Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/h_imAJ5WPl0SaftVlh00020dlBc.roa
File: h_imAJ5WPl0SaftVlh00020dlBc.roa (raw, json)
Hash identifier: nbjXJiFUk2qHNigEqrYRRLe1EkQWeMqLk1LkppQFYL4=
Subject key identifier: 87:F8:A6:00:9E:56:3E:5D:12:69:FB:55:96:1D:34:D3:6D:1D:94:17
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196A35701DCF6B3A0D907B859780C98E772
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/h_imAJ5WPl0SaftVlh00020dlBc.roa
Signing time: Tue 06 May 2025 02:05:10 +0000
ROA not before: Tue 06 May 2025 02:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:a356:2b23/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 06 May 2025 02:17:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a3:57:01:dc:f6:b3:a0:d9:07:b8:59:78:0c:98:e7:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 6 02:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87f8a6009e563e5d1269fb55961d34d36d1d9417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:56:e3:6f:83:af:02:93:d8:77:7b:51:50:02:
46:64:6b:bc:d4:a5:6f:f4:ca:58:b4:64:fd:71:e9:
54:cd:92:56:90:80:c7:b0:e6:bc:04:1a:4d:20:8e:
20:fd:0d:19:12:52:20:de:29:a8:16:1f:42:5c:9c:
74:11:40:d6:5f:98:11:3f:3d:5b:42:ed:8e:78:15:
76:61:51:7c:7c:d1:67:da:8a:2f:55:92:42:63:4f:
5a:2a:0a:74:e1:dd:7e:c6:1a:d7:29:44:35:96:58:
93:2d:4b:1b:cb:dc:04:91:f9:d4:38:18:60:14:cc:
ba:53:79:e0:90:ee:a6:e5:1f:41:9d:3b:47:cc:27:
2c:00:b3:d1:3f:49:51:2e:e9:22:d0:e6:a1:7b:90:
84:ed:c8:3c:4b:95:01:8a:e3:7c:80:5e:b1:aa:44:
f8:ed:1d:8c:56:6f:58:4b:65:0a:56:94:aa:e2:5b:
46:6f:d4:cf:6a:01:2f:0b:12:5b:f8:6d:86:08:ae:
89:5f:3b:11:6a:f6:f1:2c:c8:05:3b:6d:e3:57:5b:
15:00:68:a0:28:8a:d3:75:f3:73:a1:61:36:57:1e:
6c:93:44:02:04:91:65:86:c2:1f:d9:48:45:c7:73:
88:96:10:72:fb:b0:e2:ed:8c:ba:05:9a:9a:73:2e:
7c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F8:A6:00:9E:56:3E:5D:12:69:FB:55:96:1D:34:D3:6D:1D:94:17
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/h_imAJ5WPl0SaftVlh00020dlBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:a356:2b23/128
Signature Algorithm: sha256WithRSAEncryption
41:2a:86:33:c5:d4:21:3e:bc:70:13:be:c1:1d:70:17:53:0f:
ea:c4:25:1e:5d:03:c4:27:e5:9e:a1:2f:c7:d4:9a:c2:4b:d7:
d3:6f:53:41:0f:63:ad:79:f3:e3:b6:c7:e7:20:28:72:d8:d0:
f5:e4:79:de:45:dc:e6:18:87:7f:9a:6c:71:c2:81:60:c6:45:
1b:57:06:5c:28:8a:ca:42:c9:bf:f3:fd:6c:a5:47:9b:a8:75:
a1:7b:90:6b:92:22:9f:21:1f:f2:b0:19:cd:3e:13:3a:2e:b3:
83:51:40:f6:9f:61:3e:a1:4a:a6:45:04:b9:1b:7f:a0:f8:e5:
75:00:83:0c:67:0e:f1:b5:e1:b1:e8:12:43:78:91:6c:7f:80:
5d:2f:44:0a:3d:d3:d2:35:74:35:e2:ad:08:1f:2a:c3:17:8d:
d4:ba:d6:cf:65:a8:fb:14:31:1f:81:dc:15:8a:9d:7b:5e:4b:
36:0e:1b:4c:a1:f2:de:e5:83:8d:72:d2:dd:3a:ee:cd:99:fd:
ac:9b:82:04:f0:c6:e2:9c:43:00:ce:47:9a:2b:dc:ab:8d:53:
38:ab:9b:38:60:09:c0:b5:e3:73:01:bd:f0:cf:3d:7f:9e:c9:
39:fa:69:34:f1:45:f4:79:64:0b:36:8f:c4:a9:32:5d:35:ea:
2c:ad:f5:54
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZajVwHc9rOg2Qe4WXgMmOdyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTA2MDIwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Y4YTYwMDllNTYzZTVkMTI2OWZiNTU5NjFkMzRkMzZkMWQ5NDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlbjb4OvApPYd3tRUAJGZGu81KVv
9MpYtGT9celUzZJWkIDHsOa8BBpNII4g/Q0ZElIg3imoFh9CXJx0EUDWX5gRPz1b
Qu2OeBV2YVF8fNFn2oovVZJCY09aKgp04d1+xhrXKUQ1lliTLUsby9wEkfnUOBhg
FMy6U3ngkO6m5R9BnTtHzCcsALPRP0lRLuki0Oahe5CE7cg8S5UBiuN8gF6xqkT4
7R2MVm9YS2UKVpSq4ltGb9TPagEvCxJb+G2GCK6JXzsRavbxLMgFO23jV1sVAGig
KIrTdfNzoWE2Vx5sk0QCBJFlhsIf2UhFx3OIlhBy+7Di7Yy6BZqacy58lQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIf4pgCeVj5dEmn7VZYdNNNtHZQXMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvaF9pbUFKNVdQbDBTYWZ0VmxoMDAwMjBkbEJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWo1YrIzANBgkqhkiG9w0BAQsFAAOCAQEAQSqGM8XUIT68cBO+wR1wF1MP
6sQlHl0DxCflnqEvx9SawkvX029TQQ9jrXnz47bH5yAoctjQ9eR53kXc5hiHf5ps
ccKBYMZFG1cGXCiKykLJv/P9bKVHm6h1oXuQa5IinyEf8rAZzT4TOi6zg1FA9p9h
PqFKpkUEuRt/oPjldQCDDGcO8bXhsegSQ3iRbH+AXS9ECj3T0jV0NeKtCB8qwxeN
1LrWz2Wo+xQxH4HcFYqde15LNg4bTKHy3uWDjXLS3TruzZn9rJuCBPDG4pxDAM5H
mivcq41TOKubOGAJwLXjcwG98M89f57JOfppNPFF9HlkCzaPxKkyXTXqLK31VA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:13:33 2025 by rpki-client