b:bc:74:f2:25:13:ab:88:
04:4c:57:26:a0:3c:38:30:a7:d1:60:b6:ea:a5:db:37:f9:bc:
88:f9:69:51:f5:be:de:bb:fe:97:4b:d6:9e:6c:21:e8:ac:28:
7a:9f:88:5a:23:d9:da:93:0a:a8:36:80:7a:17:4b:78:7d:61:
1e:0e:3f:81:9f:29:35:c5:a5:8d:5e:fc:4f:45:93:8f:63:97:
40:a1:af:51:90:e9:24:24:ba:5b:23:de:83:07:1d:02:01:5b:
b6:fe:e3:fb:b6:28:db:74:3b:ac:7f:f4:66:29:69:89:74:fd:
73:97:5a:5d
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZcqhbP6qG+gPhWDEvlcsjiPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAxMDgwNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTk4YjQ3ZWQ5MTFiZWIzM2I2MGExYWI3OGI0MzVmZmExNWE5MDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOTgSBpWNxuoIV9dycAL201zYEjK
/rombApQ4H/ox4lJ0Xieg4NAIWefGrGJSFz/fxYorfUHcquDKvBIjd+Z5vEsxBZ1
rs5Fl0v+NGCXZnp3krr8sZpcUcSxPzQWJUmUFXn40bdPCKqOIhNgpKHtV3Enpl0Q
9V5b19pYe2j7jPAJkz1ueobLQyNgyZ4n4IjGmkY3Y2e7r0/1D0+9qxjwKdzvR/ga
rlmOCKWSj+j3jGRjQirh1tHjNR0QD9Rp6AHuChqywoqnZZ+Ccq+Ran8Ffq+Laolx
uC36QcdTf40VxtpkyILUhtwpYig1uSwfy9Acp7vVSsFVNkUyqGTcveKwaQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFIWYtH7ZEb6zO2Chq3i0Nf+hWpCBMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvaFppMGZ0a1J2ck03WUtHcmVMUTFfNkZha0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXKoTcpjANBgkqhkiG9w0BAQsFAAOCAQEAmZHSDZtdvcLF
xsbufuqcb01ZeWyQ6N5GEJC+ADbs3RNPsDHmkeL/0B1FchAeK6h9gKWnTtNUHqaK
c4vjtlQa6EW5aTXNfJvOfBH8mnPFFicjnVot+IW5Fa3Tt0BrMuz2q1s8/1QyvbDC
++ZQMIVqKDrZiW+L0DR6nCpr85iuTumRX3FScYjMJou8dPIlE6uIBExXJqA8ODCn
0WC26qXbN/m8iPlpUfW+3rv+l0vWnmwh6Kwoep+IWiPZ2pMKqDaAehdLeH1hHg4/
gZ8pNcWljV78T0WTj2OXQKGvUZDpJCS6WyPegwcdAgFbtv7j+7Yo23Q7rH/0Zilp
iXT9c5daXQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:02:31 2025 by rpki-client