Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/iev5Phg7zsc1C0WYCCrmWQ3R4cA.roa
File: iev5Phg7zsc1C0WYCCrmWQ3R4cA.roa (raw, json)
Hash identifier: Kzp7uEjRkYchZdgN96+v4Ld08LlHDKudLcq/JxJhgBI=
Subject key identifier: 89:EB:F9:3E:18:3B:CE:C7:35:0B:45:98:08:2A:E6:59:0D:D1:E1:C0
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019707254E7A39FB6DAADD42F9CE8EB391E3
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/iev5Phg7zsc1C0WYCCrmWQ3R4cA.roa
Signing time: Sun 25 May 2025 11:12:54 +0000
ROA not before: Sun 25 May 2025 11:12:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 25 May 2025 12:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:07:25:4e:7a:39:fb:6d:aa:dd:42:f9:ce:8e:b3:91:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 25 11:12:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89ebf93e183bcec7350b4598082ae6590dd1e1c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:62:8d:7d:2e:bd:80:3a:b7:21:c2:36:30:77:
45:41:bf:42:0e:11:50:cf:da:a1:3a:0c:72:e3:46:
30:35:c8:c8:ed:48:fd:b5:34:f0:91:33:2a:15:6b:
a0:f3:da:cc:88:a2:a0:43:e3:9b:8f:8e:1d:39:57:
e5:f9:cd:31:0e:ec:dc:55:0c:c5:76:07:b2:c5:46:
cf:bb:18:a4:d7:3f:e0:4b:04:29:09:c4:64:68:8c:
10:05:6a:87:6a:4d:92:a4:0d:8a:ef:a2:e5:25:4e:
92:53:34:f8:5d:67:5f:0b:4e:fd:b6:e7:b1:57:a6:
57:b2:41:32:11:70:b6:2a:48:bf:dc:cc:d2:bd:a7:
0f:88:97:46:e7:a9:bf:8f:5e:43:c6:37:62:50:5d:
ad:00:88:6e:f6:68:e1:7a:9d:02:de:db:9e:dd:97:
21:56:2c:c2:7b:22:4f:26:da:c8:5e:6f:05:24:92:
60:05:24:28:b6:37:a0:c7:f5:4d:28:95:cd:3f:ca:
bb:6b:b3:43:6c:a9:7e:86:ee:d1:9b:01:cb:ea:ca:
8a:6a:6e:7a:65:cd:81:c8:6e:9d:c9:fc:f3:23:5e:
25:8d:12:9e:99:f0:b8:57:4a:36:98:42:46:fe:8d:
5f:92:fd:ca:1f:95:8c:9c:7e:b6:f9:e7:25:3f:f5:
82:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:EB:F9:3E:18:3B:CE:C7:35:0B:45:98:08:2A:E6:59:0D:D1:E1:C0
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/iev5Phg7zsc1C0WYCCrmWQ3R4cA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
08:75:71:15:f0:31:bf:c9:86:a7:a5:2c:a3:33:95:0d:ac:b1:
8a:cc:2c:68:f0:d0:67:8d:47:2a:70:7d:6f:ac:05:72:e8:f4:
f5:30:63:f0:2a:82:82:7c:d3:1e:bc:d8:7b:4e:5b:92:d0:aa:
c7:10:d6:d1:fd:e5:c9:07:ce:49:d2:ad:af:90:ad:fe:92:9d:
bf:d4:77:44:9d:f8:18:15:e9:05:ac:c4:33:02:23:78:55:7b:
9e:91:2a:25:dc:f8:72:c1:03:b4:b1:31:40:e8:c3:dc:55:02:
f3:6b:ba:75:f3:20:ef:d9:b4:f8:3e:52:b8:e4:19:6b:ef:b8:
22:6a:de:42:2b:48:df:be:0a:2e:4d:05:03:5e:23:22:a0:fd:
f8:1b:1e:8d:dc:04:ce:cd:0a:09:58:63:73:21:53:d7:31:65:
6f:37:e1:fa:18:61:91:0f:34:b4:7e:19:0e:f1:0b:ea:45:f0:
31:f6:4b:4a:ad:dc:d3:b0:6d:37:04:6d:98:67:94:5d:f7:a4:
fc:76:96:d9:d2:c9:86:98:cd:0d:77:a9:e6:00:69:01:a3:5f:
75:59:6f:a1:15:07:dc:68:1a:4d:1c:64:cf:6a:30:7e:df:8a:
77:30:05:79:13:95:2b:4e:2d:0d:93:f4:5e:25:1f:a0:3a:8a:
9f:c0:60:8f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZcHJU56Ofttqt1C+c6Os5HjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI1MTExMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWViZjkzZTE4M2JjZWM3MzUwYjQ1OTgwODJhZTY1OTBkZDFlMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWKNfS69gDq3IcI2MHdFQb9CDhFQ
z9qhOgxy40YwNcjI7Uj9tTTwkTMqFWug89rMiKKgQ+Obj44dOVfl+c0xDuzcVQzF
dgeyxUbPuxik1z/gSwQpCcRkaIwQBWqHak2SpA2K76LlJU6SUzT4XWdfC079tuex
V6ZXskEyEXC2Kki/3MzSvacPiJdG56m/j15DxjdiUF2tAIhu9mjhep0C3tue3Zch
VizCeyJPJtrIXm8FJJJgBSQotjegx/VNKJXNP8q7a7NDbKl+hu7RmwHL6sqKam56
Zc2ByG6dyfzzI14ljRKemfC4V0o2mEJG/o1fkv3KH5WMnH62+eclP/WCWwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFInr+T4YO87HNQtFmAgq5lkN0eHAMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvaWV2NVBoZzd6c2MxQzBXWUNDcm1XUTNSNGNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEACHVxFfAxv8mGp6UsozOVDayx
iswsaPDQZ41HKnB9b6wFcuj09TBj8CqCgnzTHrzYe05bktCqxxDW0f3lyQfOSdKt
r5Ct/pKdv9R3RJ34GBXpBazEMwIjeFV7npEqJdz4csEDtLExQOjD3FUC82u6dfMg
79m0+D5SuOQZa++4ImreQitI374KLk0FA14jIqD9+BsejdwEzs0KCVhjcyFT1zFl
bzfh+hhhkQ80tH4ZDvEL6kXwMfZLSq3c07BtNwRtmGeUXfek/HaW2dLJhpjNDXep
5gBpAaNfdVlvoRUH3GgaTRxkz2owft+KdzAFeROVK04tDZP0XiUfoDqKn8Bgjw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:26:30 2025 by rpki-client