Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/oqPEOVbLBKYp8iTOQs5FUTV5rLg.roa
File: oqPEOVbLBKYp8iTOQs5FUTV5rLg.roa (raw, json)
Hash identifier: LTO3axTDcdqUl9QXDfxNfbEaj/y+qFWM7Q3UQleAlhc=
Subject key identifier: A2:A3:C4:39:56:CB:04:A6:29:F2:24:CE:42:CE:45:51:35:79:AC:B8
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196FD475E0FD87931E1F90847056AAD70E3
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/oqPEOVbLBKYp8iTOQs5FUTV5rLg.roa
Signing time: Fri 23 May 2025 13:13:54 +0000
ROA not before: Fri 23 May 2025 13:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 23 May 2025 14:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fd:47:5e:0f:d8:79:31:e1:f9:08:47:05:6a:ad:70:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 23 13:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2a3c43956cb04a629f224ce42ce45513579acb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:69:13:84:95:e3:24:24:48:e3:ca:10:d1:92:
85:55:64:29:06:e6:b1:b9:8c:52:0a:01:a3:cb:87:
7b:db:fe:46:6f:dd:81:8d:52:fe:b7:05:86:bf:d8:
7b:06:ac:5f:77:1e:28:21:ab:3e:d9:90:1b:e0:57:
e4:30:ae:ef:bd:f5:74:fc:2b:b7:85:32:e4:05:44:
a8:95:98:eb:a4:9a:a8:79:48:58:d3:84:15:4c:66:
3c:21:86:fd:1b:44:71:d8:07:a0:7d:a0:8a:76:22:
60:43:f9:51:4f:87:fc:2a:7e:66:67:1b:b6:55:fe:
06:b0:ae:6a:ec:71:dc:05:32:55:db:cc:a9:86:b8:
09:d9:cb:4a:dc:cb:94:53:43:3b:86:66:2f:6b:57:
09:42:53:8f:6a:8a:a0:e1:c4:d9:90:f8:ba:30:77:
66:99:90:e5:2d:10:fc:1c:5e:8e:30:3e:bf:53:2b:
b9:ba:ae:89:b6:17:3a:c3:d3:a2:31:81:ce:d7:fe:
fa:cd:86:8f:a2:46:05:71:78:34:0c:21:51:64:ef:
ae:86:a1:b5:f4:52:be:ea:c4:93:7e:90:28:df:40:
be:be:1a:a0:e3:7b:d3:1a:9d:c9:d9:a9:bc:d7:ec:
e8:b2:b0:de:26:b7:d5:f3:aa:74:d7:e8:f2:08:36:
03:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A3:C4:39:56:CB:04:A6:29:F2:24:CE:42:CE:45:51:35:79:AC:B8
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/oqPEOVbLBKYp8iTOQs5FUTV5rLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
a4:cc:b8:51:b9:15:32:22:1c:ad:7a:be:5d:9d:0c:ec:f9:3b:
bd:02:d1:d6:d6:2e:a5:38:bf:ca:32:85:d8:0f:27:18:b2:2e:
74:ac:9b:18:3c:b9:b7:01:25:7a:e8:76:30:2b:49:23:96:e0:
b9:da:ba:27:fe:b6:bf:37:8b:ea:c6:21:c1:34:30:33:8d:94:
f2:c7:59:99:70:04:d4:c7:76:3c:68:5c:8f:2b:00:62:fe:1c:
21:44:43:d1:a0:b3:df:d3:6b:60:7c:04:6d:d2:da:60:d2:58:
ad:6a:1a:fe:04:bf:18:99:bf:43:fe:5b:32:47:75:ac:9c:d6:
40:bf:54:5f:0c:0b:ba:77:d4:22:59:e2:22:89:04:11:06:72:
6d:39:66:9e:eb:0e:13:80:29:ff:b2:d5:80:a3:49:ba:09:9f:
fb:e5:c1:04:dc:83:2c:5d:41:ee:1a:d0:f6:59:47:6e:39:2a:
97:a4:08:e2:fa:1e:24:77:37:a5:15:15:84:fc:ec:2c:03:b1:
eb:93:45:03:6e:a6:f0:0f:74:c7:76:82:1d:fa:b4:de:ef:0f:
c6:21:62:2d:1a:4d:87:87:72:78:bc:b6:1c:8b:92:06:e8:41:
3b:03:86:95:13:46:f9:5d:2f:53:85:39:d4:80:d8:04:9b:90:
5b:c4:14:df
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb9R14P2Hkx4fkIRwVqrXDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIzMTMxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmEzYzQzOTU2Y2IwNGE2MjlmMjI0Y2U0MmNlNDU1MTM1NzlhY2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWkThJXjJCRI48oQ0ZKFVWQpBuax
uYxSCgGjy4d72/5Gb92BjVL+twWGv9h7Bqxfdx4oIas+2ZAb4FfkMK7vvfV0/Cu3
hTLkBUSolZjrpJqoeUhY04QVTGY8IYb9G0Rx2AegfaCKdiJgQ/lRT4f8Kn5mZxu2
Vf4GsK5q7HHcBTJV28yphrgJ2ctK3MuUU0M7hmYva1cJQlOPaoqg4cTZkPi6MHdm
mZDlLRD8HF6OMD6/Uyu5uq6Jthc6w9OiMYHO1/76zYaPokYFcXg0DCFRZO+uhqG1
9FK+6sSTfpAo30C+vhqg43vTGp3J2am81+zosrDeJrfV86p01+jyCDYDmwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKKjxDlWywSmKfIkzkLORVE1eay4MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvb3FQRU9WYkxCS1lwOGlUT1FzNUZVVFY1ckxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEApMy4UbkVMiIcrXq+XZ0M7Pk7
vQLR1tYupTi/yjKF2A8nGLIudKybGDy5twEleuh2MCtJI5bgudq6J/62vzeL6sYh
wTQwM42U8sdZmXAE1Md2PGhcjysAYv4cIURD0aCz39NrYHwEbdLaYNJYrWoa/gS/
GJm/Q/5bMkd1rJzWQL9UXwwLunfUIlniIokEEQZybTlmnusOE4Ap/7LVgKNJugmf
++XBBNyDLF1B7hrQ9llHbjkql6QI4voeJHc3pRUVhPzsLAOx65NFA26m8A90x3aC
Hfq03u8PxiFiLRpNh4dyeLy2HIuSBuhBOwOGlRNG+V0vU4U51IDYBJuQW8QU3w==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:43:37 2025 by rpki-client