Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/rWAyMn39bIAMfHmMO6H2AQksQdI.roa
File: rWAyMn39bIAMfHmMO6H2AQksQdI.roa (raw, json)
Hash identifier: Ivf2HNrV+IBFpcdPMnZ8FeFpVK46r1KoDzlj6hRFjw0=
Subject key identifier: AD:60:32:32:7D:FD:6C:80:0C:7C:79:8C:3B:A1:F6:01:09:2C:41:D2
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01971A3D4E761C859ADDFC054C75829BA72F
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/rWAyMn39bIAMfHmMO6H2AQksQdI.roa
Signing time: Thu 29 May 2025 04:11:54 +0000
ROA not before: Thu 29 May 2025 04:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 29 May 2025 05:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1a:3d:4e:76:1c:85:9a:dd:fc:05:4c:75:82:9b:a7:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 29 04:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad6032327dfd6c800c7c798c3ba1f601092c41d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:9e:e2:ba:ef:e3:82:e4:27:4f:d9:10:05:05:
1b:74:8f:36:d7:6a:ab:c9:b6:58:a6:99:56:c9:3d:
85:23:fe:ab:05:8f:b1:33:65:72:02:b5:b1:ff:0e:
aa:df:c3:a6:76:4b:df:3d:f4:a7:cf:ce:2f:18:9c:
67:ba:c0:fa:0b:d7:84:db:42:cd:b2:24:ca:47:d5:
fb:90:af:fe:d4:74:3b:a5:3d:05:23:0c:3b:de:11:
db:91:55:a9:56:4e:0d:6c:1b:2b:e0:40:2e:4f:df:
b7:51:48:64:14:61:84:9d:9f:2f:b5:21:84:bb:80:
e2:ac:5f:5d:04:19:dc:70:4f:04:7e:e9:51:34:ac:
cf:e5:f8:01:20:9b:c2:f8:09:c1:da:6c:38:e9:48:
ed:6a:8e:40:a8:da:3a:96:cc:38:24:85:38:90:06:
c9:60:6a:eb:0d:81:8a:8b:f5:f2:1d:b9:62:e2:b4:
8e:32:2c:28:cc:0d:ae:23:17:e2:7b:37:2c:14:9e:
2a:d4:74:0e:3f:2c:07:27:5a:2f:98:7f:ea:20:8b:
0e:51:f5:1b:07:e8:c5:a7:ec:9b:f2:a8:84:24:52:
80:02:54:15:f0:ee:bd:cc:57:3f:16:e4:d4:c9:4f:
75:ed:ba:88:db:85:bc:79:2c:5a:9b:a7:c0:95:37:
05:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:60:32:32:7D:FD:6C:80:0C:7C:79:8C:3B:A1:F6:01:09:2C:41:D2
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/rWAyMn39bIAMfHmMO6H2AQksQdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
69:b4:c8:21:ce:cb:c1:86:9a:d6:cc:06:aa:be:5e:aa:dc:b8:
b5:9f:ed:c2:67:19:28:3e:8d:8a:ad:ff:09:e7:3c:57:5a:09:
69:51:e1:75:53:20:7b:d7:95:56:09:fb:1d:35:d2:dc:2d:51:
4d:7b:3b:d4:62:fc:23:1a:67:1c:b5:3a:2d:5b:70:e1:73:f9:
bd:27:83:08:0a:96:d8:84:25:2e:9a:1f:25:44:d6:be:87:ad:
05:25:7c:b8:18:6d:a7:36:27:9e:80:03:73:9a:29:de:e6:93:
d5:b3:72:9b:19:33:e7:f2:d1:b3:64:b0:a5:71:f8:ec:85:4e:
65:38:34:90:a0:c3:6c:89:d5:c2:60:26:34:99:3e:86:d9:54:
b9:a6:89:dc:3b:46:52:23:61:41:e4:92:55:ec:de:4e:9f:0e:
4e:73:cf:66:de:6a:cb:a9:96:d5:c4:19:cb:2f:b0:db:4e:46:
d4:00:7f:5a:a4:a5:fa:07:6e:cb:8d:0a:a9:61:48:01:32:a4:
e4:ab:9f:19:88:b3:8b:06:30:7d:ec:2d:6c:14:bb:68:88:57:
39:6b:1f:7b:2e:e6:cb:bf:cf:c3:ff:9b:91:cb:f1:5f:48:8f:
6e:2a:4c:41:55:38:a6:14:bd:51:02:25:b3:69:c6:00:c9:50:
ba:81:1e:e7
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcaPU52HIWa3fwFTHWCm6cvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI5MDQxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDYwMzIzMjdkZmQ2YzgwMGM3Yzc5OGMzYmExZjYwMTA5MmM0MWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk57iuu/jguQnT9kQBQUbdI8212qr
ybZYpplWyT2FI/6rBY+xM2VyArWx/w6q38OmdkvfPfSnz84vGJxnusD6C9eE20LN
siTKR9X7kK/+1HQ7pT0FIww73hHbkVWpVk4NbBsr4EAuT9+3UUhkFGGEnZ8vtSGE
u4DirF9dBBnccE8EfulRNKzP5fgBIJvC+AnB2mw46Ujtao5AqNo6lsw4JIU4kAbJ
YGrrDYGKi/XyHbli4rSOMiwozA2uIxfiezcsFJ4q1HQOPywHJ1ovmH/qIIsOUfUb
B+jFp+yb8qiEJFKAAlQV8O69zFc/FuTUyU917bqI24W8eSxam6fAlTcFMwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFK1gMjJ9/WyADHx5jDuh9gEJLEHSMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvcldBeU1uMzliSUFNZkhtTU82SDJBUWtzUWRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQBptMghzsvBhprWzAaqvl6q3Li1n+3CZxkoPo2K
rf8J5zxXWglpUeF1UyB715VWCfsdNdLcLVFNezvUYvwjGmcctTotW3Dhc/m9J4MI
CpbYhCUumh8lRNa+h60FJXy4GG2nNieegANzmine5pPVs3KbGTPn8tGzZLClcfjs
hU5lODSQoMNsidXCYCY0mT6G2VS5poncO0ZSI2FB5JJV7N5Onw5Oc89m3mrLqZbV
xBnLL7DbTkbUAH9apKX6B27LjQqpYUgBMqTkq58ZiLOLBjB97C1sFLtoiFc5ax97
LubLv8/D/5uRy/FfSI9uKkxBVTimFL1RAiWzacYAyVC6gR7n
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:18:09 2025 by rpki-client