Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/stcA1K14Y0r0R-0b6D2Ima0l3bI.roa
File: stcA1K14Y0r0R-0b6D2Ima0l3bI.roa (raw, json)
Hash identifier: S/5TUT8yWLeBVW4ybFko3qlYZlrgPURp7h/FgmWDj0o=
Subject key identifier: B2:D7:00:D4:AD:78:63:4A:F4:47:ED:1B:E8:3D:88:99:AD:25:DD:B2
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196D4E83830D935D06CA7D433BBFB57B759
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/stcA1K14Y0r0R-0b6D2Ima0l3bI.roa
Signing time: Thu 15 May 2025 17:05:10 +0000
ROA not before: Thu 15 May 2025 17:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:d4e7:5e4e/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 15 May 2025 17:15:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d4:e8:38:30:d9:35:d0:6c:a7:d4:33:bb:fb:57:b7:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 15 17:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2d700d4ad78634af447ed1be83d8899ad25ddb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:52:26:24:41:0c:84:32:d8:f2:f9:5b:23:ed:
70:76:5d:b4:5e:74:38:33:56:a9:db:64:b7:44:7e:
de:89:8b:7b:4d:8b:1b:53:21:e8:36:42:5a:15:74:
c6:fc:2c:52:76:f4:6c:23:a6:11:18:64:02:66:2f:
1c:ab:fb:51:04:b9:47:b3:d8:84:91:61:9f:bc:a9:
2b:05:da:82:73:49:9a:b0:f4:d2:00:29:f0:31:2a:
e9:e0:4a:77:ff:eb:c6:6c:09:66:1d:3f:b4:18:b4:
dc:15:9a:83:e6:47:68:87:08:32:54:83:d9:88:9f:
1b:09:8b:ff:20:e9:ab:69:74:75:4d:ff:31:14:93:
d3:3d:9b:ec:24:72:40:92:7d:b9:8b:ea:84:8f:eb:
7e:5b:ca:ba:4d:ef:3f:52:30:2e:1f:d1:32:90:15:
8b:2c:05:a9:75:43:ec:12:da:f7:7b:c0:31:a4:88:
9b:2f:f0:b0:3f:de:da:52:87:b6:be:0a:2a:d7:d7:
4d:fa:30:71:68:d5:91:54:b3:91:69:11:77:71:10:
cb:95:ac:3c:bb:44:73:52:ca:1d:6b:44:c6:92:f5:
24:cd:05:c6:d9:56:3e:e7:ae:03:8a:4c:a3:92:7a:
83:a1:db:c8:df:1f:06:8a:a0:6d:6b:da:97:a2:13:
97:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:D7:00:D4:AD:78:63:4A:F4:47:ED:1B:E8:3D:88:99:AD:25:DD:B2
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/stcA1K14Y0r0R-0b6D2Ima0l3bI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:d4e7:5e4e/128
Signature Algorithm: sha256WithRSAEncryption
4b:73:b9:b6:d7:a4:33:44:47:8d:ad:98:29:23:6d:2d:93:1a:
d8:75:05:8f:aa:a5:17:52:d2:bf:f3:3c:f2:fd:4f:29:d6:96:
1c:31:2b:ef:1a:56:2c:b3:90:a9:e0:26:99:9b:73:ed:02:33:
db:32:f3:2c:9e:d8:6f:7c:3a:b4:0c:84:04:47:6d:54:81:a5:
67:58:d9:ee:0d:5a:0e:7b:2b:f0:d3:22:c1:c3:4d:77:9e:ec:
5a:79:f8:ad:16:58:d8:d5:83:6e:fc:1c:9c:11:d0:81:e8:1f:
23:9b:a0:45:91:7a:6b:72:08:84:45:43:ef:5a:3f:cf:3d:a0:
b9:66:d5:eb:74:88:8d:30:00:91:0d:f0:3b:4a:3d:e9:f5:83:
a1:40:2c:06:58:83:b3:27:38:c6:45:2c:12:04:46:b5:a2:22:
47:a6:f4:ed:ae:79:f4:1a:75:1a:a5:7c:71:86:c7:f4:9e:c5:
33:d5:7f:ce:fc:80:2d:6e:fa:12:db:18:41:d8:58:d6:54:90:
36:be:f9:ae:ed:13:b5:95:e1:5b:aa:c8:56:94:42:ee:a7:86:
d8:93:25:98:dd:cf:07:9e:72:75:9f:e8:6d:f5:28:ff:74:ed:
86:65:ec:cc:d4:22:f9:92:c5:da:50:fb:00:6f:e3:f9:b7:f6:
b5:c5:83:8e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbU6Dgw2TXQbKfUM7v7V7dZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTE1MTcwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmQ3MDBkNGFkNzg2MzRhZjQ0N2VkMWJlODNkODg5OWFkMjVkZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlImJEEMhDLY8vlbI+1wdl20XnQ4
M1ap22S3RH7eiYt7TYsbUyHoNkJaFXTG/CxSdvRsI6YRGGQCZi8cq/tRBLlHs9iE
kWGfvKkrBdqCc0masPTSACnwMSrp4Ep3/+vGbAlmHT+0GLTcFZqD5kdohwgyVIPZ
iJ8bCYv/IOmraXR1Tf8xFJPTPZvsJHJAkn25i+qEj+t+W8q6Te8/UjAuH9EykBWL
LAWpdUPsEtr3e8AxpIibL/CwP97aUoe2vgoq19dN+jBxaNWRVLORaRF3cRDLlaw8
u0RzUsoda0TGkvUkzQXG2VY+564DikyjknqDodvI3x8GiqBta9qXohOXrwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLLXANSteGNK9EftG+g9iJmtJd2yMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvc3RjQTFLMTRZMHIwUi0wYjZEMkltYTBsM2JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW1OdeTjANBgkqhkiG9w0BAQsFAAOCAQEAS3O5ttekM0RHja2YKSNtLZMa
2HUFj6qlF1LSv/M88v1PKdaWHDEr7xpWLLOQqeAmmZtz7QIz2zLzLJ7Yb3w6tAyE
BEdtVIGlZ1jZ7g1aDnsr8NMiwcNNd57sWnn4rRZY2NWDbvwcnBHQgegfI5ugRZF6
a3IIhEVD71o/zz2guWbV63SIjTAAkQ3wO0o96fWDoUAsBliDsyc4xkUsEgRGtaIi
R6b07a559Bp1GqV8cYbH9J7FM9V/zvyALW76EtsYQdhY1lSQNr75ru0TtZXhW6rI
VpRC7qeG2JMlmN3PB55ydZ/obfUo/3TthmXszNQi+ZLF2lD7AG/j+bf2tcWDjg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:26:14 2025 by rpki-client