Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/tYAqm2DK_7z4WZmXFS9cI5QGYIA.roa
File: tYAqm2DK_7z4WZmXFS9cI5QGYIA.roa (raw, json)
Hash identifier: qQITNSz4BYB/C7RyNEvTB9Gj85c0ZGsBSYw+MkLm2a4=
Subject key identifier: B5:80:2A:9B:60:CA:FF:BC:F8:59:99:97:15:2F:5C:23:94:06:60:80
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197335A7DB04EC4FA2A04AD11D2798D772B
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/tYAqm2DK_7z4WZmXFS9cI5QGYIA.roa
Signing time: Tue 03 Jun 2025 01:14:17 +0000
ROA not before: Tue 03 Jun 2025 01:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 03 Jun 2025 02:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:33:5a:7d:b0:4e:c4:fa:2a:04:ad:11:d2:79:8d:77:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 3 01:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5802a9b60caffbcf8599997152f5c2394066080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ba:c0:a8:ca:86:99:99:c6:48:db:bf:21:cc:
7c:2c:fe:86:d1:5f:8f:90:dd:3a:fb:2c:b9:f5:0d:
86:a7:59:a9:d2:bc:a8:1b:9f:b8:2a:49:5f:be:f9:
90:81:db:7f:4c:ad:bc:41:e7:82:c6:4e:83:5f:54:
eb:82:1d:6b:be:fc:41:cd:70:13:fd:f2:7a:e4:d4:
79:50:37:24:67:cf:17:82:9f:28:b3:31:a7:31:58:
04:82:79:c8:d5:fa:45:d3:56:ec:97:5d:c6:44:5d:
37:0d:23:d2:14:49:4d:ee:4a:be:85:c7:ba:e2:e7:
e1:b8:c6:aa:ae:62:f7:1d:af:49:a6:51:9b:48:b2:
e4:11:ff:f9:ae:c0:d7:76:b5:e8:86:9c:e7:b5:62:
3b:08:28:54:64:a5:12:92:18:ac:7a:e4:a6:c4:d2:
95:67:47:d5:dc:c6:a2:40:b8:c7:c9:98:7f:7a:6f:
72:f8:aa:f2:f2:25:a5:5c:63:14:0a:fe:f8:0c:36:
ef:f0:38:1a:d5:27:60:2f:fa:2c:a3:f9:91:18:57:
72:27:b4:71:93:50:f3:9d:0b:e9:24:22:a0:fe:f0:
99:1d:66:36:50:1a:14:2b:85:f3:e8:c7:a3:25:b3:
f4:64:03:a7:6f:e5:da:71:75:17:3d:ab:49:31:90:
d0:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:80:2A:9B:60:CA:FF:BC:F8:59:99:97:15:2F:5C:23:94:06:60:80
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/tYAqm2DK_7z4WZmXFS9cI5QGYIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
aa:8f:c2:b7:d4:d0:6c:c9:55:55:a2:74:5d:27:41:1d:45:cb:
19:c4:bf:86:37:0b:2c:dd:7e:8c:04:70:55:9b:a0:f9:05:59:
d5:7f:78:2c:1d:8c:47:e0:9e:0b:17:0c:cb:c8:10:f1:72:6d:
53:6a:35:32:49:f8:53:67:19:90:58:c7:77:4a:03:8b:03:d6:
9d:84:f1:19:8a:60:33:d6:8b:38:82:d8:7c:c4:f8:a8:2a:d3:
a4:81:fb:b3:c7:72:99:f0:88:e9:aa:e3:8f:79:0b:88:40:48:
1b:6e:e2:af:f8:5c:d2:96:9c:44:06:c7:a5:a4:14:a5:5c:49:
df:0a:86:62:49:0a:5d:97:1e:30:aa:5c:ea:9f:bb:63:ce:ef:
aa:84:8e:14:90:07:58:fa:8b:9e:8f:a0:5b:62:22:e1:c9:e2:
97:28:33:a5:7a:48:eb:7b:c6:ae:3c:2c:98:6f:1d:ea:76:20:
06:13:9a:b1:ad:be:c9:72:c3:27:5a:65:39:0b:70:7f:7f:5f:
71:81:b1:13:4b:b8:96:21:64:f7:67:a5:9e:b0:b7:6a:6f:a2:
a5:79:30:f9:6d:f9:ad:47:6f:55:6a:2e:b4:e2:4a:f3:b9:8c:
de:12:63:eb:79:a0:c1:b1:84:01:3e:88:e3:87:7a:ad:93:77:
2f:e3:20:d6
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZczWn2wTsT6KgStEdJ5jXcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAzMDExNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTgwMmE5YjYwY2FmZmJjZjg1OTk5OTcxNTJmNWMyMzk0MDY2MDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbrAqMqGmZnGSNu/Icx8LP6G0V+P
kN06+yy59Q2Gp1mp0ryoG5+4KklfvvmQgdt/TK28QeeCxk6DX1Trgh1rvvxBzXAT
/fJ65NR5UDckZ88Xgp8oszGnMVgEgnnI1fpF01bsl13GRF03DSPSFElN7kq+hce6
4ufhuMaqrmL3Ha9JplGbSLLkEf/5rsDXdrXohpzntWI7CChUZKUSkhiseuSmxNKV
Z0fV3MaiQLjHyZh/em9y+Kry8iWlXGMUCv74DDbv8Dga1SdgL/oso/mRGFdyJ7Rx
k1DznQvpJCKg/vCZHWY2UBoUK4Xz6MejJbP0ZAOnb+XacXUXPatJMZDQawIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFLWAKptgyv+8+FmZlxUvXCOUBmCAMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvdFlBcW0yREtfN3o0V1ptWEZTOWNJNVFHWUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQCqj8K31NBsyVVVonRdJ0EdRcsZxL+GNwss3X6M
BHBVm6D5BVnVf3gsHYxH4J4LFwzLyBDxcm1TajUySfhTZxmQWMd3SgOLA9adhPEZ
imAz1os4gth8xPioKtOkgfuzx3KZ8IjpquOPeQuIQEgbbuKv+FzSlpxEBselpBSl
XEnfCoZiSQpdlx4wqlzqn7tjzu+qhI4UkAdY+ouej6BbYiLhyeKXKDOlekjre8au
PCyYbx3qdiAGE5qxrb7JcsMnWmU5C3B/f19xgbETS7iWIWT3Z6WesLdqb6KleTD5
bfmtR29Vai604krzuYzeEmPreaDBsYQBPojjh3qtk3cv4yDW
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:45:43 2025 by rpki-client