Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/jKwendWpj4JIWc923s6ATvP2CDg.roa
File: jKwendWpj4JIWc923s6ATvP2CDg.roa (raw, json)
Hash identifier: XhOeKTAjBlnXklrJoe5B/nTmR5iBxIe2Z2l+g2DoifQ=
Subject key identifier: 8C:AC:1E:9D:D5:A9:8F:82:48:59:CF:76:DE:CE:80:4E:F3:F6:08:38
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01973809D50F295589DE81C8735654E6B9DB
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/jKwendWpj4JIWc923s6ATvP2CDg.roa
Signing time: Tue 03 Jun 2025 23:04:17 +0000
ROA not before: Tue 03 Jun 2025 23:04:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
2001:67c:64:ffff:0:197:3809:a89c/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 03 Jun 2025 23:12:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:38:09:d5:0f:29:55:89:de:81:c8:73:56:54:e6:b9:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 3 23:04:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8cac1e9dd5a98f824859cf76dece804ef3f60838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:18:b6:57:9b:6f:79:b5:9d:81:69:4a:3a:f8:
f8:0f:f8:b4:90:d0:f3:18:a2:63:5b:2e:83:b4:97:
f6:c8:f4:76:ff:e9:5f:c9:1f:24:d5:ad:16:77:78:
4f:91:dc:95:7a:90:32:3d:f1:21:92:7e:57:66:52:
1a:ee:71:c1:99:9d:1b:20:62:aa:58:5b:71:f3:2b:
5f:4a:09:22:ac:1d:d8:d2:b8:0a:6c:da:37:5c:96:
85:82:ce:b6:86:4a:6b:b6:d5:9d:65:68:12:38:81:
a4:3c:ca:53:8c:4a:80:83:9d:63:2b:95:00:f0:ab:
50:a5:ea:0f:af:37:b7:91:c6:4d:3d:17:4f:e8:3c:
d9:b7:eb:46:19:39:7f:7a:66:73:36:8b:51:ca:9c:
9c:ec:a6:7b:b4:da:43:2e:1b:c4:ed:32:06:a7:36:
71:62:bf:23:8c:02:9a:2b:d3:bc:0a:dc:10:a5:d5:
ce:cd:4e:45:88:e3:8f:7a:4e:b1:de:4a:50:96:2b:
ab:f8:c3:f8:ff:56:a6:a9:00:b0:b5:5d:94:f3:8e:
eb:46:8f:82:7a:53:4b:95:3c:9a:a2:47:1b:ab:58:
96:82:bc:8a:87:75:29:f7:e0:13:f8:da:38:99:d0:
6d:5d:5f:75:ce:aa:27:f4:90:4f:45:2b:f1:0b:47:
3b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:AC:1E:9D:D5:A9:8F:82:48:59:CF:76:DE:CE:80:4E:F3:F6:08:38
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/jKwendWpj4JIWc923s6ATvP2CDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
2001:67c:64:ffff:0:197:3809:a89c/128
Signature Algorithm: sha256WithRSAEncryption
80:f4:0c:37:7a:dd:ea:04:73:d1:cd:f2:ed:77:64:5c:a1:f4:
5d:77:9b:08:dd:3b:58:b6:ec:17:1a:ef:05:99:44:19:95:63:
9b:05:d4:a0:5e:2f:ea:9e:dd:d1:c8:f2:80:1d:19:fb:a8:eb:
ad:87:62:bf:f6:60:0a:3c:9e:2e:33:cf:a0:ae:9b:c2:ee:09:
ae:60:44:e3:7d:50:43:c6:6b:e6:65:a7:45:05:ff:1a:82:18:
bc:de:9b:f4:4b:52:51:f7:e6:90:79:cd:ba:07:49:72:02:36:
25:6d:a0:de:bc:21:3c:b0:69:7c:ac:d6:96:85:41:6d:21:41:
e4:d6:78:36:ec:1c:d8:4b:31:d1:57:d1:95:dc:fd:b6:4c:2a:
d0:a2:00:9b:7a:c2:dc:43:8c:5f:99:27:4a:2b:14:a5:6c:7a:
be:f1:a5:76:b4:d6:0b:87:de:4d:6f:52:94:54:1f:a5:20:31:
83:99:40:4c:03:27:7d:0b:08:04:a7:a1:74:de:33:fd:0a:1d:
1f:52:02:21:5f:d4:10:7d:91:94:56:75:9b:9c:9b:a1:8b:cd:
4f:54:f6:ce:5e:f2:7d:1f:1e:bc:70:6c:48:6e:4c:87:cb:36:
49:8e:15:1a:22:15:5a:77:75:d4:88:56:f9:d9:b8:c0:81:12:
1e:f2:ef:3b
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZc4CdUPKVWJ3oHIc1ZU5rnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAzMjMwNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2FjMWU5ZGQ1YTk4ZjgyNDg1OWNmNzZkZWNlODA0ZWYzZjYwODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ri2V5tvebWdgWlKOvj4D/i0kNDz
GKJjWy6DtJf2yPR2/+lfyR8k1a0Wd3hPkdyVepAyPfEhkn5XZlIa7nHBmZ0bIGKq
WFtx8ytfSgkirB3Y0rgKbNo3XJaFgs62hkprttWdZWgSOIGkPMpTjEqAg51jK5UA
8KtQpeoPrze3kcZNPRdP6DzZt+tGGTl/emZzNotRypyc7KZ7tNpDLhvE7TIGpzZx
Yr8jjAKaK9O8CtwQpdXOzU5FiOOPek6x3kpQliur+MP4/1amqQCwtV2U847rRo+C
elNLlTyaokcbq1iWgryKh3Up9+AT+No4mdBtXV91zqon9JBPRSvxC0c79QIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFIysHp3VqY+CSFnPdt7OgE7z9gg4MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvakt3ZW5kV3BqNEpJV2M5MjNzNkFUdlAyQ0RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBlBAIAAjBfAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kQMRACABBnwAZP//AAABlzgJqJwwDQYJKoZIhvcN
AQELBQADggEBAID0DDd63eoEc9HN8u13ZFyh9F13mwjdO1i27Bca7wWZRBmVY5sF
1KBeL+qe3dHI8oAdGfuo662HYr/2YAo8ni4zz6Cum8LuCa5gRON9UEPGa+Zlp0UF
/xqCGLzem/RLUlH35pB5zboHSXICNiVtoN68ITywaXys1paFQW0hQeTWeDbsHNhL
MdFX0ZXc/bZMKtCiAJt6wtxDjF+ZJ0orFKVser7xpXa01guH3k1vUpRUH6UgMYOZ
QEwDJ30LCASnoXTeM/0KHR9SAiFf1BB9kZRWdZucm6GLzU9U9s5e8n0fHrxwbEhu
TIfLNkmOFRoiFVp3ddSIVvnZuMCBEh7y7zs=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:45:24 2025 by rpki-client