Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/uHCjfYP-xodnKBzxzWuAoZt_-SA.roa
File: uHCjfYP-xodnKBzxzWuAoZt_-SA.roa (raw, json)
Hash identifier: axv7qGWwIwfnlaNVA1Aqq+cFsr338YUKIe7efkPwN04=
Subject key identifier: B8:70:A3:7D:83:FE:C6:87:67:28:1C:F1:CD:6B:80:A1:9B:7F:F9:20
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196F28CC659E36E50A789B8F93B84A3DA50
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/uHCjfYP-xodnKBzxzWuAoZt_-SA.roa
Signing time: Wed 21 May 2025 11:13:53 +0000
ROA not before: Wed 21 May 2025 11:13:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 21 May 2025 12:04:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f2:8c:c6:59:e3:6e:50:a7:89:b8:f9:3b:84:a3:da:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 21 11:13:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b870a37d83fec68767281cf1cd6b80a19b7ff920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:2f:59:aa:9a:ff:5d:25:71:af:26:85:57:df:
30:16:8a:84:7d:bd:1a:cb:bd:2d:c0:b0:e1:8c:1b:
11:d5:f4:58:7a:9a:3a:46:5e:6b:3b:af:70:87:e2:
0f:36:b6:f1:e0:1f:87:e9:3d:30:d1:f6:bc:b6:f0:
b6:e1:25:0c:1d:57:3f:be:ba:9b:66:67:31:e4:61:
af:56:de:49:ed:29:39:d7:b6:f8:bc:2f:58:43:d5:
94:d7:fc:73:9e:f1:f7:2a:46:72:a2:c0:60:0e:f9:
86:9e:3f:a1:0e:32:18:a0:9d:91:62:47:44:d9:3a:
81:9b:48:b5:0c:ec:6a:c1:1b:0d:ad:04:7e:6e:bf:
61:4e:2b:19:36:2a:c2:d9:5e:6f:d7:f0:b4:62:d1:
bd:80:4f:37:5b:05:fd:fb:95:f2:92:ea:93:99:ee:
4a:2b:1b:0c:3b:71:e2:b3:f2:0e:ba:b0:05:3b:6d:
50:5e:c7:b0:06:6b:cb:64:c7:5d:9c:40:ef:79:66:
2e:4f:25:72:d4:e8:a1:8a:72:b6:3a:73:f0:dd:57:
72:ae:3c:b1:3a:a2:8d:98:98:90:6d:ff:af:3a:36:
94:86:5c:ed:db:bd:0f:51:c7:c4:05:9d:63:ac:1f:
0d:d4:c0:1e:d4:6b:cd:d4:de:07:c1:9b:0a:2e:b1:
f9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:70:A3:7D:83:FE:C6:87:67:28:1C:F1:CD:6B:80:A1:9B:7F:F9:20
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/uHCjfYP-xodnKBzxzWuAoZt_-SA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
05:52:7a:86:7c:05:76:54:3d:81:d5:17:d8:43:32:d6:fb:09:
21:3b:50:94:9c:91:f0:5f:90:58:0c:24:8d:54:69:1e:07:db:
07:cc:02:b9:52:00:5d:6d:79:6e:4a:aa:73:97:1c:6f:c0:09:
9b:9d:56:16:6b:1a:3e:f2:e5:3a:51:43:00:02:0b:5f:22:db:
3e:c3:b8:98:ff:0f:30:53:d2:8d:4d:05:4a:52:26:35:bd:05:
26:c8:44:1a:c8:d5:dc:bd:1c:27:a3:04:68:b2:24:09:03:c8:
a5:66:98:51:9d:98:ae:7b:e9:94:24:cd:61:9b:0e:f4:31:96:
72:23:c9:42:cb:be:4c:93:75:cf:6c:1b:5a:24:fb:49:85:23:
40:78:2e:94:3c:10:93:32:65:a9:41:9e:d8:34:3a:71:4d:fc:
f2:70:62:db:ff:6a:16:1e:54:dd:0a:4f:3d:20:d3:0c:a2:b6:
d6:61:ba:b9:db:23:6e:99:66:0f:b3:1f:53:c8:11:0a:14:28:
65:c3:7e:66:e8:f1:59:38:75:34:83:ae:f0:ce:e4:39:1c:0e:
ad:8f:d6:4e:66:f7:43:40:5d:7c:a4:00:4f:d3:95:5f:9a:7d:
47:6c:e9:88:d1:e4:cc:b7:3c:2f:f9:b4:16:9f:99:d0:36:a6:
a5:96:cd:20
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbyjMZZ425Qp4m4+TuEo9pQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIxMTExMzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODcwYTM3ZDgzZmVjNjg3NjcyODFjZjFjZDZiODBhMTliN2ZmOTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2i9Zqpr/XSVxryaFV98wFoqEfb0a
y70twLDhjBsR1fRYepo6Rl5rO69wh+IPNrbx4B+H6T0w0fa8tvC24SUMHVc/vrqb
Zmcx5GGvVt5J7Sk517b4vC9YQ9WU1/xznvH3KkZyosBgDvmGnj+hDjIYoJ2RYkdE
2TqBm0i1DOxqwRsNrQR+br9hTisZNirC2V5v1/C0YtG9gE83WwX9+5XykuqTme5K
KxsMO3His/IOurAFO21QXsewBmvLZMddnEDveWYuTyVy1OihinK2OnPw3Vdyrjyx
OqKNmJiQbf+vOjaUhlzt270PUcfEBZ1jrB8N1MAe1GvN1N4HwZsKLrH5KwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLhwo32D/saHZygc8c1rgKGbf/kgMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvdUhDamZZUC14b2RuS0J6eHpXdUFvWnRfLVNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEABVJ6hnwFdlQ9gdUX2EMy1vsJ
ITtQlJyR8F+QWAwkjVRpHgfbB8wCuVIAXW15bkqqc5ccb8AJm51WFmsaPvLlOlFD
AAILXyLbPsO4mP8PMFPSjU0FSlImNb0FJshEGsjV3L0cJ6MEaLIkCQPIpWaYUZ2Y
rnvplCTNYZsO9DGWciPJQsu+TJN1z2wbWiT7SYUjQHgulDwQkzJlqUGe2DQ6cU38
8nBi2/9qFh5U3QpPPSDTDKK21mG6udsjbplmD7MfU8gRChQoZcN+ZujxWTh1NIOu
8M7kORwOrY/WTmb3Q0BdfKQAT9OVX5p9R2zpiNHkzLc8L/m0Fp+Z0DampZbNIA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:44:17 2025 by rpki-client