Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/oXRypRzDWKSFvaBDOvO5EMMuONo.roa
File: oXRypRzDWKSFvaBDOvO5EMMuONo.roa (raw, json)
Hash identifier: f0pvFc7Ds6890XVsR/ke3JE5t+4lquGXotwssHd8gQA=
Subject key identifier: A1:74:72:A5:1C:C3:58:A4:85:BD:A0:43:3A:F3:B9:10:C3:2E:38:DA
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196FB2037F1942AF0D297A33417B4845108
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/oXRypRzDWKSFvaBDOvO5EMMuONo.roa
Signing time: Fri 23 May 2025 03:11:54 +0000
ROA not before: Fri 23 May 2025 03:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 23 May 2025 04:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fb:20:37:f1:94:2a:f0:d2:97:a3:34:17:b4:84:51:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 23 03:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a17472a51cc358a485bda0433af3b910c32e38da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d5:49:fb:77:43:68:71:5f:6a:4c:3f:ad:be:
15:c3:c3:f0:57:4e:d6:b6:4e:3d:01:87:c6:d6:e2:
3d:21:de:28:bb:7b:12:d5:49:0e:35:f5:84:f1:39:
61:f7:9b:9c:b5:89:f3:f2:c5:a0:d4:e1:85:61:6d:
a8:75:69:77:76:98:29:f5:a2:7b:9f:bc:2b:5c:69:
88:b9:5c:5d:3b:9b:01:05:eb:10:4d:51:81:50:eb:
eb:89:69:a2:4c:eb:46:4c:ad:b6:32:d3:6a:19:2b:
df:a7:6d:3c:c7:11:20:9b:84:18:46:3a:ab:90:ba:
d0:8c:3d:a0:20:4e:8a:dc:ae:ce:cd:24:63:df:08:
b5:8b:0b:f8:00:70:a9:fc:3d:b5:7d:cb:eb:e0:ca:
1e:fa:cd:4c:a5:29:08:81:ca:f7:46:63:37:46:09:
3a:32:39:07:57:e7:43:2c:c6:1a:c7:3c:1b:08:14:
83:50:71:39:94:13:83:e8:47:39:68:b1:96:9e:b1:
4a:ea:4b:28:05:22:87:c0:80:cb:a4:37:88:ef:04:
4c:03:fb:bc:d2:38:92:24:ea:19:b9:42:db:71:50:
4a:28:39:12:3c:8a:4c:8f:77:88:78:65:14:e1:e5:
a8:cd:74:27:68:3a:e1:d8:72:fa:79:8c:7f:ec:4b:
12:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:74:72:A5:1C:C3:58:A4:85:BD:A0:43:3A:F3:B9:10:C3:2E:38:DA
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/oXRypRzDWKSFvaBDOvO5EMMuONo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
42:1a:4c:e4:ac:51:b5:1f:8f:15:88:9d:d9:d2:b8:1f:31:6b:
21:f7:67:d6:ca:37:13:95:02:6f:75:e9:57:cb:5e:c9:45:4c:
66:fa:c5:13:58:bb:11:f8:fe:25:69:0d:a7:0d:59:17:89:9e:
52:50:76:d0:d3:86:03:eb:77:31:ac:10:6e:9b:92:37:c6:a8:
01:b1:0c:e2:38:5e:1f:ee:fe:93:2e:06:58:1f:ad:19:88:13:
d6:5a:8f:d6:dc:7c:e5:23:99:67:ed:6a:cc:e4:49:77:5c:fa:
b9:6d:55:17:1b:83:fb:68:29:67:07:d1:19:ae:c4:d5:7d:e8:
82:45:6c:8a:b2:42:ec:f0:d4:a4:d6:2a:af:0a:ac:d3:18:d0:
86:49:b1:1e:19:fc:e3:24:d7:bf:bf:63:9b:ee:24:51:b1:02:
f5:76:ac:ba:2b:25:5f:5f:a1:12:df:72:e2:cb:71:6b:ba:64:
64:ec:55:1c:78:34:d9:b7:0a:66:86:52:8f:33:02:89:42:c3:
ff:88:df:b0:03:cd:ce:96:5c:11:d9:91:e3:9a:6e:f5:12:57:
2c:f1:1e:be:b9:f4:17:c0:db:e9:14:b1:47:aa:01:f0:17:27:
9b:e0:2f:ba:50:2e:8b:87:eb:e0:a1:93:a1:84:4d:b3:71:1c:
e1:64:55:1d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb7IDfxlCrw0pejNBe0hFEIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIzMDMxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTc0NzJhNTFjYzM1OGE0ODViZGEwNDMzYWYzYjkxMGMzMmUzOGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNVJ+3dDaHFfakw/rb4Vw8PwV07W
tk49AYfG1uI9Id4ou3sS1UkONfWE8Tlh95uctYnz8sWg1OGFYW2odWl3dpgp9aJ7
n7wrXGmIuVxdO5sBBesQTVGBUOvriWmiTOtGTK22MtNqGSvfp208xxEgm4QYRjqr
kLrQjD2gIE6K3K7OzSRj3wi1iwv4AHCp/D21fcvr4Moe+s1MpSkIgcr3RmM3Rgk6
MjkHV+dDLMYaxzwbCBSDUHE5lBOD6Ec5aLGWnrFK6ksoBSKHwIDLpDeI7wRMA/u8
0jiSJOoZuULbcVBKKDkSPIpMj3eIeGUU4eWozXQnaDrh2HL6eYx/7EsSQQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKF0cqUcw1ikhb2gQzrzuRDDLjjaMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvb1hSeXBSekRXS1NGdmFCRE92TzVFTU11T05vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAQhpM5KxRtR+PFYid2dK4HzFr
Ifdn1so3E5UCb3XpV8teyUVMZvrFE1i7Efj+JWkNpw1ZF4meUlB20NOGA+t3MawQ
bpuSN8aoAbEM4jheH+7+ky4GWB+tGYgT1lqP1tx85SOZZ+1qzORJd1z6uW1VFxuD
+2gpZwfRGa7E1X3ogkVsirJC7PDUpNYqrwqs0xjQhkmxHhn84yTXv79jm+4kUbEC
9XasuislX1+hEt9y4stxa7pkZOxVHHg02bcKZoZSjzMCiULD/4jfsAPNzpZcEdmR
45pu9RJXLPEevrn0F8Db6RSxR6oB8Bcnm+AvulAui4fr4KGToYRNs3Ec4WRVHQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:01:24 2025 by rpki-client