Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/mBXDnz9ZJab8GliQa138rIKgSOg.roa
File: mBXDnz9ZJab8GliQa138rIKgSOg.roa (raw, json)
Hash identifier: ZJScfwjrcEqvCLsz/Tkj0XDGzOFObwmMULvzoBCxpaU=
Subject key identifier: 98:15:C3:9F:3F:59:25:A6:FC:1A:58:90:6B:5D:FC:AC:82:A0:48:E8
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196F4A9DC8BB689EDA7656D3A93DE1D23B4
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/mBXDnz9ZJab8GliQa138rIKgSOg.roa
Signing time: Wed 21 May 2025 21:04:54 +0000
ROA not before: Wed 21 May 2025 21:04:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:196:f4a9:5013/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 21 May 2025 21:11:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f4:a9:dc:8b:b6:89:ed:a7:65:6d:3a:93:de:1d:23:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 21 21:04:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9815c39f3f5925a6fc1a58906b5dfcac82a048e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:48:a5:c2:f6:b6:58:85:c4:f5:50:d5:08:55:
2b:52:64:d9:60:3f:be:c8:42:19:6e:33:ab:01:e4:
c1:33:13:ff:01:11:23:2d:7f:3b:f6:6b:73:ad:43:
ca:13:bc:ab:0c:fa:bc:61:c8:77:6a:bb:39:3f:5a:
86:b7:09:b1:d9:e6:8b:bf:78:f9:0f:66:57:3e:b7:
d8:11:ad:e2:ee:c2:72:35:b1:79:2d:f7:69:ea:22:
9b:96:94:7d:b7:13:67:9d:e3:ae:51:26:7e:02:a3:
61:05:a1:0c:c9:db:5a:20:e8:68:0e:dd:3b:71:1c:
c6:c7:ae:a6:25:f4:03:7a:af:d4:bf:9c:19:94:d1:
4f:09:2a:d9:87:22:8e:fd:4d:cc:12:08:5c:a5:0d:
bb:4a:f3:c3:fc:5c:1c:0a:ce:5d:13:28:d1:95:bb:
8e:c2:4f:90:8b:40:df:c7:84:8d:6e:1e:5f:a9:0b:
29:6b:7e:4a:f7:cb:26:19:cb:d3:28:c4:fe:31:68:
0c:11:b9:bf:55:11:ad:82:bb:15:83:97:ed:e3:0c:
00:1d:39:e7:ba:cc:ee:27:f9:93:b7:ee:63:5c:93:
03:74:c4:ec:47:08:77:4f:ac:4a:51:f4:55:50:cb:
90:13:57:5e:6f:56:fc:3d:80:23:52:fe:74:9e:3e:
76:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:15:C3:9F:3F:59:25:A6:FC:1A:58:90:6B:5D:FC:AC:82:A0:48:E8
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/mBXDnz9ZJab8GliQa138rIKgSOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:196:f4a9:5013/128
Signature Algorithm: sha256WithRSAEncryption
bd:b6:65:66:0f:f7:fb:5a:07:57:05:bb:96:e2:65:0f:71:36:
21:8e:73:5d:78:0c:7b:d7:0d:82:8a:b9:3c:75:5a:dd:59:cb:
54:bd:74:e7:fe:fb:58:cf:e4:17:eb:39:29:1b:1f:57:ce:35:
6b:62:bf:77:97:4f:aa:63:3f:8d:ba:40:a0:f6:62:0e:be:07:
60:32:f2:a7:41:f6:af:4b:c8:13:b7:ff:85:56:a7:89:f5:26:
54:47:b7:c8:91:db:36:52:73:70:90:fd:b7:8a:4d:8c:82:f2:
5a:04:0f:85:cb:ad:b0:37:3f:47:96:4b:e9:17:32:79:5d:2a:
13:cf:8d:b7:36:0f:0c:35:a9:e9:c2:d7:8c:8a:23:04:15:3d:
3c:d1:92:76:d9:23:8a:63:f5:8f:45:9d:77:3f:13:0a:02:3b:
ab:f5:7c:5e:ab:aa:5c:5a:60:b7:f7:84:aa:a2:91:e0:de:90:
06:f1:d4:5f:74:b6:7f:a3:9f:5d:1f:c8:41:51:9d:79:9f:69:
01:ca:8e:ba:e3:6e:19:7c:af:b7:55:fd:fe:41:29:52:b3:5b:
9f:f0:3e:c3:03:20:32:30:93:e3:12:62:a3:da:40:41:7a:a1:
27:ab:34:a5:99:39:ad:7a:57:96:47:84:48:ae:fc:44:d2:9a:
c3:63:6c:15
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZb0qdyLtontp2VtOpPeHSO0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIxMjEwNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODE1YzM5ZjNmNTkyNWE2ZmMxYTU4OTA2YjVkZmNhYzgyYTA0OGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Eilwva2WIXE9VDVCFUrUmTZYD++
yEIZbjOrAeTBMxP/AREjLX879mtzrUPKE7yrDPq8Ych3ars5P1qGtwmx2eaLv3j5
D2ZXPrfYEa3i7sJyNbF5Lfdp6iKblpR9txNnneOuUSZ+AqNhBaEMydtaIOhoDt07
cRzGx66mJfQDeq/Uv5wZlNFPCSrZhyKO/U3MEghcpQ27SvPD/FwcCs5dEyjRlbuO
wk+Qi0Dfx4SNbh5fqQspa35K98smGcvTKMT+MWgMEbm/VRGtgrsVg5ft4wwAHTnn
uszuJ/mTt+5jXJMDdMTsRwh3T6xKUfRVUMuQE1deb1b8PYAjUv50nj52GwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJgVw58/WSWm/BpYkGtd/KyCoEjoMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvbUJYRG56OVpKYWI4R2xpUWExMzhySUtnU09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlvSpUBMwDQYJKoZIhvcNAQELBQADggEB
AL22ZWYP9/taB1cFu5biZQ9xNiGOc114DHvXDYKKuTx1Wt1Zy1S9dOf++1jP5Bfr
OSkbH1fONWtiv3eXT6pjP426QKD2Yg6+B2Ay8qdB9q9LyBO3/4VWp4n1JlRHt8iR
2zZSc3CQ/beKTYyC8loED4XLrbA3P0eWS+kXMnldKhPPjbc2Dww1qenC14yKIwQV
PTzRknbZI4pj9Y9FnXc/EwoCO6v1fF6rqlxaYLf3hKqikeDekAbx1F90tn+jn10f
yEFRnXmfaQHKjrrjbhl8r7dV/f5BKVKzW5/wPsMDIDIwk+MSYqPaQEF6oSerNKWZ
Oa16V5ZHhEiu/ETSmsNjbBU=
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:22:49 2025 by rpki-client