Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/op2I8-z4Gmu3zJrvo6vXFNSUmPI.roa
File: op2I8-z4Gmu3zJrvo6vXFNSUmPI.roa (raw, json)
Hash identifier: pL5V0Jjdn6IhRr++dAEvJQnNQSAZ0E19d3Z0tFPBs7Q=
Subject key identifier: A2:9D:88:F3:EC:F8:1A:6B:B7:CC:9A:EF:A3:AB:D7:14:D4:94:98:F2
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019643A37EAFFA578A04C31BA5B2F56B0721
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/op2I8-z4Gmu3zJrvo6vXFNSUmPI.roa
Signing time: Thu 17 Apr 2025 12:05:10 +0000
ROA not before: Thu 17 Apr 2025 12:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:43a3:2440/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 17 Apr 2025 12:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:43:a3:7e:af:fa:57:8a:04:c3:1b:a5:b2:f5:6b:07:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 17 12:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a29d88f3ecf81a6bb7cc9aefa3abd714d49498f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:87:1b:81:06:c4:a9:df:f9:27:9e:c0:f1:03:
fb:26:ee:0f:02:ca:88:79:09:98:86:21:1f:af:45:
5a:05:0a:20:94:69:02:73:2f:65:26:c2:c0:d8:12:
81:99:bf:18:2e:11:2c:b7:0c:0c:be:f1:a5:d3:fe:
9b:6b:54:82:f1:dc:28:97:71:57:87:46:84:b0:a2:
2b:a5:b2:95:40:e3:e1:2d:d3:ab:a4:ad:09:4c:23:
ab:8f:92:70:13:3a:76:fd:be:53:af:f1:bd:1d:3f:
a0:ef:3f:35:4e:60:ff:49:3c:17:ac:a3:c2:f1:cd:
d8:74:a2:76:d2:39:74:65:71:e7:1d:b0:83:b0:f8:
9c:c9:b0:dd:2e:3f:ab:bf:99:be:4e:1b:bc:cd:b5:
cb:88:75:29:f0:33:ee:3c:71:a0:92:cf:66:9f:b6:
02:ef:7b:8c:f1:b6:03:c4:3d:f4:bd:b3:e4:b9:e9:
08:b3:3c:02:a4:be:fa:a7:f5:df:5c:e6:b6:a9:7b:
21:38:40:d8:41:0c:fb:41:11:57:5f:31:99:85:06:
76:b9:32:89:20:c6:4c:c2:f0:9f:02:92:20:b9:85:
21:b5:5a:2d:a8:3e:13:aa:4c:8f:e2:1f:04:d6:28:
a4:55:2d:a7:a8:2c:d0:8f:b7:ca:79:b0:a0:16:0c:
99:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:9D:88:F3:EC:F8:1A:6B:B7:CC:9A:EF:A3:AB:D7:14:D4:94:98:F2
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/op2I8-z4Gmu3zJrvo6vXFNSUmPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:43a3:2440/128
Signature Algorithm: sha256WithRSAEncryption
78:30:23:35:ec:fc:72:b5:3c:45:19:5a:bc:cb:14:2e:96:1c:
75:c4:7a:eb:06:2f:8f:41:a5:48:33:c6:a7:e3:d0:58:d3:38:
64:62:11:f5:4d:04:5e:39:7b:66:9d:16:07:74:62:e2:8a:95:
20:15:2d:f6:a3:ed:65:a8:7f:02:ac:99:4f:81:94:51:2e:0a:
b1:5c:07:b4:d2:64:0d:9e:fe:3d:21:dc:10:27:d9:ad:d4:48:
b2:fd:a1:0f:bb:e4:cd:e3:f7:ad:d8:a2:25:2d:9c:e8:a9:69:
4d:f7:c0:26:8f:3d:5a:71:71:f4:96:de:91:19:54:4b:5c:60:
cd:a8:cb:fb:d9:73:2a:4f:39:56:8b:6b:dd:fe:24:62:f9:92:
5e:78:10:c9:89:1c:04:0f:c0:1d:48:42:e7:ac:e2:b7:a8:fd:
b7:9b:df:d4:06:05:0f:dc:58:26:13:bd:fa:01:1d:81:8e:55:
27:f9:01:94:5a:32:12:12:09:39:d5:59:0f:2f:36:9d:b1:b8:
f2:3a:01:d2:a0:b3:eb:71:74:87:30:99:66:58:e2:af:64:19:
a4:5e:38:b6:4d:60:78:3d:99:e0:0f:ba:e0:b4:c8:de:97:01:
b5:37:20:1d:1b:ff:86:be:fa:06:1a:97:be:59:45:05:53:5b:
5d:01:1e:ce
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZZDo36v+leKBMMbpbL1awchMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDE3MTIwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjlkODhmM2VjZjgxYTZiYjdjYzlhZWZhM2FiZDcxNGQ0OTQ5OGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIcbgQbEqd/5J57A8QP7Ju4PAsqI
eQmYhiEfr0VaBQoglGkCcy9lJsLA2BKBmb8YLhEstwwMvvGl0/6ba1SC8dwol3FX
h0aEsKIrpbKVQOPhLdOrpK0JTCOrj5JwEzp2/b5Tr/G9HT+g7z81TmD/STwXrKPC
8c3YdKJ20jl0ZXHnHbCDsPicybDdLj+rv5m+Thu8zbXLiHUp8DPuPHGgks9mn7YC
73uM8bYDxD30vbPkuekIszwCpL76p/XfXOa2qXshOEDYQQz7QRFXXzGZhQZ2uTKJ
IMZMwvCfApIguYUhtVotqD4TqkyP4h8E1iikVS2nqCzQj7fKebCgFgyZVQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKKdiPPs+Bprt8ya76Or1xTUlJjyMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvb3AySTgtejRHbXUzekpydm82dlhGTlNVbVBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWQ6MkQDANBgkqhkiG9w0BAQsFAAOCAQEAeDAjNez8crU8RRlavMsULpYc
dcR66wYvj0GlSDPGp+PQWNM4ZGIR9U0EXjl7Zp0WB3Ri4oqVIBUt9qPtZah/AqyZ
T4GUUS4KsVwHtNJkDZ7+PSHcECfZrdRIsv2hD7vkzeP3rdiiJS2c6KlpTffAJo89
WnFx9JbekRlUS1xgzajL+9lzKk85Votr3f4kYvmSXngQyYkcBA/AHUhC56zit6j9
t5vf1AYFD9xYJhO9+gEdgY5VJ/kBlFoyEhIJOdVZDy82nbG48joB0qCz63F0hzCZ
Zljir2QZpF44tk1geD2Z4A+64LTI3pcBtTcgHRv/hr76BhqXvllFBVNbXQEezg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:07:38 2025 by rpki-client