Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/oVfbDVBV0KcI-y1P0j7-5ibvK8w.roa
File: oVfbDVBV0KcI-y1P0j7-5ibvK8w.roa (raw, json)
Hash identifier: 0Mn/Pyl0mOwh7jQZLNBpq0uGOlKYc+z+jhusLFUIrbE=
Subject key identifier: A1:57:DB:0D:50:55:D0:A7:08:FB:2D:4F:D2:3E:FE:E6:26:EF:2B:CC
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196FE1ADB7117DC1BB8FD6B4990B7E2C60F
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/oVfbDVBV0KcI-y1P0j7-5ibvK8w.roa
Signing time: Fri 23 May 2025 17:04:55 +0000
ROA not before: Fri 23 May 2025 17:04:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:196:fe1a:2990/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 23 May 2025 17:12:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fe:1a:db:71:17:dc:1b:b8:fd:6b:49:90:b7:e2:c6:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 23 17:04:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a157db0d5055d0a708fb2d4fd23efee626ef2bcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d3:c7:47:b2:62:6c:c0:fe:17:5d:25:73:55:
09:a5:44:b2:2b:e9:fd:b9:3e:64:eb:90:d2:a5:10:
79:34:2f:b9:a5:da:77:80:ac:23:57:ea:dd:18:87:
d5:5a:15:a0:c9:fc:1d:b7:7c:5f:5d:a5:e4:d4:e3:
d3:4e:f6:de:6e:8a:cb:1a:74:a5:3b:57:b4:9a:52:
d7:99:15:76:7b:f0:d6:74:fb:d5:fc:e2:ec:ea:8c:
38:de:c6:bd:40:e6:dc:a8:08:72:96:dc:27:f2:80:
eb:d9:e7:90:7e:97:48:c5:38:89:99:d0:db:99:89:
15:b8:76:16:4e:4a:ec:75:da:35:59:48:00:2c:4c:
c0:d1:49:33:ca:ed:ef:6d:94:5a:21:23:c8:b3:4b:
8c:3e:1f:2e:60:a6:e2:c6:85:a1:dc:7b:a8:b2:79:
78:88:bf:51:95:d4:6a:26:01:dd:75:b9:c6:4b:b6:
e7:5b:d0:bd:7f:23:03:ad:47:4c:5e:c3:97:90:21:
21:f0:26:4f:a9:9f:de:fb:74:03:ab:49:eb:1b:8f:
64:78:1d:78:c4:4e:8d:3a:75:66:63:c2:b6:f6:f0:
39:3e:44:52:92:63:5c:b2:30:ab:22:d6:6f:2c:ee:
0d:f3:50:45:36:e1:ad:03:b8:c5:4c:f0:59:f8:fd:
79:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:57:DB:0D:50:55:D0:A7:08:FB:2D:4F:D2:3E:FE:E6:26:EF:2B:CC
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/oVfbDVBV0KcI-y1P0j7-5ibvK8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:196:fe1a:2990/128
Signature Algorithm: sha256WithRSAEncryption
3c:aa:f8:0a:c6:b5:30:64:82:38:60:f9:2d:45:92:94:1a:e2:
b2:68:0d:f3:35:21:d6:45:5e:f0:3b:dc:e5:1d:5a:9a:70:11:
e6:67:bd:4e:4a:f5:71:10:0f:48:b1:e3:80:b9:fd:e5:da:f3:
d7:e7:b0:18:98:5a:48:cc:f3:c3:9b:ef:71:bd:53:a3:0b:0e:
02:f4:30:17:19:be:d8:db:22:a6:45:fb:f1:34:b1:0a:b8:74:
6f:f3:d2:4d:50:a3:5e:81:e7:96:46:b0:da:c9:8b:c8:d8:79:
1b:f5:2b:08:a8:52:a3:ea:60:a7:8a:5d:69:9a:1e:a6:76:8a:
dc:02:95:a3:ca:43:3e:d8:b1:4e:4f:3e:0f:b9:fc:e4:2f:7e:
6d:39:8b:c7:b0:ee:0a:10:bf:9b:52:d3:ff:b6:f8:98:5a:a2:
b7:c8:27:f6:f5:e2:71:a5:69:74:61:47:d4:d5:5f:22:d6:b6:
f4:52:ad:ba:6d:93:12:d1:60:28:f6:a6:b1:06:01:2c:ef:ee:
29:b7:d5:a4:63:49:98:62:e5:71:f8:9f:32:e0:71:14:89:1e:
6d:2b:6b:93:a3:49:5d:bd:10:35:cb:2f:46:90:df:91:ed:5d:
df:c8:4a:41:09:9a:4f:7c:e9:4c:74:c5:25:04:ef:df:6f:83:
15:ad:07:b1
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZb+GttxF9wbuP1rSZC34sYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIzMTcwNDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTU3ZGIwZDUwNTVkMGE3MDhmYjJkNGZkMjNlZmVlNjI2ZWYyYmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtPHR7JibMD+F10lc1UJpUSyK+n9
uT5k65DSpRB5NC+5pdp3gKwjV+rdGIfVWhWgyfwdt3xfXaXk1OPTTvbeborLGnSl
O1e0mlLXmRV2e/DWdPvV/OLs6ow43sa9QObcqAhyltwn8oDr2eeQfpdIxTiJmdDb
mYkVuHYWTkrsddo1WUgALEzA0Ukzyu3vbZRaISPIs0uMPh8uYKbixoWh3Huosnl4
iL9RldRqJgHddbnGS7bnW9C9fyMDrUdMXsOXkCEh8CZPqZ/e+3QDq0nrG49keB14
xE6NOnVmY8K29vA5PkRSkmNcsjCrItZvLO4N81BFNuGtA7jFTPBZ+P157wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKFX2w1QVdCnCPstT9I+/uYm7yvMMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvb1ZmYkRWQlYwS2NJLXkxUDBqNy01aWJ2Szh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlv4aKZAwDQYJKoZIhvcNAQELBQADggEB
ADyq+ArGtTBkgjhg+S1FkpQa4rJoDfM1IdZFXvA73OUdWppwEeZnvU5K9XEQD0ix
44C5/eXa89fnsBiYWkjM88Ob73G9U6MLDgL0MBcZvtjbIqZF+/E0sQq4dG/z0k1Q
o16B55ZGsNrJi8jYeRv1KwioUqPqYKeKXWmaHqZ2itwClaPKQz7YsU5PPg+5/OQv
fm05i8ew7goQv5tS0/+2+JhaorfIJ/b14nGlaXRhR9TVXyLWtvRSrbptkxLRYCj2
prEGASzv7im31aRjSZhi5XH4nzLgcRSJHm0ra5OjSV29EDXLL0aQ35HtXd/ISkEJ
mk986Ux0xSUE799vgxWtB7E=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:13:55 2025 by rpki-client