Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/uE1S0Qw4FRbiWBQNnQe0IXszYUg.roa
File: uE1S0Qw4FRbiWBQNnQe0IXszYUg.roa (raw, json)
Hash identifier: TzxuaddOZ9jbcN+tCFPgZ8fmLd3xGcowBLBd9iW4gYo=
Subject key identifier: B8:4D:52:D1:0C:38:15:16:E2:58:14:0D:9D:07:B4:21:7B:33:61:48
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019727C200299B24A6ED869101DAF54AB483
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/uE1S0Qw4FRbiWBQNnQe0IXszYUg.roa
Signing time: Sat 31 May 2025 19:11:54 +0000
ROA not before: Sat 31 May 2025 19:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 31 May 2025 20:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:27:c2:00:29:9b:24:a6:ed:86:91:01:da:f5:4a:b4:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 31 19:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b84d52d10c381516e258140d9d07b4217b336148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7a:86:4b:1d:41:f1:2d:da:c5:0c:42:ba:49:
26:b4:2f:bb:b4:ca:21:d3:6e:c3:07:11:d2:4b:a3:
cf:09:b3:4e:de:89:85:84:47:0e:08:61:96:dc:4b:
56:b4:54:cb:6c:24:1f:45:fa:d5:09:62:c5:ea:7d:
43:db:de:77:21:7e:f2:57:d8:e6:a4:d9:28:c7:dc:
89:54:5e:9b:0c:bb:20:b4:82:fa:9b:a4:6b:d4:54:
d7:d1:a4:41:fc:c9:cb:7f:c9:91:16:0d:c9:3d:f6:
8a:d5:0b:aa:be:16:fa:4e:5c:1f:b1:6a:24:23:e9:
ec:d1:db:88:76:63:5a:e8:8c:ed:84:db:81:d6:3a:
d6:be:b3:f2:b8:2a:3d:b2:1b:5f:b5:83:6f:bf:43:
d0:67:7a:61:81:a1:07:a2:96:45:2a:52:d3:04:7a:
1d:21:18:57:37:26:f6:61:0f:a2:a3:c1:69:3d:89:
60:01:6d:2d:34:b5:72:f1:cf:03:60:f6:5b:a9:4f:
89:eb:90:ec:30:83:84:63:c5:ba:88:75:d2:eb:10:
67:d9:f8:d5:0c:3a:cc:a5:f2:45:55:e9:7e:8d:29:
ef:64:87:42:f8:80:e0:26:56:96:67:4c:35:c5:6e:
92:dc:d3:6c:04:e4:3b:7f:b9:f8:ff:d6:7e:7d:b4:
7c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:4D:52:D1:0C:38:15:16:E2:58:14:0D:9D:07:B4:21:7B:33:61:48
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/uE1S0Qw4FRbiWBQNnQe0IXszYUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
a2:eb:b4:cc:43:5f:c9:c4:ab:b7:d8:f0:c6:7e:16:b6:36:60:
96:08:48:5a:e9:33:4a:4f:c0:03:68:17:83:72:fb:b1:be:0d:
5b:e0:20:6d:f7:3e:1f:4b:7d:72:ec:e5:70:ba:26:7a:df:1d:
5a:76:83:60:86:42:ec:8c:9e:f0:00:57:60:f0:d8:df:65:ad:
6a:6e:64:6c:5c:73:7f:91:c6:78:f2:c0:a4:6d:83:03:bf:e0:
2b:b1:dc:c4:fa:72:1b:da:81:e2:d0:0b:84:5c:45:08:e0:fe:
a9:37:0a:35:11:c2:17:8c:2a:e1:83:c5:07:c8:04:a2:e6:7e:
63:c0:21:8d:a3:e1:80:f0:26:9d:a0:ec:75:c8:96:a9:4f:58:
ff:cb:90:1f:fc:e2:6f:56:6f:18:4b:3f:d4:a3:92:cb:c8:86:
9f:36:06:5f:81:c8:5c:39:46:ba:e6:8e:50:d8:e3:b8:a4:6b:
b9:12:a8:db:a4:b9:d7:cc:22:7f:9c:d0:07:1b:2d:cb:d4:15:
d2:ec:de:a0:6b:31:72:01:09:a0:eb:cf:78:2d:0a:c0:dd:90:
ae:63:0a:d7:1f:0f:e4:46:2a:10:cf:6d:a8:d8:e5:ec:79:d7:
e8:77:3e:d7:fd:ad:dc:db:e0:df:f4:24:1a:6c:70:e9:9b:4d:
61:a2:be:4c
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcnwgApmySm7YaRAdr1SrSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTMxMTkxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODRkNTJkMTBjMzgxNTE2ZTI1ODE0MGQ5ZDA3YjQyMTdiMzM2MTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3qGSx1B8S3axQxCukkmtC+7tMoh
027DBxHSS6PPCbNO3omFhEcOCGGW3EtWtFTLbCQfRfrVCWLF6n1D2953IX7yV9jm
pNkox9yJVF6bDLsgtIL6m6Rr1FTX0aRB/MnLf8mRFg3JPfaK1Quqvhb6TlwfsWok
I+ns0duIdmNa6IzthNuB1jrWvrPyuCo9shtftYNvv0PQZ3phgaEHopZFKlLTBHod
IRhXNyb2YQ+io8FpPYlgAW0tNLVy8c8DYPZbqU+J65DsMIOEY8W6iHXS6xBn2fjV
DDrMpfJFVel+jSnvZIdC+IDgJlaWZ0w1xW6S3NNsBOQ7f7n4/9Z+fbR8rQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFLhNUtEMOBUW4lgUDZ0HtCF7M2FIMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvdUUxUzBRdzRGUmJpV0JRTm5RZTBJWHN6WVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQCi67TMQ1/JxKu32PDGfha2NmCWCEha6TNKT8AD
aBeDcvuxvg1b4CBt9z4fS31y7OVwuiZ63x1adoNghkLsjJ7wAFdg8NjfZa1qbmRs
XHN/kcZ48sCkbYMDv+ArsdzE+nIb2oHi0AuEXEUI4P6pNwo1EcIXjCrhg8UHyASi
5n5jwCGNo+GA8CadoOx1yJapT1j/y5Af/OJvVm8YSz/Uo5LLyIafNgZfgchcOUa6
5o5Q2OO4pGu5EqjbpLnXzCJ/nNAHGy3L1BXS7N6gazFyAQmg6894LQrA3ZCuYwrX
Hw/kRioQz22o2OXsedfodz7X/a3c2+Df9CQabHDpm01hor5M
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:38:41 2025 by rpki-client