Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/jUul-JjJ25fmPJWukl_qhTZIXvY.roa
File: jUul-JjJ25fmPJWukl_qhTZIXvY.roa (raw, json)
Hash identifier: tHwXUHug2EluYw6a3sHy45gvN9jC1moVCJBAzOvbfGs=
Subject key identifier: 8D:4B:A5:F8:98:C9:DB:97:E6:3C:95:AE:92:5F:EA:85:36:48:5E:F6
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019728D67CEA97AFE0BF49C9CFC15C713BC0
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/jUul-JjJ25fmPJWukl_qhTZIXvY.roa
Signing time: Sun 01 Jun 2025 00:13:54 +0000
ROA not before: Sun 01 Jun 2025 00:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 01 Jun 2025 01:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:28:d6:7c:ea:97:af:e0:bf:49:c9:cf:c1:5c:71:3b:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 1 00:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d4ba5f898c9db97e63c95ae925fea8536485ef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2a:f9:2f:b6:4e:d3:c5:b4:9a:e8:5d:56:85:
c6:d7:69:c8:05:5f:b9:d5:7f:ba:12:42:7e:eb:91:
11:11:6d:70:87:c4:da:7b:13:13:15:bc:6c:92:20:
4a:84:d0:e4:50:e7:b4:42:05:fb:f8:55:99:f8:91:
67:e8:c1:c6:fe:4a:77:67:f0:61:13:16:43:1c:69:
24:df:e2:cf:0c:b0:c8:84:3b:67:89:f5:60:4e:b8:
1d:87:0b:90:a7:9e:87:84:1f:05:20:57:e8:47:7d:
35:17:4f:3a:fa:a0:7a:cc:fe:24:37:e1:b7:c5:a3:
03:10:9f:cb:47:11:7c:00:28:1c:02:d3:68:bc:ae:
89:0f:7b:d2:3e:24:11:7e:8c:cf:67:21:e7:27:1b:
c1:63:4f:bc:1d:eb:e1:2a:15:18:7f:68:16:03:78:
73:2e:1b:48:35:31:0f:1d:38:54:fe:bd:39:77:21:
44:9f:2e:99:df:b0:af:01:21:4f:55:6b:6d:a4:0b:
48:8c:24:f5:c2:71:a0:e2:38:cd:9d:7a:80:2d:5d:
72:98:a7:fe:10:c0:4b:b8:f7:2a:fe:ad:55:ae:5d:
91:b2:e0:25:b5:b4:a5:60:40:4a:42:ab:cb:be:e6:
43:2b:c8:ea:f7:19:78:32:54:86:8f:8d:93:1a:8f:
e6:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:4B:A5:F8:98:C9:DB:97:E6:3C:95:AE:92:5F:EA:85:36:48:5E:F6
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/jUul-JjJ25fmPJWukl_qhTZIXvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
5e:54:ec:fb:87:f0:85:69:ce:77:af:e2:59:ae:3e:83:bf:7a:
21:f2:cc:29:60:7d:fb:69:84:c8:91:e6:f3:e9:60:51:7b:52:
83:2a:a3:59:cd:a5:cd:06:f2:d8:3b:23:2b:55:ea:8a:28:ad:
09:cd:8f:3f:7c:4c:50:16:9b:d6:d3:16:26:ce:e2:c9:e0:92:
d8:7a:95:5f:fe:64:06:44:fd:38:a4:d4:62:c7:70:21:d3:64:
22:dc:37:25:a4:3c:1d:11:83:80:ea:c9:51:d9:76:e0:be:12:
39:67:e1:6e:73:a9:54:72:5b:8b:22:19:3f:01:fa:05:71:12:
0e:f2:5a:36:fc:e8:3c:37:e6:e2:42:93:8b:55:89:8c:7e:32:
5f:9e:fd:e1:e1:98:62:31:4a:a4:6f:3d:3a:c3:bc:1c:d1:6d:
19:6a:a3:73:5d:58:e7:72:99:57:35:49:c1:84:35:d7:79:74:
de:c0:cf:69:0c:63:6e:c1:3c:df:67:03:7a:66:82:18:86:e7:
33:a6:75:73:c1:23:85:90:f2:cb:b6:b9:d7:96:64:53:42:e9:
68:5c:aa:04:7d:39:62:52:98:21:bf:64:bd:0e:c7:cb:ee:ee:
09:59:0b:f9:15:e4:c7:ae:b9:0d:c1:32:2a:fb:8e:63:1a:cb:
c5:61:a0:7f
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZco1nzql6/gv0nJz8FccTvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAxMDAxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDRiYTVmODk4YzlkYjk3ZTYzYzk1YWU5MjVmZWE4NTM2NDg1ZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSr5L7ZO08W0muhdVoXG12nIBV+5
1X+6EkJ+65EREW1wh8TaexMTFbxskiBKhNDkUOe0QgX7+FWZ+JFn6MHG/kp3Z/Bh
ExZDHGkk3+LPDLDIhDtnifVgTrgdhwuQp56HhB8FIFfoR301F086+qB6zP4kN+G3
xaMDEJ/LRxF8ACgcAtNovK6JD3vSPiQRfozPZyHnJxvBY0+8HevhKhUYf2gWA3hz
LhtINTEPHThU/r05dyFEny6Z37CvASFPVWttpAtIjCT1wnGg4jjNnXqALV1ymKf+
EMBLuPcq/q1Vrl2RsuAltbSlYEBKQqvLvuZDK8jq9xl4MlSGj42TGo/mVwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFI1LpfiYyduX5jyVrpJf6oU2SF72MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvalV1bC1KakoyNWZtUEpXdWtsX3FoVFpJWHZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQBeVOz7h/CFac53r+JZrj6Dv3oh8swpYH37aYTI
kebz6WBRe1KDKqNZzaXNBvLYOyMrVeqKKK0JzY8/fExQFpvW0xYmzuLJ4JLYepVf
/mQGRP04pNRix3Ah02Qi3DclpDwdEYOA6slR2XbgvhI5Z+Fuc6lUcluLIhk/AfoF
cRIO8lo2/Og8N+biQpOLVYmMfjJfnv3h4ZhiMUqkbz06w7wc0W0ZaqNzXVjncplX
NUnBhDXXeXTewM9pDGNuwTzfZwN6ZoIYhuczpnVzwSOFkPLLtrnXlmRTQuloXKoE
fTliUpghv2S9DsfL7u4JWQv5FeTHrrkNwTIq+45jGsvFYaB/
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:03:11 2025 by rpki-client