Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/tCm6p9VHLlWUvBLoTM9YEJ0kvto.roa
File: tCm6p9VHLlWUvBLoTM9YEJ0kvto.roa (raw, json)
Hash identifier: eRbnlQdryLlKmib65Cppz2Kgx/1/WaxMGesgmv0eiaU=
Subject key identifier: B4:29:BA:A7:D5:47:2E:55:94:BC:12:E8:4C:CF:58:10:9D:24:BE:DA
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019729B237725A3C3EE1BE1413159C4862C2
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/tCm6p9VHLlWUvBLoTM9YEJ0kvto.roa
Signing time: Sun 01 Jun 2025 04:13:54 +0000
ROA not before: Sun 01 Jun 2025 04:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 01 Jun 2025 05:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:29:b2:37:72:5a:3c:3e:e1:be:14:13:15:9c:48:62:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 1 04:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b429baa7d5472e5594bc12e84ccf58109d24beda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:62:cc:d5:48:7d:39:75:30:93:05:e4:74:65:
9f:31:98:a4:86:14:f4:83:6d:b8:22:7d:74:b3:e7:
39:b6:c6:0e:32:88:a5:77:9d:a3:41:19:ef:68:30:
47:c4:d5:85:2f:1b:93:d1:b1:ea:db:09:47:23:1f:
79:92:c8:65:ef:a9:a8:b4:5b:50:39:10:20:77:82:
f9:a1:7b:85:a0:91:2c:83:c3:02:c8:b3:00:0d:4f:
45:31:a3:66:9f:2d:32:75:bb:95:4e:64:ec:12:dd:
96:4f:e3:8f:53:2d:40:d3:b0:7d:22:19:a1:5a:03:
5a:01:9b:f9:3e:58:09:e8:2c:4b:c0:c1:a1:a6:5b:
d3:91:82:79:b6:66:af:64:6a:0c:1a:52:21:b5:b5:
25:1b:cd:f7:0f:bc:fa:c5:8f:a4:0d:ab:6c:96:de:
cb:31:ab:b9:e4:d9:94:9d:f4:fa:8e:d4:ce:35:ce:
27:1f:02:b1:36:50:80:23:c8:89:c8:76:df:13:df:
9e:0a:36:1d:14:df:44:70:ff:f5:20:58:ce:94:ec:
76:07:9a:c5:d9:ef:90:e0:04:58:58:5c:da:67:03:
37:2f:82:ed:2f:69:ce:a0:b9:52:05:5f:37:04:d8:
64:a3:d5:f3:55:99:cd:49:d2:88:8f:f6:ee:f7:d1:
04:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:29:BA:A7:D5:47:2E:55:94:BC:12:E8:4C:CF:58:10:9D:24:BE:DA
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/tCm6p9VHLlWUvBLoTM9YEJ0kvto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
48:b3:ab:5c:41:bf:54:93:c2:19:ae:0c:55:56:e4:d5:be:fa:
71:1e:77:c4:da:fe:be:e5:d1:a8:d4:56:45:90:d0:68:6e:64:
7d:1e:2c:04:68:c3:3f:47:c0:b3:86:5d:3f:27:57:60:a4:99:
d1:3f:c1:15:78:d3:77:76:dc:11:7c:31:a7:65:1b:e4:5d:68:
c8:5f:4e:a9:ee:3b:71:ba:fb:76:d2:e4:41:e5:9d:ed:ff:d4:
c6:56:2d:6b:fb:ed:ee:d5:b7:e0:80:3d:8d:37:7f:52:6f:c3:
3e:61:82:65:19:29:b1:52:65:d7:d9:aa:5d:58:90:1c:39:7d:
7d:c0:33:e6:ee:a3:f0:a4:08:8c:70:e9:91:e9:11:18:c2:08:
4f:e2:27:8d:4b:99:11:c6:78:bb:4a:54:5d:d8:ea:e7:ac:3e:
9b:46:54:8d:d4:70:5f:86:54:14:61:c7:f1:7e:63:b4:74:63:
5c:78:0e:b8:ab:de:cb:36:e6:e2:b7:33:9b:54:96:c4:12:cc:
b5:82:1e:96:38:4c:dd:a6:ac:ab:81:a1:ab:22:5c:33:40:7a:
a7:3e:7a:c3:9c:3c:a8:47:67:f9:6d:56:42:c7:16:6a:ae:3f:
44:02:14:f4:62:fb:c3:95:23:c0:bc:9a:5d:7c:9e:0e:67:14:
ae:78:19:f5
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcpsjdyWjw+4b4UExWcSGLCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAxMDQxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDI5YmFhN2Q1NDcyZTU1OTRiYzEyZTg0Y2NmNTgxMDlkMjRiZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWLM1Uh9OXUwkwXkdGWfMZikhhT0
g224In10s+c5tsYOMoild52jQRnvaDBHxNWFLxuT0bHq2wlHIx95kshl76motFtQ
ORAgd4L5oXuFoJEsg8MCyLMADU9FMaNmny0ydbuVTmTsEt2WT+OPUy1A07B9Ihmh
WgNaAZv5PlgJ6CxLwMGhplvTkYJ5tmavZGoMGlIhtbUlG833D7z6xY+kDatslt7L
Mau55NmUnfT6jtTONc4nHwKxNlCAI8iJyHbfE9+eCjYdFN9EcP/1IFjOlOx2B5rF
2e+Q4ARYWFzaZwM3L4LtL2nOoLlSBV83BNhko9XzVZnNSdKIj/bu99EEnQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFLQpuqfVRy5VlLwS6EzPWBCdJL7aMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvdENtNnA5VkhMbFdVdkJMb1RNOVlFSjBrdnRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQBIs6tcQb9Uk8IZrgxVVuTVvvpxHnfE2v6+5dGo
1FZFkNBobmR9HiwEaMM/R8Czhl0/J1dgpJnRP8EVeNN3dtwRfDGnZRvkXWjIX06p
7jtxuvt20uRB5Z3t/9TGVi1r++3u1bfggD2NN39Sb8M+YYJlGSmxUmXX2apdWJAc
OX19wDPm7qPwpAiMcOmR6REYwghP4ieNS5kRxni7SlRd2OrnrD6bRlSN1HBfhlQU
YcfxfmO0dGNceA64q97LNubitzObVJbEEsy1gh6WOEzdpqyrgaGrIlwzQHqnPnrD
nDyoR2f5bVZCxxZqrj9EAhT0YvvDlSPAvJpdfJ4OZxSueBn1
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:55:50 2025 by rpki-client