Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/hvoyOt4jLF5sfKaL-Sh_prrkhAM.roa
File: hvoyOt4jLF5sfKaL-Sh_prrkhAM.roa (raw, json)
Hash identifier: Vg38Lte9Lud+C6jQrdBJh2PercOCWXB8DP+iC7Na9FE=
Subject key identifier: 86:FA:32:3A:DE:23:2C:5E:6C:7C:A6:8B:F9:28:7F:A6:BA:E4:84:03
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01969BD466D0FB787AB81F6129A5E5E96327
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/hvoyOt4jLF5sfKaL-Sh_prrkhAM.roa
Signing time: Sun 04 May 2025 15:05:10 +0000
ROA not before: Sun 04 May 2025 15:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:9bd3:806c/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 04 May 2025 15:15:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9b:d4:66:d0:fb:78:7a:b8:1f:61:29:a5:e5:e9:63:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 4 15:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86fa323ade232c5e6c7ca68bf9287fa6bae48403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:56:1c:29:e7:e0:54:34:77:e8:c8:7d:4f:55:
9f:7f:87:f5:69:5b:f3:58:08:37:2f:8e:77:f0:58:
d9:bc:b4:e5:a3:1b:33:af:b9:9b:2f:c6:9a:89:de:
dd:9c:3b:1d:9b:d2:f8:e6:b0:cf:ef:2f:2f:8e:40:
4e:ad:d2:7b:d2:cd:79:52:a0:8f:19:21:e3:72:d8:
a4:46:f2:dd:35:96:4f:31:cc:82:5e:e4:fe:48:78:
f0:61:8b:6f:0b:ff:66:67:49:42:b8:da:19:4f:14:
70:d1:52:a2:98:21:a8:76:4f:b8:81:60:0b:87:f5:
0a:dc:f4:c6:8e:32:c5:9b:dc:dd:32:2e:75:3f:60:
17:68:5d:ba:bc:b0:31:4d:9d:e0:5a:95:02:d4:0c:
c8:73:7e:20:b9:24:1e:29:a2:ac:c9:b9:2e:1d:b5:
4d:19:e4:2d:e6:3c:15:49:92:c7:59:82:ff:02:ff:
14:a4:bd:46:2a:03:bd:85:44:88:c4:4e:fd:f4:a6:
0d:a1:7c:d5:bb:3b:aa:60:56:00:5d:c4:9e:3b:34:
da:b9:03:07:81:66:de:15:69:d0:91:25:fe:12:99:
7b:b8:70:3c:77:2a:53:d1:7e:c5:0b:ee:79:9b:7f:
df:c0:be:30:ee:ba:d0:39:b4:9f:c2:c9:51:a0:19:
0d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:FA:32:3A:DE:23:2C:5E:6C:7C:A6:8B:F9:28:7F:A6:BA:E4:84:03
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/hvoyOt4jLF5sfKaL-Sh_prrkhAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:9bd3:806c/128
Signature Algorithm: sha256WithRSAEncryption
52:fe:d0:9a:96:3f:68:d9:61:46:8c:a4:48:53:2b:5a:d5:06:
db:10:16:3e:d2:86:91:b9:95:89:ce:60:54:c7:d9:20:29:22:
40:14:02:a4:ce:c9:3e:b0:0d:06:08:08:91:e0:81:28:31:a0:
3e:f5:df:24:02:3b:dc:96:32:42:cd:e8:51:80:e6:ed:76:be:
c1:4f:bb:14:d9:3a:ec:6d:e9:4b:86:5d:10:72:8c:c5:ee:cf:
48:5e:f0:47:48:97:56:a4:5c:fb:19:f0:ad:96:7a:85:81:0f:
2f:52:d4:89:05:74:8c:ff:cd:d6:74:31:95:0b:95:05:72:ae:
9f:17:dc:02:75:30:0a:1c:bc:ab:17:29:8b:8a:2e:d1:33:69:
4e:3f:3a:f9:94:e9:bb:28:9b:2e:87:eb:f8:0e:30:e8:b4:30:
4b:81:2b:45:1b:82:d1:1d:5f:df:f8:5e:f7:2e:b3:c1:1d:85:
a5:82:32:76:91:45:ba:da:4b:e3:68:9c:cf:18:b4:d2:69:fa:
43:6d:63:df:b6:3c:45:fc:1f:38:2c:b4:43:01:42:b5:17:9e:
90:66:4f:74:2d:b8:dc:39:1e:18:d4:3b:26:da:69:5f:49:41:
e0:f9:c5:76:89:fc:7f:18:51:05:bc:6e:f4:27:33:9d:ac:2f:
c6:a8:6b:57
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZab1GbQ+3h6uB9hKaXl6WMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTA0MTUwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmZhMzIzYWRlMjMyYzVlNmM3Y2E2OGJmOTI4N2ZhNmJhZTQ4NDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylYcKefgVDR36Mh9T1Wff4f1aVvz
WAg3L4538FjZvLTloxszr7mbL8aaid7dnDsdm9L45rDP7y8vjkBOrdJ70s15UqCP
GSHjctikRvLdNZZPMcyCXuT+SHjwYYtvC/9mZ0lCuNoZTxRw0VKimCGodk+4gWAL
h/UK3PTGjjLFm9zdMi51P2AXaF26vLAxTZ3gWpUC1AzIc34guSQeKaKsybkuHbVN
GeQt5jwVSZLHWYL/Av8UpL1GKgO9hUSIxE799KYNoXzVuzuqYFYAXcSeOzTauQMH
gWbeFWnQkSX+Epl7uHA8dypT0X7FC+55m3/fwL4w7rrQObSfwslRoBkNEwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIb6MjreIyxebHymi/kof6a65IQDMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvaHZveU90NGpMRjVzZkthTC1TaF9wcnJraEFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWm9OAbDANBgkqhkiG9w0BAQsFAAOCAQEAUv7QmpY/aNlhRoykSFMrWtUG
2xAWPtKGkbmVic5gVMfZICkiQBQCpM7JPrANBggIkeCBKDGgPvXfJAI73JYyQs3o
UYDm7Xa+wU+7FNk67G3pS4ZdEHKMxe7PSF7wR0iXVqRc+xnwrZZ6hYEPL1LUiQV0
jP/N1nQxlQuVBXKunxfcAnUwChy8qxcpi4ou0TNpTj86+ZTpuyibLofr+A4w6LQw
S4ErRRuC0R1f3/he9y6zwR2FpYIydpFFutpL42iczxi00mn6Q21j37Y8RfwfOCy0
QwFCtReekGZPdC243DkeGNQ7JtppX0lB4PnFdon8fxhRBbxu9CcznawvxqhrVw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:19:53 2025 by rpki-client