Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/o7S9nw2EiXUHjxPv6yPdkXTAhaY.roa
File: o7S9nw2EiXUHjxPv6yPdkXTAhaY.roa (raw, json)
Hash identifier: q3IFhh4in5+OaTuM5scpkqcy2+ckM82yYMyMxHs0iDI=
Subject key identifier: A3:B4:BD:9F:0D:84:89:75:07:8F:13:EF:EB:23:DD:91:74:C0:85:A6
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196B449B26EC5B7E86876C465969290E274
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/o7S9nw2EiXUHjxPv6yPdkXTAhaY.roa
Signing time: Fri 09 May 2025 09:04:10 +0000
ROA not before: Fri 09 May 2025 09:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:b449:a91e/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 09 May 2025 09:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b4:49:b2:6e:c5:b7:e8:68:76:c4:65:96:92:90:e2:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 9 09:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3b4bd9f0d848975078f13efeb23dd9174c085a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9a:49:35:70:f5:60:39:04:7b:54:a5:79:29:
b1:a7:b9:b8:94:70:93:f2:25:d3:ef:69:23:f1:2b:
0a:b1:57:90:f9:b2:89:83:10:88:03:6b:c0:9a:b1:
f1:d3:db:ce:fd:a8:bc:d9:6a:1b:0e:de:0f:46:87:
03:c6:af:01:66:17:7d:58:16:27:ed:20:c9:e0:10:
3f:7e:d9:e1:5b:4d:00:40:10:54:5e:87:71:04:df:
46:de:dd:73:e3:86:90:cd:ce:7e:f9:83:b7:20:e4:
c9:b4:f5:35:fa:4d:bb:79:c2:42:bb:70:20:1a:f0:
12:10:de:7f:86:28:50:56:f6:55:59:c3:d8:65:03:
05:28:b3:b3:4d:bc:58:d2:72:96:05:67:dc:ee:34:
6a:0a:ae:da:03:a3:e3:2f:7c:12:b6:51:97:90:c7:
7f:97:c6:23:d6:c1:a2:56:48:12:6e:c2:64:df:49:
83:6e:3f:58:a5:fa:13:0d:05:be:50:ea:0c:93:49:
9d:26:65:fb:a0:26:43:dd:50:6c:71:b2:0d:d5:28:
1a:f7:89:be:4d:9e:a4:76:4b:62:11:5f:58:cd:ba:
c6:7e:69:e8:42:92:5f:c6:a7:af:8b:a8:e1:18:f5:
79:bc:f4:d2:ec:98:ef:9c:1e:cc:98:f2:98:d0:c1:
5d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:B4:BD:9F:0D:84:89:75:07:8F:13:EF:EB:23:DD:91:74:C0:85:A6
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/o7S9nw2EiXUHjxPv6yPdkXTAhaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:b449:a91e/128
Signature Algorithm: sha256WithRSAEncryption
ae:a2:55:a8:fb:d6:6e:5a:fe:a3:39:50:35:5e:74:4a:76:08:
a2:9b:bc:b1:a1:7e:3d:0e:34:04:cb:16:5e:c1:3b:c5:1c:46:
fb:21:e4:dd:53:41:ca:7b:1e:30:5d:a3:b8:53:5e:cd:8d:46:
15:cf:99:8a:6e:90:03:fe:ea:90:14:0a:60:d6:1e:ef:14:71:
79:ec:ad:49:9a:7f:4a:ef:0b:7a:08:77:59:42:14:ef:c3:b8:
17:8d:96:9a:13:0d:6c:4d:2c:27:b4:93:ee:c0:d7:77:1f:b4:
0f:cb:b0:f2:05:20:8f:1f:2c:94:d0:c8:1a:fc:e0:a4:27:a0:
3b:25:fc:50:9f:d1:ae:9b:e1:30:a4:5d:41:5d:37:0d:73:27:
18:11:7a:0e:3a:8d:b9:ae:4a:b8:06:f9:f4:69:1f:89:b8:d4:
9c:e4:fa:10:ca:6b:25:4a:09:82:b7:a4:d5:07:74:d5:8b:e4:
42:9c:2a:2f:9a:e5:e1:97:29:c3:85:61:ee:bb:0f:d9:16:d1:
3d:39:e3:a8:d4:4d:54:4e:63:bd:2f:12:d3:84:48:de:1b:c9:
7a:7e:59:df:47:45:4a:c4:20:89:08:94:1f:3e:8b:ff:57:bb:
bd:b1:5c:cb:d2:3f:92:7f:03:9a:86:26:32:42:5d:9e:8e:67:
da:a7:80:10
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZa0SbJuxbfoaHbEZZaSkOJ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTA5MDkwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2I0YmQ5ZjBkODQ4OTc1MDc4ZjEzZWZlYjIzZGQ5MTc0YzA4NWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZpJNXD1YDkEe1SleSmxp7m4lHCT
8iXT72kj8SsKsVeQ+bKJgxCIA2vAmrHx09vO/ai82WobDt4PRocDxq8BZhd9WBYn
7SDJ4BA/ftnhW00AQBBUXodxBN9G3t1z44aQzc5++YO3IOTJtPU1+k27ecJCu3Ag
GvASEN5/hihQVvZVWcPYZQMFKLOzTbxY0nKWBWfc7jRqCq7aA6PjL3wStlGXkMd/
l8Yj1sGiVkgSbsJk30mDbj9YpfoTDQW+UOoMk0mdJmX7oCZD3VBscbIN1Sga94m+
TZ6kdktiEV9YzbrGfmnoQpJfxqevi6jhGPV5vPTS7JjvnB7MmPKY0MFdwwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKO0vZ8NhIl1B48T7+sj3ZF0wIWmMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvbzdTOW53MkVpWFVIanhQdjZ5UGRrWFRBaGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWtEmpHjANBgkqhkiG9w0BAQsFAAOCAQEArqJVqPvWblr+ozlQNV50SnYI
opu8saF+PQ40BMsWXsE7xRxG+yHk3VNBynseMF2juFNezY1GFc+Zim6QA/7qkBQK
YNYe7xRxeeytSZp/Su8Legh3WUIU78O4F42WmhMNbE0sJ7ST7sDXdx+0D8uw8gUg
jx8slNDIGvzgpCegOyX8UJ/RrpvhMKRdQV03DXMnGBF6DjqNua5KuAb59GkfibjU
nOT6EMprJUoJgrek1Qd01YvkQpwqL5rl4Zcpw4Vh7rsP2RbRPTnjqNRNVE5jvS8S
04RI3hvJen5Z30dFSsQgiQiUHz6L/1e7vbFcy9I/kn8DmoYmMkJdno5n2qeAEA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:21:26 2025 by rpki-client