Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/v2Y7w-INOx4S_-pU7gsC_Wx0Y54.roa
File: v2Y7w-INOx4S_-pU7gsC_Wx0Y54.roa (raw, json)
Hash identifier: BMHzeT6dww4+LRJIKcfG/ureDR/vy8i0WbUfhnrG2kk=
Subject key identifier: BF:66:3B:C3:E2:0D:3B:1E:12:FF:EA:54:EE:0B:02:FD:6C:74:63:9E
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01974B2BE72FB105A04C9207B897E887110F
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/v2Y7w-INOx4S_-pU7gsC_Wx0Y54.roa
Signing time: Sat 07 Jun 2025 16:14:17 +0000
ROA not before: Sat 07 Jun 2025 16:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 07 Jun 2025 17:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4b:2b:e7:2f:b1:05:a0:4c:92:07:b8:97:e8:87:11:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 7 16:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf663bc3e20d3b1e12ffea54ee0b02fd6c74639e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e1:f4:93:f2:5b:e6:79:da:1b:fd:77:a8:d5:
9b:e3:c5:cf:69:d8:f8:8e:aa:a1:a7:c8:25:2b:09:
95:b2:14:dd:6d:9e:e8:e0:1c:19:8c:59:61:f9:d0:
a6:74:b7:73:19:cf:17:ac:ed:e1:cc:b5:57:08:3c:
f5:eb:3a:54:0d:c4:6e:83:f7:b4:aa:da:40:cc:d1:
c1:0b:a5:35:12:2e:4f:af:82:70:9a:43:8c:65:d8:
0f:2c:f1:90:db:6f:3b:cf:a0:2a:17:aa:9c:d0:00:
72:dd:90:66:5e:32:c0:28:a2:fc:66:a7:34:a7:45:
ee:7f:ed:d8:69:7e:1b:aa:3b:f3:2c:66:fe:91:37:
6d:97:03:b4:43:1c:15:e8:56:e2:2e:de:f0:06:a4:
fd:a0:26:a7:c6:b6:a3:51:7a:57:2d:5a:c0:4c:34:
a8:a6:a3:14:a4:f4:92:1a:b2:a9:5f:f8:33:17:2f:
b4:62:d2:6a:b3:36:e2:43:e7:75:b0:26:03:79:1f:
b9:82:09:b7:a5:e2:3b:83:44:9e:59:30:67:73:5a:
78:00:87:51:98:65:e2:7a:ff:ee:b2:12:4e:7b:7b:
54:75:c0:72:5a:87:0e:f4:33:e8:be:c9:39:ea:3b:
c1:d6:47:53:51:b2:72:d9:11:5c:ba:ac:3c:86:ab:
a6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:66:3B:C3:E2:0D:3B:1E:12:FF:EA:54:EE:0B:02:FD:6C:74:63:9E
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/v2Y7w-INOx4S_-pU7gsC_Wx0Y54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
42:b6:7f:3d:4e:7d:2d:52:ae:9d:41:21:4d:9d:63:18:04:32:
72:67:64:46:51:af:1d:8e:e8:38:31:89:2c:ee:50:dc:36:08:
19:43:17:25:22:96:d8:64:3e:04:de:4d:e9:57:00:b4:e1:fe:
4b:8d:86:1d:3e:b6:b6:83:4a:3a:73:9a:67:95:4a:0d:a4:90:
3c:09:86:45:52:92:18:81:ba:15:58:98:d6:e9:5f:64:87:66:
8b:e8:db:c9:bf:53:8b:b9:51:63:ba:6c:00:b0:18:d4:c1:8c:
49:f8:93:74:1a:ea:03:11:8e:d6:8b:87:e1:d4:15:0a:c7:34:
bd:8f:c2:86:c0:a0:3c:a2:2a:23:0f:f3:de:9f:64:2a:ef:65:
c6:67:31:11:a6:8a:45:bb:22:f6:e5:e0:7b:75:b1:b6:5c:56:
dd:16:69:56:7a:0b:a5:f3:6b:ff:aa:1d:90:28:fa:ff:e1:f3:
aa:b4:9a:ee:59:81:93:f4:31:a9:b9:29:48:f9:9d:94:0f:1d:
13:0d:32:d6:04:fc:3d:d2:18:4c:83:27:eb:1b:f2:a8:f4:3d:
64:fa:8f:59:52:79:e2:f9:70:6d:d9:e0:ae:2b:56:7d:13:a6:
98:8d:a3:c0:10:f2:96:2a:2c:6b:0a:49:fb:88:de:93:ab:1f:
86:af:cd:ee
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZdLK+cvsQWgTJIHuJfohxEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA3MTYxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjY2M2JjM2UyMGQzYjFlMTJmZmVhNTRlZTBiMDJmZDZjNzQ2MzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteH0k/Jb5nnaG/13qNWb48XPadj4
jqqhp8glKwmVshTdbZ7o4BwZjFlh+dCmdLdzGc8XrO3hzLVXCDz16zpUDcRug/e0
qtpAzNHBC6U1Ei5Pr4JwmkOMZdgPLPGQ2287z6AqF6qc0ABy3ZBmXjLAKKL8Zqc0
p0Xuf+3YaX4bqjvzLGb+kTdtlwO0QxwV6FbiLt7wBqT9oCanxrajUXpXLVrATDSo
pqMUpPSSGrKpX/gzFy+0YtJqszbiQ+d1sCYDeR+5ggm3peI7g0SeWTBnc1p4AIdR
mGXiev/ushJOe3tUdcByWocO9DPovsk56jvB1kdTUbJy2RFcuqw8hqumnQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFL9mO8PiDTseEv/qVO4LAv1sdGOeMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvdjJZN3ctSU5PeDRTXy1wVTdnc0NfV3gwWTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAQrZ/PU59LVKu
nUEhTZ1jGAQycmdkRlGvHY7oODGJLO5Q3DYIGUMXJSKW2GQ+BN5N6VcAtOH+S42G
HT62toNKOnOaZ5VKDaSQPAmGRVKSGIG6FViY1ulfZIdmi+jbyb9Ti7lRY7psALAY
1MGMSfiTdBrqAxGO1ouH4dQVCsc0vY/ChsCgPKIqIw/z3p9kKu9lxmcxEaaKRbsi
9uXge3WxtlxW3RZpVnoLpfNr/6odkCj6/+HzqrSa7lmBk/QxqbkpSPmdlA8dEw0y
1gT8PdIYTIMn6xvyqPQ9ZPqPWVJ54vlwbdngritWfROmmI2jwBDyliosawpJ+4je
k6sfhq/N7g==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:03:41 2025 by rpki-client