Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/iuLT_PCTVJ1n5mCKE9h7nTSM798.roa
File: iuLT_PCTVJ1n5mCKE9h7nTSM798.roa (raw, json)
Hash identifier: ltrSqYBEJvcHAnfDdks5kX/Dj924Yb3bFJG9R2AwbeU=
Subject key identifier: 8A:E2:D3:FC:F0:93:54:9D:67:E6:60:8A:13:D8:7B:9D:34:8C:EF:DF
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196ED9DD6D4DFACD83202D966338C70FDB5
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/iuLT_PCTVJ1n5mCKE9h7nTSM798.roa
Signing time: Tue 20 May 2025 12:14:26 +0000
ROA not before: Tue 20 May 2025 12:14:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 20 May 2025 13:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:9d:d6:d4:df:ac:d8:32:02:d9:66:33:8c:70:fd:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 20 12:14:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ae2d3fcf093549d67e6608a13d87b9d348cefdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e3:5f:27:3c:a6:f8:62:db:5b:42:76:69:d5:
df:e4:fa:fa:32:66:73:6f:31:f0:64:ad:6e:49:56:
0d:d2:02:be:34:b7:79:bd:0c:b2:1b:80:34:53:e4:
d0:60:23:2d:e0:50:00:ce:41:93:6e:73:0b:da:31:
08:cd:83:ad:ed:39:f8:3d:5a:d0:7d:0d:94:77:f9:
ef:5f:44:94:93:85:f8:15:7e:f5:c5:a0:06:4a:40:
be:1b:9e:9e:2d:73:25:5a:b2:a9:09:5f:93:97:eb:
30:df:78:03:fe:18:91:ae:e6:c1:58:6d:6a:74:87:
e9:51:1d:09:70:dd:4b:52:a1:07:b1:fb:1d:47:7d:
7b:ac:4a:22:73:be:f6:5e:32:21:73:72:28:9a:00:
dd:4e:c7:41:7b:5b:5a:62:1d:df:2f:39:71:e1:5c:
be:dc:ba:9b:94:a4:1d:bc:19:58:a1:df:93:b1:1a:
e1:65:3d:cd:08:6e:76:b3:a1:d9:ab:1b:cc:13:d6:
1a:5c:28:e6:58:de:ed:bd:93:27:a2:69:c3:ea:eb:
9f:16:b9:63:c9:91:1c:27:94:7c:d9:72:38:24:4c:
e4:89:2d:18:78:11:cc:81:5f:c1:17:50:d1:f6:8d:
b7:41:c5:89:79:e0:e1:85:44:a4:de:45:96:87:d4:
f9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:E2:D3:FC:F0:93:54:9D:67:E6:60:8A:13:D8:7B:9D:34:8C:EF:DF
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/iuLT_PCTVJ1n5mCKE9h7nTSM798.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
1b:83:ec:bb:e8:9c:74:4a:a1:bb:8e:9c:d0:00:b1:b9:a8:16:
a8:5e:82:fc:f4:be:ac:8e:37:8f:0d:c8:86:c1:f7:cf:ee:69:
2f:2b:33:47:2d:af:bf:7e:cd:12:e2:89:3a:d0:45:25:ce:a0:
68:45:6c:30:60:56:33:d8:3a:a1:50:70:43:9f:fb:49:79:32:
aa:2a:76:36:db:aa:92:3f:9d:02:64:c4:1f:28:45:cf:a8:a8:
45:0c:ce:d8:3a:2e:0a:b8:8e:72:5e:6f:a3:27:78:12:1e:1a:
d6:e4:82:1d:c4:79:d2:10:06:a8:05:98:d8:0f:74:b1:fe:23:
64:bc:98:b7:58:ec:6a:77:8e:70:af:a0:58:bb:b3:7f:74:d3:
0b:0e:3a:8d:0d:a1:25:05:7d:78:d8:3f:b9:55:cf:ba:51:3a:
9f:ce:27:b2:33:43:7e:bc:59:c5:20:2d:40:ff:58:40:1e:b4:
45:2d:f2:6b:a5:ad:03:90:42:e4:8c:92:ae:32:0e:aa:65:3a:
2f:6a:b0:7d:04:56:0b:8e:b7:55:18:19:f4:49:cb:e2:8a:80:
ec:bf:ca:78:fe:4f:3e:1c:68:1f:8a:bf:e5:eb:06:0b:0d:f3:
41:4d:d7:1d:4e:56:a0:68:a5:7a:69:a4:77:6b:39:0c:e5:64:
66:55:2d:94
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbtndbU36zYMgLZZjOMcP21MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIwMTIxNDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWUyZDNmY2YwOTM1NDlkNjdlNjYwOGExM2Q4N2I5ZDM0OGNlZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArONfJzym+GLbW0J2adXf5Pr6MmZz
bzHwZK1uSVYN0gK+NLd5vQyyG4A0U+TQYCMt4FAAzkGTbnML2jEIzYOt7Tn4PVrQ
fQ2Ud/nvX0SUk4X4FX71xaAGSkC+G56eLXMlWrKpCV+Tl+sw33gD/hiRrubBWG1q
dIfpUR0JcN1LUqEHsfsdR317rEoic772XjIhc3IomgDdTsdBe1taYh3fLzlx4Vy+
3LqblKQdvBlYod+TsRrhZT3NCG52s6HZqxvME9YaXCjmWN7tvZMnomnD6uufFrlj
yZEcJ5R82XI4JEzkiS0YeBHMgV/BF1DR9o23QcWJeeDhhUSk3kWWh9T5DQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIri0/zwk1SdZ+ZgihPYe500jO/fMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvaXVMVF9QQ1RWSjFuNW1DS0U5aDduVFNNNzk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAG4Psu+icdEqhu46c0ACxuagW
qF6C/PS+rI43jw3IhsH3z+5pLyszRy2vv37NEuKJOtBFJc6gaEVsMGBWM9g6oVBw
Q5/7SXkyqip2Ntuqkj+dAmTEHyhFz6ioRQzO2DouCriOcl5voyd4Eh4a1uSCHcR5
0hAGqAWY2A90sf4jZLyYt1jsaneOcK+gWLuzf3TTCw46jQ2hJQV9eNg/uVXPulE6
n84nsjNDfrxZxSAtQP9YQB60RS3ya6WtA5BC5IySrjIOqmU6L2qwfQRWC463VRgZ
9EnL4oqA7L/KeP5PPhxoH4q/5esGCw3zQU3XHU5WoGilemmkd2s5DOVkZlUtlA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:35:14 2025 by rpki-client