Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/r6hljwWMAuR1QyBgFnrc58CMjHo.roa
File: r6hljwWMAuR1QyBgFnrc58CMjHo.roa (raw, json)
Hash identifier: e2WemUpAIovWLCcAaqYT1qnGs/ZDqazZQo/kpaUyu2s=
Subject key identifier: AF:A8:65:8F:05:8C:02:E4:75:43:20:60:16:7A:DC:E7:C0:8C:8C:7A
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019708679402DC18065EC15674E5C1E18397
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/r6hljwWMAuR1QyBgFnrc58CMjHo.roa
Signing time: Sun 25 May 2025 17:04:55 +0000
ROA not before: Sun 25 May 2025 17:04:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:866:f470/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 25 May 2025 17:11:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:08:67:94:02:dc:18:06:5e:c1:56:74:e5:c1:e1:83:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 25 17:04:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afa8658f058c02e475432060167adce7c08c8c7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e1:a1:27:8f:58:2a:d6:04:56:c2:ec:ab:7f:
2e:25:04:43:c9:39:a8:81:40:ae:f6:4a:dc:9b:d9:
36:b6:c5:4c:8d:c2:8c:e0:e4:8d:aa:bc:34:bc:7d:
8e:fb:b3:09:43:bc:56:55:5a:9c:84:63:db:44:7e:
f7:9a:da:26:50:c2:3d:c9:6c:65:76:a7:04:b9:60:
b9:38:bf:3a:c4:56:6c:23:f5:58:f9:5e:0c:0b:86:
58:9e:f0:db:96:59:58:91:ac:00:62:db:71:a7:62:
b7:a6:49:0c:30:21:5d:a6:44:9e:80:ea:9f:4d:29:
b3:2c:84:89:8f:7f:af:18:8c:ec:5a:84:fd:91:47:
b0:2f:d3:8b:07:a4:3b:a7:0d:29:1d:3a:2f:49:be:
71:e1:58:00:76:7b:8d:9f:8e:33:e9:92:10:cf:c4:
34:d0:a4:e9:bb:6a:28:36:03:ba:52:33:66:18:b0:
76:65:59:79:38:93:e1:7d:50:74:30:4c:44:b3:ac:
14:18:c7:b4:7b:41:c2:cc:3d:e6:56:2a:31:d7:10:
45:50:3d:b6:bc:8a:60:9b:be:a2:3c:75:f2:f0:1e:
0e:fb:6f:1b:fb:1c:d3:50:d4:1b:c9:e9:d3:d1:68:
5e:6e:50:1a:3b:9d:e2:39:1e:09:c0:18:76:5b:dc:
44:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:A8:65:8F:05:8C:02:E4:75:43:20:60:16:7A:DC:E7:C0:8C:8C:7A
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/r6hljwWMAuR1QyBgFnrc58CMjHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:866:f470/128
Signature Algorithm: sha256WithRSAEncryption
bb:75:b8:0d:10:74:b9:d4:02:d2:10:20:79:1f:14:74:c9:65:
5e:af:bb:ee:da:3b:b4:46:95:84:10:f6:8b:bc:d2:0b:f4:c2:
58:fe:d3:ea:57:6f:af:52:05:a2:7c:79:43:2a:00:9b:34:4d:
f6:20:19:d4:2a:53:5a:af:f9:9c:ff:06:fa:b8:4e:bc:eb:f3:
ff:fc:f2:45:65:8b:ac:a1:f4:45:44:57:dc:d7:74:89:77:1a:
b9:7e:1b:fa:ea:5f:cc:e5:65:2b:7b:a9:2a:cd:1f:c9:b4:63:
59:f5:0f:c2:ff:0e:e9:80:a5:9a:46:25:be:e6:3e:14:86:fd:
c8:90:70:94:47:46:3a:52:9a:0f:53:76:56:20:8f:22:a5:06:
05:5d:01:42:ee:fe:6f:47:39:34:32:b2:20:ed:13:29:9e:fb:
f8:a3:a9:1a:9d:08:56:ed:32:a7:af:9f:41:c4:bb:ce:1e:fa:
05:57:83:d8:84:66:98:b8:2e:e1:13:2d:af:f5:31:2c:31:f2:
b6:61:5a:a4:6b:84:6a:f9:d3:25:58:6f:76:0c:b7:77:ff:45:
44:0a:ab:29:aa:55:4c:20:3c:48:d2:89:de:4f:ba:82:d6:f9:
2d:6f:69:58:76:59:fa:6f:a5:30:5d:c3:4d:74:35:a1:35:7d:
cb:12:6c:aa
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZcIZ5QC3BgGXsFWdOXB4YOXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI1MTcwNDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmE4NjU4ZjA1OGMwMmU0NzU0MzIwNjAxNjdhZGNlN2MwOGM4YzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+GhJ49YKtYEVsLsq38uJQRDyTmo
gUCu9krcm9k2tsVMjcKM4OSNqrw0vH2O+7MJQ7xWVVqchGPbRH73mtomUMI9yWxl
dqcEuWC5OL86xFZsI/VY+V4MC4ZYnvDblllYkawAYttxp2K3pkkMMCFdpkSegOqf
TSmzLISJj3+vGIzsWoT9kUewL9OLB6Q7pw0pHTovSb5x4VgAdnuNn44z6ZIQz8Q0
0KTpu2ooNgO6UjNmGLB2ZVl5OJPhfVB0MExEs6wUGMe0e0HCzD3mViox1xBFUD22
vIpgm76iPHXy8B4O+28b+xzTUNQbyenT0WheblAaO53iOR4JwBh2W9xEqwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFK+oZY8FjALkdUMgYBZ63OfAjIx6MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvcjZobGp3V01BdVIxUXlCZ0ZucmM1OENNakhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlwhm9HAwDQYJKoZIhvcNAQELBQADggEB
ALt1uA0QdLnUAtIQIHkfFHTJZV6vu+7aO7RGlYQQ9ou80gv0wlj+0+pXb69SBaJ8
eUMqAJs0TfYgGdQqU1qv+Zz/Bvq4Trzr8//88kVli6yh9EVEV9zXdIl3Grl+G/rq
X8zlZSt7qSrNH8m0Y1n1D8L/DumApZpGJb7mPhSG/ciQcJRHRjpSmg9TdlYgjyKl
BgVdAULu/m9HOTQysiDtEyme+/ijqRqdCFbtMqevn0HEu84e+gVXg9iEZpi4LuET
La/1MSwx8rZhWqRrhGr50yVYb3YMt3f/RUQKqymqVUwgPEjSid5PuoLW+S1vaVh2
WfpvpTBdw010NaE1fcsSbKo=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:03:34 2025 by rpki-client