Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/uIi5WNKa5HhhkQiitWASFHB5ZNg.roa
File: uIi5WNKa5HhhkQiitWASFHB5ZNg.roa (raw, json)
Hash identifier: lUzzAN/VIF9q4ZByJ26EV/xRU21iTUv9z91qAs+eqXw=
Subject key identifier: B8:88:B9:58:D2:9A:E4:78:61:91:08:A2:B5:60:12:14:70:79:64:D8
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197493BAFC402438606951E13EAEC2D1737
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/uIi5WNKa5HhhkQiitWASFHB5ZNg.roa
Signing time: Sat 07 Jun 2025 07:12:17 +0000
ROA not before: Sat 07 Jun 2025 07:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 07 Jun 2025 08:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:49:3b:af:c4:02:43:86:06:95:1e:13:ea:ec:2d:17:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 7 07:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b888b958d29ae478619108a2b5601214707964d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:43:b5:40:93:96:49:ad:60:28:e3:bd:98:81:
22:9d:c2:e4:5f:e0:81:f1:c6:8a:ce:ce:5e:f2:a2:
dc:3b:42:83:50:52:86:7c:88:cd:5e:38:2f:bb:e6:
eb:7d:78:47:2c:66:d3:54:71:66:b5:c3:96:41:1e:
9e:17:cb:87:2e:97:82:03:80:58:27:d9:2a:69:d3:
a9:d5:b2:96:96:fb:ea:2a:e2:24:a8:c4:e7:d1:3c:
2e:75:28:4d:70:bd:75:43:23:31:5b:e2:ef:6a:aa:
10:2c:ef:97:dc:84:2f:7f:6b:ff:85:55:ed:46:0c:
e2:69:95:c6:55:2b:48:3a:b3:2c:34:e3:e4:3b:72:
aa:c4:61:df:1d:e3:82:86:e2:9b:7e:b4:42:07:dc:
3b:03:e2:c8:07:ac:5e:ca:d2:4f:36:38:ff:20:18:
db:b6:52:d8:9c:ef:8a:c0:07:7a:51:f1:c9:f9:52:
7b:23:cd:8a:ea:91:8b:b0:13:36:7f:90:2a:96:5c:
aa:41:01:8d:5f:55:2d:8f:c4:6d:90:86:9c:71:15:
ef:46:a4:7f:81:3f:8a:8f:b3:25:8d:a0:a5:94:c9:
a4:ef:b1:23:5e:54:86:ba:17:7f:57:a2:97:8d:74:
2f:03:43:c4:1e:24:71:82:c8:e4:fa:9b:03:8d:ad:
72:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:88:B9:58:D2:9A:E4:78:61:91:08:A2:B5:60:12:14:70:79:64:D8
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/uIi5WNKa5HhhkQiitWASFHB5ZNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
44:4e:73:ed:23:b7:f5:38:8c:10:38:18:a5:91:b8:e2:91:e2:
67:9d:f3:27:88:32:e9:a8:0b:f8:5c:e9:4d:8f:ce:3f:70:0e:
41:82:b2:c2:ae:21:f7:96:24:5e:93:2d:0d:92:7a:db:02:9c:
15:79:37:dc:d6:98:d4:ff:68:dc:d7:49:68:96:0d:10:c2:51:
64:f1:15:46:50:b6:2d:e2:01:c4:96:36:1f:26:be:0a:ff:c7:
56:49:c4:91:a6:12:29:1d:cc:92:62:0d:bc:dc:17:d3:ff:89:
1d:c3:8e:ee:56:3f:f1:f0:a0:1b:af:82:d1:07:ae:c5:62:4a:
a3:0c:ce:91:e4:0a:ed:df:d5:67:b8:8a:e8:27:6e:1b:95:27:
b3:cd:22:1d:45:9f:6b:ee:d1:6c:af:19:51:42:e5:4e:be:2e:
26:6f:29:98:dd:23:12:b1:fe:99:cc:83:ea:6a:cb:de:19:79:
ca:53:71:3f:83:23:95:a8:f5:0d:5b:bc:e0:d9:ca:72:0f:bc:
d9:d9:24:ac:74:98:48:12:bb:0e:d5:57:32:e1:88:c5:20:6f:
7e:71:08:00:07:6b:59:f7:f5:20:f0:8e:41:72:67:8b:82:b5:
5e:56:7d:d7:3c:57:5d:8d:ba:0b:ec:3a:ca:a7:93:d3:11:2b:
b0:15:21:3e
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZdJO6/EAkOGBpUeE+rsLRc3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA3MDcxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODg4Yjk1OGQyOWFlNDc4NjE5MTA4YTJiNTYwMTIxNDcwNzk2NGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0O1QJOWSa1gKOO9mIEincLkX+CB
8caKzs5e8qLcO0KDUFKGfIjNXjgvu+brfXhHLGbTVHFmtcOWQR6eF8uHLpeCA4BY
J9kqadOp1bKWlvvqKuIkqMTn0TwudShNcL11QyMxW+LvaqoQLO+X3IQvf2v/hVXt
RgziaZXGVStIOrMsNOPkO3KqxGHfHeOChuKbfrRCB9w7A+LIB6xeytJPNjj/IBjb
tlLYnO+KwAd6UfHJ+VJ7I82K6pGLsBM2f5AqllyqQQGNX1Utj8RtkIaccRXvRqR/
gT+Kj7MljaCllMmk77EjXlSGuhd/V6KXjXQvA0PEHiRxgsjk+psDja1yVQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFLiIuVjSmuR4YZEIorVgEhRweWTYMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvdUlpNVdOS2E1SGhoa1FpaXRXQVNGSEI1Wk5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEARE5z7SO39TiM
EDgYpZG44pHiZ53zJ4gy6agL+FzpTY/OP3AOQYKywq4h95YkXpMtDZJ62wKcFXk3
3NaY1P9o3NdJaJYNEMJRZPEVRlC2LeIBxJY2Hya+Cv/HVknEkaYSKR3MkmINvNwX
0/+JHcOO7lY/8fCgG6+C0QeuxWJKowzOkeQK7d/VZ7iK6CduG5Uns80iHUWfa+7R
bK8ZUULlTr4uJm8pmN0jErH+mcyD6mrL3hl5ylNxP4Mjlaj1DVu84NnKcg+82dkk
rHSYSBK7DtVXMuGIxSBvfnEIAAdrWff1IPCOQXJni4K1XlZ91zxXXY26C+w6yqeT
0xErsBUhPg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:21:35 2025 by rpki-client