Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/iWa0QkDR91S0IOAr15TUyGh0Y90.roa
File: iWa0QkDR91S0IOAr15TUyGh0Y90.roa (raw, json)
Hash identifier: XjSmpAU+5bkVRLOvl+VKkIkjo2fKxwJhG60Pyyr6VKY=
Subject key identifier: 89:66:B4:42:40:D1:F7:54:B4:20:E0:2B:D7:94:D4:C8:68:74:63:DD
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01974000B6BC7780ED65518AE38BDA87AA88
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/iWa0QkDR91S0IOAr15TUyGh0Y90.roa
Signing time: Thu 05 Jun 2025 12:11:17 +0000
ROA not before: Thu 05 Jun 2025 12:11:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 05 Jun 2025 13:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:40:00:b6:bc:77:80:ed:65:51:8a:e3:8b:da:87:aa:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 5 12:11:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8966b44240d1f754b420e02bd794d4c8687463dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d1:e2:87:7c:7b:60:16:59:fd:e5:86:a4:4c:
cd:e2:a5:c1:31:fd:60:7e:75:0d:7e:83:4d:02:2f:
72:0e:72:6a:81:58:95:14:dd:2a:f2:c6:73:02:30:
12:75:3c:35:9e:bd:d6:42:4a:a2:ac:65:0a:9c:d7:
ad:2b:f4:2a:61:20:cd:14:59:0b:f5:98:a7:8d:63:
d9:88:71:88:5e:cb:ae:c4:7d:32:27:63:2d:b9:35:
38:e1:42:af:3d:dc:3b:80:1f:02:84:64:7b:56:13:
57:30:64:7f:20:f3:5f:dd:44:24:a6:2f:51:8c:db:
2b:b3:32:71:f7:8d:a4:04:50:87:d1:ed:cf:7b:dd:
56:23:fc:46:95:0e:c1:ad:ab:5c:6a:40:ff:63:da:
7c:1f:0b:28:8c:60:50:b9:4a:81:ea:a2:16:d5:11:
4a:ad:1d:43:76:b6:39:14:f9:f6:14:0d:9f:bd:03:
c2:34:8b:83:86:18:14:ee:d0:e1:8d:d7:b5:6d:81:
9f:5c:b6:d0:2d:a8:e1:59:a3:0a:53:a5:cd:a0:f0:
29:66:d6:71:19:4e:1f:0a:d1:de:a8:07:30:71:a0:
dc:c5:49:32:88:20:65:8e:8a:ee:0c:af:9e:dd:a1:
c3:42:25:d4:e3:91:6c:5d:b1:6b:5f:82:3d:f9:45:
ed:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:66:B4:42:40:D1:F7:54:B4:20:E0:2B:D7:94:D4:C8:68:74:63:DD
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/iWa0QkDR91S0IOAr15TUyGh0Y90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
c5:16:de:ce:12:89:50:44:14:f0:ee:ec:78:a3:5f:b4:e7:fa:
f7:87:d9:ca:38:0c:40:f9:56:12:f8:00:b2:df:ef:cf:67:fc:
81:a1:81:92:da:f7:2d:0c:24:85:1d:3d:a4:3d:8f:c1:64:35:
63:a7:f1:33:e1:7b:ed:d5:a3:a4:d5:5f:d3:d2:b5:a9:48:85:
4c:ed:0f:22:2f:00:6e:ea:9c:52:0b:2a:cf:51:08:59:78:c8:
f3:fc:78:ac:25:4b:53:d0:70:2b:6b:7e:84:32:d2:7f:95:cb:
6c:11:25:ed:c1:79:49:a6:31:89:cf:ae:76:c4:2e:f1:aa:a5:
09:d5:48:4d:8b:50:f1:da:ad:ba:06:63:7a:80:a6:9f:af:32:
ae:ae:6f:3d:0a:42:c9:91:22:bc:ac:dd:d7:0b:81:e3:b4:2d:
8a:91:e2:58:fc:3a:91:8a:6a:35:c4:88:c2:dd:3f:7a:3f:bb:
8b:9c:0e:ae:67:12:ec:c7:e2:8b:fc:d0:55:81:67:60:f1:df:
a3:f2:59:5a:12:2b:56:10:04:7c:14:6b:96:08:8c:1e:89:37:
52:70:a6:b6:7a:01:73:b3:5d:59:2f:41:ef:bf:54:6c:1c:f3:
f6:e3:be:db:af:b7:c1:f4:ec:66:f5:fd:1b:0e:70:df:22:81:
fe:cb:18:fa
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZdAALa8d4DtZVGK44vah6qIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA1MTIxMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTY2YjQ0MjQwZDFmNzU0YjQyMGUwMmJkNzk0ZDRjODY4NzQ2M2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtHih3x7YBZZ/eWGpEzN4qXBMf1g
fnUNfoNNAi9yDnJqgViVFN0q8sZzAjASdTw1nr3WQkqirGUKnNetK/QqYSDNFFkL
9ZinjWPZiHGIXsuuxH0yJ2MtuTU44UKvPdw7gB8ChGR7VhNXMGR/IPNf3UQkpi9R
jNsrszJx942kBFCH0e3Pe91WI/xGlQ7BratcakD/Y9p8HwsojGBQuUqB6qIW1RFK
rR1DdrY5FPn2FA2fvQPCNIuDhhgU7tDhjde1bYGfXLbQLajhWaMKU6XNoPApZtZx
GU4fCtHeqAcwcaDcxUkyiCBljoruDK+e3aHDQiXU45FsXbFrX4I9+UXtYwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFIlmtEJA0fdUtCDgK9eU1MhodGPdMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvaVdhMFFrRFI5MVMwSU9BcjE1VFV5R2gwWTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAxRbezhKJUEQU
8O7seKNftOf694fZyjgMQPlWEvgAst/vz2f8gaGBktr3LQwkhR09pD2PwWQ1Y6fx
M+F77dWjpNVf09K1qUiFTO0PIi8AbuqcUgsqz1EIWXjI8/x4rCVLU9BwK2t+hDLS
f5XLbBEl7cF5SaYxic+udsQu8aqlCdVITYtQ8dqtugZjeoCmn68yrq5vPQpCyZEi
vKzd1wuB47QtipHiWPw6kYpqNcSIwt0/ej+7i5wOrmcS7Mfii/zQVYFnYPHfo/JZ
WhIrVhAEfBRrlgiMHok3UnCmtnoBc7NdWS9B779UbBzz9uO+26+3wfTsZvX9Gw5w
3yKB/ssY+g==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:59:11 2025 by rpki-client